mosquito-transport 1.4.7 → 1.4.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +4 -0
- package/lib/helpers/utils.js +1 -0
- package/lib/index.d.ts +24 -3
- package/lib/index.js +3 -2
- package/lib/products/auth/customAuth.js +9 -3
- package/package.json +3 -2
package/README.md
CHANGED
|
@@ -591,6 +591,10 @@ serverApp.listenDeletedUser(uid => {
|
|
|
591
591
|
});
|
|
592
592
|
```
|
|
593
593
|
|
|
594
|
+
### parseToken
|
|
595
|
+
|
|
596
|
+
parse jwt token
|
|
597
|
+
|
|
594
598
|
### verifyToken
|
|
595
599
|
|
|
596
600
|
verify token to check if it was trully created using signerKey without checking against the expiry or local token reference
|
package/lib/helpers/utils.js
CHANGED
package/lib/index.d.ts
CHANGED
|
@@ -453,13 +453,29 @@ interface UserProfile {
|
|
|
453
453
|
interface AuthData {
|
|
454
454
|
email?: string;
|
|
455
455
|
metadata: Object;
|
|
456
|
-
signupMethod: 'google' | 'apple' | 'custom' | '
|
|
456
|
+
signupMethod: 'google' | 'apple' | 'custom' | 'github' | 'twitter' | 'facebook' | string;
|
|
457
|
+
currentAuthMethod: 'google' | 'apple' | 'custom' | 'github' | 'twitter' | 'facebook' | string;
|
|
457
458
|
joinedOn: number;
|
|
458
459
|
uid: string;
|
|
459
460
|
claims: Object;
|
|
460
461
|
emailVerified: boolean;
|
|
461
|
-
|
|
462
|
+
tokenID: string;
|
|
462
463
|
disabled: boolean;
|
|
464
|
+
entityOf: string;
|
|
465
|
+
profile: {
|
|
466
|
+
photo: string;
|
|
467
|
+
name: string;
|
|
468
|
+
},
|
|
469
|
+
exp: number;
|
|
470
|
+
aud: string;
|
|
471
|
+
iss: string;
|
|
472
|
+
sub: string;
|
|
473
|
+
}
|
|
474
|
+
|
|
475
|
+
interface RefreshTokenData {
|
|
476
|
+
uid: string;
|
|
477
|
+
tokenID: string;
|
|
478
|
+
isRefreshToken: true;
|
|
463
479
|
}
|
|
464
480
|
|
|
465
481
|
interface UserData extends AuthData {
|
|
@@ -557,6 +573,11 @@ export default class MosquitoTransportServer {
|
|
|
557
573
|
* @param uid uid of the user you are signing out
|
|
558
574
|
*/
|
|
559
575
|
signOutUser(uid: string): Promise<void>;
|
|
576
|
+
|
|
577
|
+
/**
|
|
578
|
+
* parse jwt token
|
|
579
|
+
*/
|
|
580
|
+
parseToken(token: string): AuthData;
|
|
560
581
|
|
|
561
582
|
/**
|
|
562
583
|
* verify token to check if it was trully created using signerKey without checking against the expiry or local token reference
|
|
@@ -572,7 +593,7 @@ export default class MosquitoTransportServer {
|
|
|
572
593
|
* @param token - the token to be validated
|
|
573
594
|
* @param isRefreshToken - set this to true if token is a refresh token
|
|
574
595
|
*/
|
|
575
|
-
validateToken(token: string, isRefreshToken?: boolean): Promise<AuthData>;
|
|
596
|
+
validateToken(token: string, isRefreshToken?: boolean): Promise<AuthData | RefreshTokenData>;
|
|
576
597
|
|
|
577
598
|
/**
|
|
578
599
|
* remove local reference of a token
|
package/lib/index.js
CHANGED
|
@@ -4,7 +4,7 @@ import { databaseLivePath, databaseLiveRoutes, databaseRoutes, emitDatabase, rea
|
|
|
4
4
|
import { authLivePath, authLiveRoutes, authRoutes } from "./products/auth/index.js";
|
|
5
5
|
import { removeVideoFreezer, storageRoutes } from "./products/storage/index.js";
|
|
6
6
|
import { Scoped } from "./helpers/variables.js";
|
|
7
|
-
import { IS_JSON_OBJECT, IS_RAW_OBJECT, IS_WHOLE_NUMBER, deserializeE2E, getStringExtension, interpolate, niceTry, requestURL, serializeE2E, simplifyCaughtError, simplifyError } from "./helpers/utils.js";
|
|
7
|
+
import { IS_JSON_OBJECT, IS_RAW_OBJECT, IS_WHOLE_NUMBER, decodeBinary, deserializeE2E, getStringExtension, interpolate, niceTry, requestURL, serializeE2E, simplifyCaughtError, simplifyError } from "./helpers/utils.js";
|
|
8
8
|
import { getDB } from "./products/database/base.js";
|
|
9
9
|
import { releaseTokenSelfDestruction, validateJWT, verifyJWT } from "./products/auth/tokenizer.js";
|
|
10
10
|
import { ADMIN_DB_NAME, ADMIN_DB_URL, EngineRoutes, STORAGE_FREEZER_DIR, STORAGE_PATH, STORAGE_PREFIX_PATH, STORAGE_ROUTE, STORAGE_URL_TO_FILE, one_hour, one_mb, one_minute } from "./helpers/values.js";
|
|
@@ -605,7 +605,8 @@ export default class MosquitoTransportServer {
|
|
|
605
605
|
]);
|
|
606
606
|
SignoutUserSignal.dispatch('d', uid);
|
|
607
607
|
}
|
|
608
|
-
|
|
608
|
+
|
|
609
|
+
parseToken = (token) => JSON.parse(decodeBinary(token.split('.')[1]));
|
|
609
610
|
verifyToken = (token, isRefreshToken) => verifyJWT(token, this.projectName, isRefreshToken);
|
|
610
611
|
validateToken = (token, isRefreshToken) => validateJWT(token, this.projectName, isRefreshToken);
|
|
611
612
|
invalidateToken = (token, isRefreshToken) => invalidateToken(token, this.projectName, isRefreshToken);
|
|
@@ -47,6 +47,7 @@ export const signupCustom = async (email = '', password = '', signupMethod = 'cu
|
|
|
47
47
|
const [token, refreshToken, acctRes] = await Promise.all([
|
|
48
48
|
signJWT({
|
|
49
49
|
...tokenData,
|
|
50
|
+
entityOf: refreshTokenID,
|
|
50
51
|
uid: newUid,
|
|
51
52
|
tokenID,
|
|
52
53
|
lastLoginAt: Date.now()
|
|
@@ -138,7 +139,8 @@ export const signinCustom = async (email = '', password = '', signinMethod = 'cu
|
|
|
138
139
|
profile,
|
|
139
140
|
disabled: !!disabled,
|
|
140
141
|
tokenID,
|
|
141
|
-
lastLoginAt: Date.now()
|
|
142
|
+
lastLoginAt: Date.now(),
|
|
143
|
+
entityOf: refreshTokenID
|
|
142
144
|
};
|
|
143
145
|
|
|
144
146
|
if (disabled) throw simplifyError('account_disable', 'You cannot sign into this account because it has been disabled');
|
|
@@ -171,7 +173,7 @@ export const signinCustom = async (email = '', password = '', signinMethod = 'cu
|
|
|
171
173
|
}
|
|
172
174
|
|
|
173
175
|
export const refreshToken = async ({ token, refToken }, projectName) => {
|
|
174
|
-
const [{ uid, currentAuthMethod, lastLoginAt }, refAuth] = await Promise.all([
|
|
176
|
+
const [{ uid, currentAuthMethod, lastLoginAt, entityOf }, refAuth] = await Promise.all([
|
|
175
177
|
verifyJWT(token, projectName),
|
|
176
178
|
validateRefreshToken(refToken, projectName)
|
|
177
179
|
]);
|
|
@@ -179,6 +181,9 @@ export const refreshToken = async ({ token, refToken }, projectName) => {
|
|
|
179
181
|
if (uid !== refAuth.uid)
|
|
180
182
|
throw simplifyError('token_mismatch', 'The accessToken and refreshToken are not meant for eachother');
|
|
181
183
|
|
|
184
|
+
if (entityOf !== refAuth.tokenID)
|
|
185
|
+
throw simplifyError('entity_mismatch', 'This accessToken doesn\'t belong to the provided refreshToken');
|
|
186
|
+
|
|
182
187
|
const userData = await readDocument({
|
|
183
188
|
path: EnginePath.userAcct,
|
|
184
189
|
find: { _id: uid }
|
|
@@ -200,7 +205,8 @@ export const refreshToken = async ({ token, refToken }, projectName) => {
|
|
|
200
205
|
profile,
|
|
201
206
|
disabled,
|
|
202
207
|
lastLoginAt,
|
|
203
|
-
tokenID: newTokenID
|
|
208
|
+
tokenID: newTokenID,
|
|
209
|
+
entityOf: refAuth.tokenID
|
|
204
210
|
};
|
|
205
211
|
|
|
206
212
|
if (disabled)
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "mosquito-transport",
|
|
3
|
-
"version": "1.4.
|
|
3
|
+
"version": "1.4.8",
|
|
4
4
|
"description": "MosquitoTransport is a powerful tool that helps persist and synchronize data between your MongoDB database and frontend applications",
|
|
5
5
|
"main": "lib/index.js",
|
|
6
6
|
"type": "module",
|
|
@@ -32,6 +32,7 @@
|
|
|
32
32
|
},
|
|
33
33
|
"homepage": "https://github.com/deflexable/mosquito-transport#readme",
|
|
34
34
|
"dependencies": {
|
|
35
|
+
"buffer": "^6.0.3",
|
|
35
36
|
"compression": "^1.7.4",
|
|
36
37
|
"cors": "^2.8.5",
|
|
37
38
|
"express": "^4.18.2",
|
|
@@ -50,4 +51,4 @@
|
|
|
50
51
|
"@types/mongodb": "^4.0.7",
|
|
51
52
|
"eslint": "^8.23.1"
|
|
52
53
|
}
|
|
53
|
-
}
|
|
54
|
+
}
|