payload 3.66.0 → 3.67.0-internal.1ea538b

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (121) hide show
  1. package/dist/auth/operations/forgotPassword.d.ts.map +1 -1
  2. package/dist/auth/operations/forgotPassword.js +7 -12
  3. package/dist/auth/operations/forgotPassword.js.map +1 -1
  4. package/dist/auth/operations/login.d.ts.map +1 -1
  5. package/dist/auth/operations/login.js +7 -12
  6. package/dist/auth/operations/login.js.map +1 -1
  7. package/dist/auth/operations/refresh.d.ts.map +1 -1
  8. package/dist/auth/operations/refresh.js +7 -12
  9. package/dist/auth/operations/refresh.js.map +1 -1
  10. package/dist/auth/operations/resetPassword.d.ts.map +1 -1
  11. package/dist/auth/operations/resetPassword.js +7 -12
  12. package/dist/auth/operations/resetPassword.js.map +1 -1
  13. package/dist/auth/operations/unlock.d.ts.map +1 -1
  14. package/dist/auth/operations/unlock.js +14 -1
  15. package/dist/auth/operations/unlock.js.map +1 -1
  16. package/dist/collections/config/sanitize.d.ts.map +1 -1
  17. package/dist/collections/config/sanitize.js +2 -0
  18. package/dist/collections/config/sanitize.js.map +1 -1
  19. package/dist/collections/config/types.d.ts +7 -19
  20. package/dist/collections/config/types.d.ts.map +1 -1
  21. package/dist/collections/config/types.js.map +1 -1
  22. package/dist/collections/operations/count.d.ts.map +1 -1
  23. package/dist/collections/operations/count.js +7 -12
  24. package/dist/collections/operations/count.js.map +1 -1
  25. package/dist/collections/operations/countVersions.d.ts.map +1 -1
  26. package/dist/collections/operations/countVersions.js +7 -12
  27. package/dist/collections/operations/countVersions.js.map +1 -1
  28. package/dist/collections/operations/create.d.ts.map +1 -1
  29. package/dist/collections/operations/create.js +10 -14
  30. package/dist/collections/operations/create.js.map +1 -1
  31. package/dist/collections/operations/delete.d.ts.map +1 -1
  32. package/dist/collections/operations/delete.js +9 -13
  33. package/dist/collections/operations/delete.js.map +1 -1
  34. package/dist/collections/operations/deleteByID.d.ts.map +1 -1
  35. package/dist/collections/operations/deleteByID.js +9 -13
  36. package/dist/collections/operations/deleteByID.js.map +1 -1
  37. package/dist/collections/operations/find.d.ts.map +1 -1
  38. package/dist/collections/operations/find.js +9 -13
  39. package/dist/collections/operations/find.js.map +1 -1
  40. package/dist/collections/operations/findByID.d.ts.map +1 -1
  41. package/dist/collections/operations/findByID.js +22 -26
  42. package/dist/collections/operations/findByID.js.map +1 -1
  43. package/dist/collections/operations/findDistinct.d.ts.map +1 -1
  44. package/dist/collections/operations/findDistinct.js +7 -12
  45. package/dist/collections/operations/findDistinct.js.map +1 -1
  46. package/dist/collections/operations/findVersionByID.d.ts.map +1 -1
  47. package/dist/collections/operations/findVersionByID.js +20 -1
  48. package/dist/collections/operations/findVersionByID.js.map +1 -1
  49. package/dist/collections/operations/findVersions.d.ts.map +1 -1
  50. package/dist/collections/operations/findVersions.js +24 -5
  51. package/dist/collections/operations/findVersions.js.map +1 -1
  52. package/dist/collections/operations/restoreVersion.d.ts.map +1 -1
  53. package/dist/collections/operations/restoreVersion.js +9 -13
  54. package/dist/collections/operations/restoreVersion.js.map +1 -1
  55. package/dist/collections/operations/update.d.ts.map +1 -1
  56. package/dist/collections/operations/update.js +9 -13
  57. package/dist/collections/operations/update.js.map +1 -1
  58. package/dist/collections/operations/updateByID.d.ts.map +1 -1
  59. package/dist/collections/operations/updateByID.js +7 -12
  60. package/dist/collections/operations/updateByID.js.map +1 -1
  61. package/dist/collections/operations/utilities/buildAfterOperation.d.ts +6 -0
  62. package/dist/collections/operations/utilities/buildAfterOperation.d.ts.map +1 -0
  63. package/dist/collections/operations/{utils.js → utilities/buildAfterOperation.js} +1 -1
  64. package/dist/collections/operations/utilities/buildAfterOperation.js.map +1 -0
  65. package/dist/collections/operations/utilities/buildBeforeOperation.d.ts +47 -0
  66. package/dist/collections/operations/utilities/buildBeforeOperation.d.ts.map +1 -0
  67. package/dist/collections/operations/utilities/buildBeforeOperation.js +25 -0
  68. package/dist/collections/operations/utilities/buildBeforeOperation.js.map +1 -0
  69. package/dist/collections/operations/utilities/types.d.ts +216 -0
  70. package/dist/collections/operations/utilities/types.d.ts.map +1 -0
  71. package/dist/collections/operations/utilities/types.js +23 -0
  72. package/dist/collections/operations/utilities/types.js.map +1 -0
  73. package/dist/collections/operations/utilities/update.d.ts.map +1 -1
  74. package/dist/collections/operations/utilities/update.js +4 -2
  75. package/dist/collections/operations/utilities/update.js.map +1 -1
  76. package/dist/config/sanitize.d.ts.map +1 -1
  77. package/dist/config/sanitize.js +2 -2
  78. package/dist/config/sanitize.js.map +1 -1
  79. package/dist/exports/shared.d.ts +1 -0
  80. package/dist/exports/shared.d.ts.map +1 -1
  81. package/dist/exports/shared.js +1 -0
  82. package/dist/exports/shared.js.map +1 -1
  83. package/dist/fields/baseFields/slug/generateSlug.d.ts.map +1 -1
  84. package/dist/fields/baseFields/slug/generateSlug.js +2 -2
  85. package/dist/fields/baseFields/slug/generateSlug.js.map +1 -1
  86. package/dist/fields/config/types.d.ts +2 -0
  87. package/dist/fields/config/types.d.ts.map +1 -1
  88. package/dist/fields/config/types.js.map +1 -1
  89. package/dist/globals/config/types.d.ts +1 -1
  90. package/dist/globals/config/types.d.ts.map +1 -1
  91. package/dist/globals/config/types.js.map +1 -1
  92. package/dist/globals/operations/findOne.d.ts.map +1 -1
  93. package/dist/globals/operations/findOne.js +4 -3
  94. package/dist/globals/operations/findOne.js.map +1 -1
  95. package/dist/globals/operations/update.d.ts.map +1 -1
  96. package/dist/globals/operations/update.js +3 -2
  97. package/dist/globals/operations/update.js.map +1 -1
  98. package/dist/index.bundled.d.ts +200 -119
  99. package/dist/utilities/getVersionsConfig.d.ts +37 -0
  100. package/dist/utilities/getVersionsConfig.d.ts.map +1 -0
  101. package/dist/utilities/getVersionsConfig.js +44 -0
  102. package/dist/utilities/getVersionsConfig.js.map +1 -0
  103. package/dist/versions/buildCollectionFields.d.ts.map +1 -1
  104. package/dist/versions/buildCollectionFields.js +3 -2
  105. package/dist/versions/buildCollectionFields.js.map +1 -1
  106. package/dist/versions/buildGlobalFields.d.ts.map +1 -1
  107. package/dist/versions/buildGlobalFields.js +3 -2
  108. package/dist/versions/buildGlobalFields.js.map +1 -1
  109. package/dist/versions/getLatestCollectionVersion.d.ts.map +1 -1
  110. package/dist/versions/getLatestCollectionVersion.js +3 -1
  111. package/dist/versions/getLatestCollectionVersion.js.map +1 -1
  112. package/dist/versions/getLatestGlobalVersion.d.ts.map +1 -1
  113. package/dist/versions/getLatestGlobalVersion.js +3 -2
  114. package/dist/versions/getLatestGlobalVersion.js.map +1 -1
  115. package/dist/versions/saveVersion.d.ts.map +1 -1
  116. package/dist/versions/saveVersion.js +2 -1
  117. package/dist/versions/saveVersion.js.map +1 -1
  118. package/package.json +2 -2
  119. package/dist/collections/operations/utils.d.ts +0 -105
  120. package/dist/collections/operations/utils.d.ts.map +0 -1
  121. package/dist/collections/operations/utils.js.map +0 -1
package/dist/auth/operations/forgotPassword.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"forgotPassword.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/forgotPassword.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EACV,gCAAgC,EAChC,UAAU,EACX,MAAM,mCAAmC,CAAA;AAC1C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AACpD,OAAO,KAAK,EAAE,cAAc,EAAS,MAAM,sBAAsB,CAAA;AAYjE,MAAM,MAAM,SAAS,CAAC,KAAK,SAAS,cAAc,IAAI;IACpD,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE;QACJ,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;KACvB,GAAG,gCAAgC,CAAC,KAAK,CAAC,CAAC,gBAAgB,CAAC,CAAA;IAC7D,YAAY,CAAC,EAAE,OAAO,CAAA;IACtB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,MAAM,MAAM,MAAM,GAAG,MAAM,CAAA;AAE3B,eAAO,MAAM,uBAAuB,GAAU,KAAK,SAAS,cAAc,gBAC1D,SAAS,CAAC,KAAK,CAAC,KAC7B,OAAO,CAAC,IAAI,GAAG,MAAM,CAqMvB,CAAA"}
1
+ {"version":3,"file":"forgotPassword.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/forgotPassword.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EACV,gCAAgC,EAChC,UAAU,EACX,MAAM,mCAAmC,CAAA;AAC1C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AACpD,OAAO,KAAK,EAAE,cAAc,EAAS,MAAM,sBAAsB,CAAA;AAajE,MAAM,MAAM,SAAS,CAAC,KAAK,SAAS,cAAc,IAAI;IACpD,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE;QACJ,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;KACvB,GAAG,gCAAgC,CAAC,KAAK,CAAC,CAAC,gBAAgB,CAAC,CAAA;IAC7D,YAAY,CAAC,EAAE,OAAO,CAAA;IACtB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,MAAM,MAAM,MAAM,GAAG,MAAM,CAAA;AAE3B,eAAO,MAAM,uBAAuB,GAAU,KAAK,SAAS,cAAc,gBAC1D,SAAS,CAAC,KAAK,CAAC,KAC7B,OAAO,CAAC,IAAI,GAAG,MAAM,CA6LvB,CAAA"}
package/dist/auth/operations/forgotPassword.js CHANGED
@@ -1,7 +1,8 @@
1
1
  import crypto from 'crypto';
2
2
  import { status as httpStatus } from 'http-status';
3
3
  import { URL } from 'url';
4
- import { buildAfterOperation } from '../../collections/operations/utils.js';
4
+ import { buildAfterOperation } from '../../collections/operations/utilities/buildAfterOperation.js';
5
+ import { buildBeforeOperation } from '../../collections/operations/utilities/buildBeforeOperation.js';
5
6
  import { APIError } from '../../errors/index.js';
6
7
  import { Forbidden } from '../../index.js';
7
8
  import { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js';
@@ -28,17 +29,11 @@ export const forgotPasswordOperation = async (incomingArgs)=>{
28
29
  // /////////////////////////////////////
29
30
  // beforeOperation - Collection
30
31
  // /////////////////////////////////////
31
- if (args.collection.config.hooks?.beforeOperation?.length) {
32
- for (const hook of args.collection.config.hooks.beforeOperation){
33
- args = await hook({
34
- args,
35
- collection: args.collection?.config,
36
- context: args.req.context,
37
- operation: 'forgotPassword',
38
- req: args.req
39
- }) || args;
40
- }
41
- }
32
+ args = await buildBeforeOperation({
33
+ args,
34
+ collection: args.collection.config,
35
+ operation: 'forgotPassword'
36
+ });
42
37
  const { collection: { config: collectionConfig }, disableEmail, expiration, req: { payload: { config, email }, payload }, req } = args;
43
38
  // /////////////////////////////////////
44
39
  // Forget password
package/dist/auth/operations/forgotPassword.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../src/auth/operations/forgotPassword.ts"],"sourcesContent":["import crypto from 'crypto'\nimport { status as httpStatus } from 'http-status'\nimport { URL } from 'url'\n\nimport type {\n AuthOperationsFromCollectionSlug,\n Collection,\n} from '../../collections/config/types.js'\nimport type { CollectionSlug } from '../../index.js'\nimport type { PayloadRequest, Where } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utils.js'\nimport { APIError } from '../../errors/index.js'\nimport { Forbidden } from '../../index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\nimport { commitTransaction } from '../../utilities/commitTransaction.js'\nimport { formatAdminURL } from '../../utilities/formatAdminURL.js'\nimport { initTransaction } from '../../utilities/initTransaction.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { getLoginOptions } from '../getLoginOptions.js'\n\nexport type Arguments<TSlug extends CollectionSlug> = {\n collection: Collection\n data: {\n [key: string]: unknown\n } & AuthOperationsFromCollectionSlug<TSlug>['forgotPassword']\n disableEmail?: boolean\n expiration?: number\n req: PayloadRequest\n}\n\nexport type Result = string\n\nexport const forgotPasswordOperation = async <TSlug extends CollectionSlug>(\n incomingArgs: Arguments<TSlug>,\n): Promise<null | string> => {\n const loginWithUsername = incomingArgs.collection.config.auth.loginWithUsername\n const { data } = incomingArgs\n\n const { canLoginWithEmail, canLoginWithUsername } = getLoginOptions(loginWithUsername)\n\n const sanitizedEmail =\n (canLoginWithEmail && (incomingArgs.data.email || '').toLowerCase().trim()) || null\n const sanitizedUsername =\n 'username' in data && typeof data?.username === 'string'\n ? data.username.toLowerCase().trim()\n : null\n\n let args = incomingArgs\n\n if (incomingArgs.collection.config.auth.disableLocalStrategy) {\n throw new Forbidden(incomingArgs.req.t)\n }\n if (!sanitizedEmail && !sanitizedUsername) {\n throw new APIError(\n `Missing ${loginWithUsername ? 'username' : 'email'}.`,\n httpStatus.BAD_REQUEST,\n )\n }\n\n try {\n const shouldCommit = await initTransaction(args.req)\n\n // /////////////////////////////////////\n // beforeOperation - Collection\n // /////////////////////////////////////\n\n if (args.collection.config.hooks?.beforeOperation?.length) {\n for (const hook of args.collection.config.hooks.beforeOperation) {\n args =\n (await hook({\n args,\n collection: args.collection?.config,\n context: args.req.context,\n operation: 'forgotPassword',\n req: args.req,\n })) || args\n }\n }\n\n const {\n collection: { config: collectionConfig },\n disableEmail,\n expiration,\n req: {\n payload: { config, email },\n payload,\n },\n req,\n } = args\n\n // /////////////////////////////////////\n // Forget password\n // /////////////////////////////////////\n\n let token: string = crypto.randomBytes(20).toString('hex')\n type UserDoc = {\n email?: string\n id: number | string\n resetPasswordExpiration?: string\n resetPasswordToken?: string\n }\n\n if (!sanitizedEmail && !sanitizedUsername) {\n throw new APIError(\n `Missing ${loginWithUsername ? 'username' : 'email'}.`,\n httpStatus.BAD_REQUEST,\n )\n }\n\n let whereConstraint: Where = {}\n\n if (canLoginWithEmail && sanitizedEmail) {\n whereConstraint = {\n email: {\n equals: sanitizedEmail,\n },\n }\n } else if (canLoginWithUsername && sanitizedUsername) {\n whereConstraint = {\n username: {\n equals: sanitizedUsername,\n },\n }\n }\n\n // Exclude trashed users unless `trash: true`\n whereConstraint = appendNonTrashedFilter({\n enableTrash: collectionConfig.trash,\n trash: false,\n where: whereConstraint,\n })\n\n let user = await payload.db.findOne<UserDoc>({\n collection: collectionConfig.slug,\n req,\n where: whereConstraint,\n })\n\n // We don't want to indicate specifically that an email was not found,\n // as doing so could lead to the exposure of registered emails.\n // Therefore, we prefer to fail silently.\n if (!user) {\n await commitTransaction(args.req)\n return null\n }\n\n const resetPasswordExpiration = new Date(\n Date.now() + (collectionConfig.auth?.forgotPassword?.expiration ?? expiration ?? 3600000),\n ).toISOString()\n\n user = await payload.update({\n id: user.id,\n collection: collectionConfig.slug,\n data: {\n resetPasswordExpiration,\n resetPasswordToken: token,\n },\n req,\n })\n\n if (!disableEmail && user.email) {\n const protocol = new URL(req.url!).protocol // includes the final :\n const serverURL =\n config.serverURL !== null && config.serverURL !== ''\n ? config.serverURL\n : `${protocol}//${req.headers.get('host')}`\n const forgotURL = formatAdminURL({\n adminRoute: config.routes.admin,\n path: `${config.admin.routes.reset}/${token}`,\n serverURL,\n })\n let html = `${req.t('authentication:youAreReceivingResetPassword')}\n <a href=\"${forgotURL}\">${forgotURL}</a>\n ${req.t('authentication:youDidNotRequestPassword')}`\n\n if (typeof collectionConfig.auth.forgotPassword?.generateEmailHTML === 'function') {\n html = await collectionConfig.auth.forgotPassword.generateEmailHTML({\n req,\n token,\n user,\n })\n }\n\n let subject = req.t('authentication:resetYourPassword')\n\n if (typeof collectionConfig.auth.forgotPassword?.generateEmailSubject === 'function') {\n subject = await collectionConfig.auth.forgotPassword.generateEmailSubject({\n req,\n token,\n user,\n })\n }\n\n await email.sendEmail({\n from: `\"${email.defaultFromName}\" <${email.defaultFromAddress}>`,\n html,\n subject,\n to: user.email,\n })\n }\n\n // /////////////////////////////////////\n // afterForgotPassword - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.afterForgotPassword?.length) {\n for (const hook of collectionConfig.hooks.afterForgotPassword) {\n await hook({ args, collection: args.collection?.config, context: req.context })\n }\n }\n\n // /////////////////////////////////////\n // afterOperation - Collection\n // /////////////////////////////////////\n\n token = await buildAfterOperation({\n args,\n collection: args.collection?.config,\n operation: 'forgotPassword',\n result: token,\n })\n\n if (shouldCommit) {\n await commitTransaction(req)\n }\n\n return token\n } catch (error: unknown) {\n await killTransaction(args.req)\n throw error\n }\n}\n"],"names":["crypto","status","httpStatus","URL","buildAfterOperation","APIError","Forbidden","appendNonTrashedFilter","commitTransaction","formatAdminURL","initTransaction","killTransaction","getLoginOptions","forgotPasswordOperation","incomingArgs","loginWithUsername","collection","config","auth","data","canLoginWithEmail","canLoginWithUsername","sanitizedEmail","email","toLowerCase","trim","sanitizedUsername","username","args","disableLocalStrategy","req","t","BAD_REQUEST","shouldCommit","hooks","beforeOperation","length","hook","context","operation","collectionConfig","disableEmail","expiration","payload","token","randomBytes","toString","whereConstraint","equals","enableTrash","trash","where","user","db","findOne","slug","resetPasswordExpiration","Date","now","forgotPassword","toISOString","update","id","resetPasswordToken","protocol","url","serverURL","headers","get","forgotURL","adminRoute","routes","admin","path","reset","html","generateEmailHTML","subject","generateEmailSubject","sendEmail","from","defaultFromName","defaultFromAddress","to","afterForgotPassword","result","error"],"mappings":"AAAA,OAAOA,YAAY,SAAQ;AAC3B,SAASC,UAAUC,UAAU,QAAQ,cAAa;AAClD,SAASC,GAAG,QAAQ,MAAK;AASzB,SAASC,mBAAmB,QAAQ,wCAAuC;AAC3E,SAASC,QAAQ,QAAQ,wBAAuB;AAChD,SAASC,SAAS,QAAQ,iBAAgB;AAC1C,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,iBAAiB,QAAQ,uCAAsC;AACxE,SAASC,cAAc,QAAQ,oCAAmC;AAClE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,wBAAuB;AAcvD,OAAO,MAAMC,0BAA0B,OACrCC;IAEA,MAAMC,oBAAoBD,aAAaE,UAAU,CAACC,MAAM,CAACC,IAAI,CAACH,iBAAiB;IAC/E,MAAM,EAAEI,IAAI,EAAE,GAAGL;IAEjB,MAAM,EAAEM,iBAAiB,EAAEC,oBAAoB,EAAE,GAAGT,gBAAgBG;IAEpE,MAAMO,iBACJ,AAACF,qBAAqB,AAACN,CAAAA,aAAaK,IAAI,CAACI,KAAK,IAAI,EAAC,EAAGC,WAAW,GAAGC,IAAI,MAAO;IACjF,MAAMC,oBACJ,cAAcP,QAAQ,OAAOA,MAAMQ,aAAa,WAC5CR,KAAKQ,QAAQ,CAACH,WAAW,GAAGC,IAAI,KAChC;IAEN,IAAIG,OAAOd;IAEX,IAAIA,aAAaE,UAAU,CAACC,MAAM,CAACC,IAAI,CAACW,oBAAoB,EAAE;QAC5D,MAAM,IAAIvB,UAAUQ,aAAagB,GAAG,CAACC,CAAC;IACxC;IACA,IAAI,CAACT,kBAAkB,CAACI,mBAAmB;QACzC,MAAM,IAAIrB,SACR,CAAC,QAAQ,EAAEU,oBAAoB,aAAa,QAAQ,CAAC,CAAC,EACtDb,WAAW8B,WAAW;IAE1B;IAEA,IAAI;QACF,MAAMC,eAAe,MAAMvB,gBAAgBkB,KAAKE,GAAG;QAEnD,wCAAwC;QACxC,+BAA+B;QAC/B,wCAAwC;QAExC,IAAIF,KAAKZ,UAAU,CAACC,MAAM,CAACiB,KAAK,EAAEC,iBAAiBC,QAAQ;YACzD,KAAK,MAAMC,QAAQT,KAAKZ,UAAU,CAACC,MAAM,CAACiB,KAAK,CAACC,eAAe,CAAE;gBAC/DP,OACE,AAAC,MAAMS,KAAK;oBACVT;oBACAZ,YAAYY,KAAKZ,UAAU,EAAEC;oBAC7BqB,SAASV,KAAKE,GAAG,CAACQ,OAAO;oBACzBC,WAAW;oBACXT,KAAKF,KAAKE,GAAG;gBACf,MAAOF;YACX;QACF;QAEA,MAAM,EACJZ,YAAY,EAAEC,QAAQuB,gBAAgB,EAAE,EACxCC,YAAY,EACZC,UAAU,EACVZ,KAAK,EACHa,SAAS,EAAE1B,MAAM,EAAEM,KAAK,EAAE,EAC1BoB,OAAO,EACR,EACDb,GAAG,EACJ,GAAGF;QAEJ,wCAAwC;QACxC,kBAAkB;QAClB,wCAAwC;QAExC,IAAIgB,QAAgB5C,OAAO6C,WAAW,CAAC,IAAIC,QAAQ,CAAC;QAQpD,IAAI,CAACxB,kBAAkB,CAACI,mBAAmB;YACzC,MAAM,IAAIrB,SACR,CAAC,QAAQ,EAAEU,oBAAoB,aAAa,QAAQ,CAAC,CAAC,EACtDb,WAAW8B,WAAW;QAE1B;QAEA,IAAIe,kBAAyB,CAAC;QAE9B,IAAI3B,qBAAqBE,gBAAgB;YACvCyB,kBAAkB;gBAChBxB,OAAO;oBACLyB,QAAQ1B;gBACV;YACF;QACF,OAAO,IAAID,wBAAwBK,mBAAmB;YACpDqB,kBAAkB;gBAChBpB,UAAU;oBACRqB,QAAQtB;gBACV;YACF;QACF;QAEA,6CAA6C;QAC7CqB,kBAAkBxC,uBAAuB;YACvC0C,aAAaT,iBAAiBU,KAAK;YACnCA,OAAO;YACPC,OAAOJ;QACT;QAEA,IAAIK,OAAO,MAAMT,QAAQU,EAAE,CAACC,OAAO,CAAU;YAC3CtC,YAAYwB,iBAAiBe,IAAI;YACjCzB;YACAqB,OAAOJ;QACT;QAEA,sEAAsE;QACtE,+DAA+D;QAC/D,yCAAyC;QACzC,IAAI,CAACK,MAAM;YACT,MAAM5C,kBAAkBoB,KAAKE,GAAG;YAChC,OAAO;QACT;QAEA,MAAM0B,0BAA0B,IAAIC,KAClCA,KAAKC,GAAG,KAAMlB,CAAAA,iBAAiBtB,IAAI,EAAEyC,gBAAgBjB,cAAcA,cAAc,OAAM,GACvFkB,WAAW;QAEbR,OAAO,MAAMT,QAAQkB,MAAM,CAAC;YAC1BC,IAAIV,KAAKU,EAAE;YACX9C,YAAYwB,iBAAiBe,IAAI;YACjCpC,MAAM;gBACJqC;gBACAO,oBAAoBnB;YACtB;YACAd;QACF;QAEA,IAAI,CAACW,gBAAgBW,KAAK7B,KAAK,EAAE;YAC/B,MAAMyC,WAAW,IAAI7D,IAAI2B,IAAImC,GAAG,EAAGD,QAAQ,CAAC,uBAAuB;;YACnE,MAAME,YACJjD,OAAOiD,SAAS,KAAK,QAAQjD,OAAOiD,SAAS,KAAK,KAC9CjD,OAAOiD,SAAS,GAChB,GAAGF,SAAS,EAAE,EAAElC,IAAIqC,OAAO,CAACC,GAAG,CAAC,SAAS;YAC/C,MAAMC,YAAY5D,eAAe;gBAC/B6D,YAAYrD,OAAOsD,MAAM,CAACC,KAAK;gBAC/BC,MAAM,GAAGxD,OAAOuD,KAAK,CAACD,MAAM,CAACG,KAAK,CAAC,CAAC,EAAE9B,OAAO;gBAC7CsB;YACF;YACA,IAAIS,OAAO,GAAG7C,IAAIC,CAAC,CAAC,+CAA+C;aAC5D,EAAEsC,UAAU,EAAE,EAAEA,UAAU;IACnC,EAAEvC,IAAIC,CAAC,CAAC,4CAA4C;YAElD,IAAI,OAAOS,iBAAiBtB,IAAI,CAACyC,cAAc,EAAEiB,sBAAsB,YAAY;gBACjFD,OAAO,MAAMnC,iBAAiBtB,IAAI,CAACyC,cAAc,CAACiB,iBAAiB,CAAC;oBAClE9C;oBACAc;oBACAQ;gBACF;YACF;YAEA,IAAIyB,UAAU/C,IAAIC,CAAC,CAAC;YAEpB,IAAI,OAAOS,iBAAiBtB,IAAI,CAACyC,cAAc,EAAEmB,yBAAyB,YAAY;gBACpFD,UAAU,MAAMrC,iBAAiBtB,IAAI,CAACyC,cAAc,CAACmB,oBAAoB,CAAC;oBACxEhD;oBACAc;oBACAQ;gBACF;YACF;YAEA,MAAM7B,MAAMwD,SAAS,CAAC;gBACpBC,MAAM,CAAC,CAAC,EAAEzD,MAAM0D,eAAe,CAAC,GAAG,EAAE1D,MAAM2D,kBAAkB,CAAC,CAAC,CAAC;gBAChEP;gBACAE;gBACAM,IAAI/B,KAAK7B,KAAK;YAChB;QACF;QAEA,wCAAwC;QACxC,mCAAmC;QACnC,wCAAwC;QAExC,IAAIiB,iBAAiBN,KAAK,EAAEkD,qBAAqBhD,QAAQ;YACvD,KAAK,MAAMC,QAAQG,iBAAiBN,KAAK,CAACkD,mBAAmB,CAAE;gBAC7D,MAAM/C,KAAK;oBAAET;oBAAMZ,YAAYY,KAAKZ,UAAU,EAAEC;oBAAQqB,SAASR,IAAIQ,OAAO;gBAAC;YAC/E;QACF;QAEA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExCM,QAAQ,MAAMxC,oBAAoB;YAChCwB;YACAZ,YAAYY,KAAKZ,UAAU,EAAEC;YAC7BsB,WAAW;YACX8C,QAAQzC;QACV;QAEA,IAAIX,cAAc;YAChB,MAAMzB,kBAAkBsB;QAC1B;QAEA,OAAOc;IACT,EAAE,OAAO0C,OAAgB;QACvB,MAAM3E,gBAAgBiB,KAAKE,GAAG;QAC9B,MAAMwD;IACR;AACF,EAAC"}
1
+ {"version":3,"sources":["../../../src/auth/operations/forgotPassword.ts"],"sourcesContent":["import crypto from 'crypto'\nimport { status as httpStatus } from 'http-status'\nimport { URL } from 'url'\n\nimport type {\n AuthOperationsFromCollectionSlug,\n Collection,\n} from '../../collections/config/types.js'\nimport type { CollectionSlug } from '../../index.js'\nimport type { PayloadRequest, Where } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utilities/buildAfterOperation.js'\nimport { buildBeforeOperation } from '../../collections/operations/utilities/buildBeforeOperation.js'\nimport { APIError } from '../../errors/index.js'\nimport { Forbidden } from '../../index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\nimport { commitTransaction } from '../../utilities/commitTransaction.js'\nimport { formatAdminURL } from '../../utilities/formatAdminURL.js'\nimport { initTransaction } from '../../utilities/initTransaction.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { getLoginOptions } from '../getLoginOptions.js'\n\nexport type Arguments<TSlug extends CollectionSlug> = {\n collection: Collection\n data: {\n [key: string]: unknown\n } & AuthOperationsFromCollectionSlug<TSlug>['forgotPassword']\n disableEmail?: boolean\n expiration?: number\n req: PayloadRequest\n}\n\nexport type Result = string\n\nexport const forgotPasswordOperation = async <TSlug extends CollectionSlug>(\n incomingArgs: Arguments<TSlug>,\n): Promise<null | string> => {\n const loginWithUsername = incomingArgs.collection.config.auth.loginWithUsername\n const { data } = incomingArgs\n\n const { canLoginWithEmail, canLoginWithUsername } = getLoginOptions(loginWithUsername)\n\n const sanitizedEmail =\n (canLoginWithEmail && (incomingArgs.data.email || '').toLowerCase().trim()) || null\n const sanitizedUsername =\n 'username' in data && typeof data?.username === 'string'\n ? data.username.toLowerCase().trim()\n : null\n\n let args = incomingArgs\n\n if (incomingArgs.collection.config.auth.disableLocalStrategy) {\n throw new Forbidden(incomingArgs.req.t)\n }\n if (!sanitizedEmail && !sanitizedUsername) {\n throw new APIError(\n `Missing ${loginWithUsername ? 'username' : 'email'}.`,\n httpStatus.BAD_REQUEST,\n )\n }\n\n try {\n const shouldCommit = await initTransaction(args.req)\n\n // /////////////////////////////////////\n // beforeOperation - Collection\n // /////////////////////////////////////\n args = await buildBeforeOperation({\n args,\n collection: args.collection.config,\n operation: 'forgotPassword',\n })\n\n const {\n collection: { config: collectionConfig },\n disableEmail,\n expiration,\n req: {\n payload: { config, email },\n payload,\n },\n req,\n } = args\n\n // /////////////////////////////////////\n // Forget password\n // /////////////////////////////////////\n\n let token: string = crypto.randomBytes(20).toString('hex')\n type UserDoc = {\n email?: string\n id: number | string\n resetPasswordExpiration?: string\n resetPasswordToken?: string\n }\n\n if (!sanitizedEmail && !sanitizedUsername) {\n throw new APIError(\n `Missing ${loginWithUsername ? 'username' : 'email'}.`,\n httpStatus.BAD_REQUEST,\n )\n }\n\n let whereConstraint: Where = {}\n\n if (canLoginWithEmail && sanitizedEmail) {\n whereConstraint = {\n email: {\n equals: sanitizedEmail,\n },\n }\n } else if (canLoginWithUsername && sanitizedUsername) {\n whereConstraint = {\n username: {\n equals: sanitizedUsername,\n },\n }\n }\n\n // Exclude trashed users unless `trash: true`\n whereConstraint = appendNonTrashedFilter({\n enableTrash: collectionConfig.trash,\n trash: false,\n where: whereConstraint,\n })\n\n let user = await payload.db.findOne<UserDoc>({\n collection: collectionConfig.slug,\n req,\n where: whereConstraint,\n })\n\n // We don't want to indicate specifically that an email was not found,\n // as doing so could lead to the exposure of registered emails.\n // Therefore, we prefer to fail silently.\n if (!user) {\n await commitTransaction(args.req)\n return null\n }\n\n const resetPasswordExpiration = new Date(\n Date.now() + (collectionConfig.auth?.forgotPassword?.expiration ?? expiration ?? 3600000),\n ).toISOString()\n\n user = await payload.update({\n id: user.id,\n collection: collectionConfig.slug,\n data: {\n resetPasswordExpiration,\n resetPasswordToken: token,\n },\n req,\n })\n\n if (!disableEmail && user.email) {\n const protocol = new URL(req.url!).protocol // includes the final :\n const serverURL =\n config.serverURL !== null && config.serverURL !== ''\n ? config.serverURL\n : `${protocol}//${req.headers.get('host')}`\n const forgotURL = formatAdminURL({\n adminRoute: config.routes.admin,\n path: `${config.admin.routes.reset}/${token}`,\n serverURL,\n })\n let html = `${req.t('authentication:youAreReceivingResetPassword')}\n <a href=\"${forgotURL}\">${forgotURL}</a>\n ${req.t('authentication:youDidNotRequestPassword')}`\n\n if (typeof collectionConfig.auth.forgotPassword?.generateEmailHTML === 'function') {\n html = await collectionConfig.auth.forgotPassword.generateEmailHTML({\n req,\n token,\n user,\n })\n }\n\n let subject = req.t('authentication:resetYourPassword')\n\n if (typeof collectionConfig.auth.forgotPassword?.generateEmailSubject === 'function') {\n subject = await collectionConfig.auth.forgotPassword.generateEmailSubject({\n req,\n token,\n user,\n })\n }\n\n await email.sendEmail({\n from: `\"${email.defaultFromName}\" <${email.defaultFromAddress}>`,\n html,\n subject,\n to: user.email,\n })\n }\n\n // /////////////////////////////////////\n // afterForgotPassword - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.afterForgotPassword?.length) {\n for (const hook of collectionConfig.hooks.afterForgotPassword) {\n await hook({ args, collection: args.collection?.config, context: req.context })\n }\n }\n\n // /////////////////////////////////////\n // afterOperation - Collection\n // /////////////////////////////////////\n\n token = await buildAfterOperation({\n args,\n collection: args.collection?.config,\n operation: 'forgotPassword',\n result: token,\n })\n\n if (shouldCommit) {\n await commitTransaction(req)\n }\n\n return token\n } catch (error: unknown) {\n await killTransaction(args.req)\n throw error\n }\n}\n"],"names":["crypto","status","httpStatus","URL","buildAfterOperation","buildBeforeOperation","APIError","Forbidden","appendNonTrashedFilter","commitTransaction","formatAdminURL","initTransaction","killTransaction","getLoginOptions","forgotPasswordOperation","incomingArgs","loginWithUsername","collection","config","auth","data","canLoginWithEmail","canLoginWithUsername","sanitizedEmail","email","toLowerCase","trim","sanitizedUsername","username","args","disableLocalStrategy","req","t","BAD_REQUEST","shouldCommit","operation","collectionConfig","disableEmail","expiration","payload","token","randomBytes","toString","whereConstraint","equals","enableTrash","trash","where","user","db","findOne","slug","resetPasswordExpiration","Date","now","forgotPassword","toISOString","update","id","resetPasswordToken","protocol","url","serverURL","headers","get","forgotURL","adminRoute","routes","admin","path","reset","html","generateEmailHTML","subject","generateEmailSubject","sendEmail","from","defaultFromName","defaultFromAddress","to","hooks","afterForgotPassword","length","hook","context","result","error"],"mappings":"AAAA,OAAOA,YAAY,SAAQ;AAC3B,SAASC,UAAUC,UAAU,QAAQ,cAAa;AAClD,SAASC,GAAG,QAAQ,MAAK;AASzB,SAASC,mBAAmB,QAAQ,gEAA+D;AACnG,SAASC,oBAAoB,QAAQ,iEAAgE;AACrG,SAASC,QAAQ,QAAQ,wBAAuB;AAChD,SAASC,SAAS,QAAQ,iBAAgB;AAC1C,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,iBAAiB,QAAQ,uCAAsC;AACxE,SAASC,cAAc,QAAQ,oCAAmC;AAClE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,wBAAuB;AAcvD,OAAO,MAAMC,0BAA0B,OACrCC;IAEA,MAAMC,oBAAoBD,aAAaE,UAAU,CAACC,MAAM,CAACC,IAAI,CAACH,iBAAiB;IAC/E,MAAM,EAAEI,IAAI,EAAE,GAAGL;IAEjB,MAAM,EAAEM,iBAAiB,EAAEC,oBAAoB,EAAE,GAAGT,gBAAgBG;IAEpE,MAAMO,iBACJ,AAACF,qBAAqB,AAACN,CAAAA,aAAaK,IAAI,CAACI,KAAK,IAAI,EAAC,EAAGC,WAAW,GAAGC,IAAI,MAAO;IACjF,MAAMC,oBACJ,cAAcP,QAAQ,OAAOA,MAAMQ,aAAa,WAC5CR,KAAKQ,QAAQ,CAACH,WAAW,GAAGC,IAAI,KAChC;IAEN,IAAIG,OAAOd;IAEX,IAAIA,aAAaE,UAAU,CAACC,MAAM,CAACC,IAAI,CAACW,oBAAoB,EAAE;QAC5D,MAAM,IAAIvB,UAAUQ,aAAagB,GAAG,CAACC,CAAC;IACxC;IACA,IAAI,CAACT,kBAAkB,CAACI,mBAAmB;QACzC,MAAM,IAAIrB,SACR,CAAC,QAAQ,EAAEU,oBAAoB,aAAa,QAAQ,CAAC,CAAC,EACtDd,WAAW+B,WAAW;IAE1B;IAEA,IAAI;QACF,MAAMC,eAAe,MAAMvB,gBAAgBkB,KAAKE,GAAG;QAEnD,wCAAwC;QACxC,+BAA+B;QAC/B,wCAAwC;QACxCF,OAAO,MAAMxB,qBAAqB;YAChCwB;YACAZ,YAAYY,KAAKZ,UAAU,CAACC,MAAM;YAClCiB,WAAW;QACb;QAEA,MAAM,EACJlB,YAAY,EAAEC,QAAQkB,gBAAgB,EAAE,EACxCC,YAAY,EACZC,UAAU,EACVP,KAAK,EACHQ,SAAS,EAAErB,MAAM,EAAEM,KAAK,EAAE,EAC1Be,OAAO,EACR,EACDR,GAAG,EACJ,GAAGF;QAEJ,wCAAwC;QACxC,kBAAkB;QAClB,wCAAwC;QAExC,IAAIW,QAAgBxC,OAAOyC,WAAW,CAAC,IAAIC,QAAQ,CAAC;QAQpD,IAAI,CAACnB,kBAAkB,CAACI,mBAAmB;YACzC,MAAM,IAAIrB,SACR,CAAC,QAAQ,EAAEU,oBAAoB,aAAa,QAAQ,CAAC,CAAC,EACtDd,WAAW+B,WAAW;QAE1B;QAEA,IAAIU,kBAAyB,CAAC;QAE9B,IAAItB,qBAAqBE,gBAAgB;YACvCoB,kBAAkB;gBAChBnB,OAAO;oBACLoB,QAAQrB;gBACV;YACF;QACF,OAAO,IAAID,wBAAwBK,mBAAmB;YACpDgB,kBAAkB;gBAChBf,UAAU;oBACRgB,QAAQjB;gBACV;YACF;QACF;QAEA,6CAA6C;QAC7CgB,kBAAkBnC,uBAAuB;YACvCqC,aAAaT,iBAAiBU,KAAK;YACnCA,OAAO;YACPC,OAAOJ;QACT;QAEA,IAAIK,OAAO,MAAMT,QAAQU,EAAE,CAACC,OAAO,CAAU;YAC3CjC,YAAYmB,iBAAiBe,IAAI;YACjCpB;YACAgB,OAAOJ;QACT;QAEA,sEAAsE;QACtE,+DAA+D;QAC/D,yCAAyC;QACzC,IAAI,CAACK,MAAM;YACT,MAAMvC,kBAAkBoB,KAAKE,GAAG;YAChC,OAAO;QACT;QAEA,MAAMqB,0BAA0B,IAAIC,KAClCA,KAAKC,GAAG,KAAMlB,CAAAA,iBAAiBjB,IAAI,EAAEoC,gBAAgBjB,cAAcA,cAAc,OAAM,GACvFkB,WAAW;QAEbR,OAAO,MAAMT,QAAQkB,MAAM,CAAC;YAC1BC,IAAIV,KAAKU,EAAE;YACXzC,YAAYmB,iBAAiBe,IAAI;YACjC/B,MAAM;gBACJgC;gBACAO,oBAAoBnB;YACtB;YACAT;QACF;QAEA,IAAI,CAACM,gBAAgBW,KAAKxB,KAAK,EAAE;YAC/B,MAAMoC,WAAW,IAAIzD,IAAI4B,IAAI8B,GAAG,EAAGD,QAAQ,CAAC,uBAAuB;;YACnE,MAAME,YACJ5C,OAAO4C,SAAS,KAAK,QAAQ5C,OAAO4C,SAAS,KAAK,KAC9C5C,OAAO4C,SAAS,GAChB,GAAGF,SAAS,EAAE,EAAE7B,IAAIgC,OAAO,CAACC,GAAG,CAAC,SAAS;YAC/C,MAAMC,YAAYvD,eAAe;gBAC/BwD,YAAYhD,OAAOiD,MAAM,CAACC,KAAK;gBAC/BC,MAAM,GAAGnD,OAAOkD,KAAK,CAACD,MAAM,CAACG,KAAK,CAAC,CAAC,EAAE9B,OAAO;gBAC7CsB;YACF;YACA,IAAIS,OAAO,GAAGxC,IAAIC,CAAC,CAAC,+CAA+C;aAC5D,EAAEiC,UAAU,EAAE,EAAEA,UAAU;IACnC,EAAElC,IAAIC,CAAC,CAAC,4CAA4C;YAElD,IAAI,OAAOI,iBAAiBjB,IAAI,CAACoC,cAAc,EAAEiB,sBAAsB,YAAY;gBACjFD,OAAO,MAAMnC,iBAAiBjB,IAAI,CAACoC,cAAc,CAACiB,iBAAiB,CAAC;oBAClEzC;oBACAS;oBACAQ;gBACF;YACF;YAEA,IAAIyB,UAAU1C,IAAIC,CAAC,CAAC;YAEpB,IAAI,OAAOI,iBAAiBjB,IAAI,CAACoC,cAAc,EAAEmB,yBAAyB,YAAY;gBACpFD,UAAU,MAAMrC,iBAAiBjB,IAAI,CAACoC,cAAc,CAACmB,oBAAoB,CAAC;oBACxE3C;oBACAS;oBACAQ;gBACF;YACF;YAEA,MAAMxB,MAAMmD,SAAS,CAAC;gBACpBC,MAAM,CAAC,CAAC,EAAEpD,MAAMqD,eAAe,CAAC,GAAG,EAAErD,MAAMsD,kBAAkB,CAAC,CAAC,CAAC;gBAChEP;gBACAE;gBACAM,IAAI/B,KAAKxB,KAAK;YAChB;QACF;QAEA,wCAAwC;QACxC,mCAAmC;QACnC,wCAAwC;QAExC,IAAIY,iBAAiB4C,KAAK,EAAEC,qBAAqBC,QAAQ;YACvD,KAAK,MAAMC,QAAQ/C,iBAAiB4C,KAAK,CAACC,mBAAmB,CAAE;gBAC7D,MAAME,KAAK;oBAAEtD;oBAAMZ,YAAYY,KAAKZ,UAAU,EAAEC;oBAAQkE,SAASrD,IAAIqD,OAAO;gBAAC;YAC/E;QACF;QAEA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExC5C,QAAQ,MAAMpC,oBAAoB;YAChCyB;YACAZ,YAAYY,KAAKZ,UAAU,EAAEC;YAC7BiB,WAAW;YACXkD,QAAQ7C;QACV;QAEA,IAAIN,cAAc;YAChB,MAAMzB,kBAAkBsB;QAC1B;QAEA,OAAOS;IACT,EAAE,OAAO8C,OAAgB;QACvB,MAAM1E,gBAAgBiB,KAAKE,GAAG;QAC9B,MAAMuD;IACR;AACF,EAAC"}
package/dist/auth/operations/login.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/login.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,gCAAgC,EAChC,UAAU,EACV,sBAAsB,EACvB,MAAM,mCAAmC,CAAA;AAC1C,OAAO,KAAK,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAC/D,OAAO,KAAK,EAAE,cAAc,EAAS,MAAM,sBAAsB,CAAA;AAuBjE,MAAM,MAAM,MAAM,GAAG;IACnB,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,IAAI,CAAC,EAAE,SAAS,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,SAAS,CAAC,KAAK,SAAS,cAAc,IAAI;IACpD,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE,gCAAgC,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,CAAA;IACtD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,GAAG,EAAE,cAAc,CAAA;IACnB,gBAAgB,CAAC,EAAE,OAAO,CAAA;CAC3B,CAAA;AAED,KAAK,wBAAwB,GAAG;IAC9B,qBAAqB,CAAC,EAAE,OAAO,CAAA;IAC/B,GAAG,EAAE,cAAc,CAAA;IACnB,IAAI,EAAE,GAAG,CAAA;CACV,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,oBAAoB,0CAI9B,wBAAwB,SAQ1B,CAAA;AAED,eAAO,MAAM,cAAc,GAAU,KAAK,SAAS,cAAc,gBACjD,SAAS,CAAC,KAAK,CAAC,KAC7B,OAAO,CAAC;IAAE,IAAI,EAAE,sBAAsB,CAAC,KAAK,CAAC,CAAA;CAAE,GAAG,MAAM,CAkV1D,CAAA"}
1
+ {"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/login.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,gCAAgC,EAChC,UAAU,EACV,sBAAsB,EACvB,MAAM,mCAAmC,CAAA;AAC1C,OAAO,KAAK,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAC/D,OAAO,KAAK,EAAE,cAAc,EAAS,MAAM,sBAAsB,CAAA;AAwBjE,MAAM,MAAM,MAAM,GAAG;IACnB,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,IAAI,CAAC,EAAE,SAAS,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,SAAS,CAAC,KAAK,SAAS,cAAc,IAAI;IACpD,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE,gCAAgC,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,CAAA;IACtD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,GAAG,EAAE,cAAc,CAAA;IACnB,gBAAgB,CAAC,EAAE,OAAO,CAAA;CAC3B,CAAA;AAED,KAAK,wBAAwB,GAAG;IAC9B,qBAAqB,CAAC,EAAE,OAAO,CAAA;IAC/B,GAAG,EAAE,cAAc,CAAA;IACnB,IAAI,EAAE,GAAG,CAAA;CACV,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,oBAAoB,0CAI9B,wBAAwB,SAQ1B,CAAA;AAED,eAAO,MAAM,cAAc,GAAU,KAAK,SAAS,cAAc,gBACjD,SAAS,CAAC,KAAK,CAAC,KAC7B,OAAO,CAAC;IAAE,IAAI,EAAE,sBAAsB,CAAC,KAAK,CAAC,CAAA;CAAE,GAAG,MAAM,CA2U1D,CAAA"}
package/dist/auth/operations/login.js CHANGED
@@ -1,4 +1,5 @@
1
- import { buildAfterOperation } from '../../collections/operations/utils.js';
1
+ import { buildAfterOperation } from '../../collections/operations/utilities/buildAfterOperation.js';
2
+ import { buildBeforeOperation } from '../../collections/operations/utilities/buildBeforeOperation.js';
2
3
  import { AuthenticationError, LockedAuth, UnverifiedEmail, ValidationError } from '../../errors/index.js';
3
4
  import { afterRead } from '../../fields/hooks/afterRead/index.js';
4
5
  import { Forbidden } from '../../index.js';
@@ -34,17 +35,11 @@ export const loginOperation = async (incomingArgs)=>{
34
35
  // /////////////////////////////////////
35
36
  // beforeOperation - Collection
36
37
  // /////////////////////////////////////
37
- if (args.collection.config.hooks?.beforeOperation?.length) {
38
- for (const hook of args.collection.config.hooks.beforeOperation){
39
- args = await hook({
40
- args,
41
- collection: args.collection?.config,
42
- context: args.req.context,
43
- operation: 'login',
44
- req: args.req
45
- }) || args;
46
- }
47
- }
38
+ args = await buildBeforeOperation({
39
+ args,
40
+ collection: args.collection.config,
41
+ operation: 'login'
42
+ });
48
43
  const { collection: { config: collectionConfig }, data, depth, overrideAccess, req, req: { fallbackLocale, locale, payload, payload: { secret } }, showHiddenFields } = args;
49
44
  // /////////////////////////////////////
50
45
  // Login
package/dist/auth/operations/login.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../src/auth/operations/login.ts"],"sourcesContent":["import type {\n AuthOperationsFromCollectionSlug,\n Collection,\n DataFromCollectionSlug,\n} from '../../collections/config/types.js'\nimport type { CollectionSlug, TypedUser } from '../../index.js'\nimport type { PayloadRequest, Where } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utils.js'\nimport {\n AuthenticationError,\n LockedAuth,\n UnverifiedEmail,\n ValidationError,\n} from '../../errors/index.js'\nimport { afterRead } from '../../fields/hooks/afterRead/index.js'\nimport { Forbidden } from '../../index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { sanitizeInternalFields } from '../../utilities/sanitizeInternalFields.js'\nimport { getFieldsToSign } from '../getFieldsToSign.js'\nimport { getLoginOptions } from '../getLoginOptions.js'\nimport { isUserLocked } from '../isUserLocked.js'\nimport { jwtSign } from '../jwt.js'\nimport { addSessionToUser } from '../sessions.js'\nimport { authenticateLocalStrategy } from '../strategies/local/authenticate.js'\nimport { incrementLoginAttempts } from '../strategies/local/incrementLoginAttempts.js'\nimport { resetLoginAttempts } from '../strategies/local/resetLoginAttempts.js'\n\nexport type Result = {\n exp?: number\n token?: string\n user?: TypedUser\n}\n\nexport type Arguments<TSlug extends CollectionSlug> = {\n collection: Collection\n data: AuthOperationsFromCollectionSlug<TSlug>['login']\n depth?: number\n overrideAccess?: boolean\n req: PayloadRequest\n showHiddenFields?: boolean\n}\n\ntype CheckLoginPermissionArgs = {\n loggingInWithUsername?: boolean\n req: PayloadRequest\n user: any\n}\n\n/**\n * Throws an error if the user is locked or does not exist.\n * This does not check the login attempts, only the lock status. Whoever increments login attempts\n * is responsible for locking the user properly, not whoever checks the login permission.\n */\nexport const checkLoginPermission = ({\n loggingInWithUsername,\n req,\n user,\n}: CheckLoginPermissionArgs) => {\n if (!user) {\n throw new AuthenticationError(req.t, Boolean(loggingInWithUsername))\n }\n\n if (isUserLocked(new Date(user.lockUntil))) {\n throw new LockedAuth(req.t)\n }\n}\n\nexport const loginOperation = async <TSlug extends CollectionSlug>(\n incomingArgs: Arguments<TSlug>,\n): Promise<{ user: DataFromCollectionSlug<TSlug> } & Result> => {\n let args = incomingArgs\n\n if (args.collection.config.auth.disableLocalStrategy) {\n throw new Forbidden(args.req.t)\n }\n\n try {\n // /////////////////////////////////////\n // beforeOperation - Collection\n // /////////////////////////////////////\n\n if (args.collection.config.hooks?.beforeOperation?.length) {\n for (const hook of args.collection.config.hooks.beforeOperation) {\n args =\n (await hook({\n args,\n collection: args.collection?.config,\n context: args.req.context,\n operation: 'login',\n req: args.req,\n })) || args\n }\n }\n\n const {\n collection: { config: collectionConfig },\n data,\n depth,\n overrideAccess,\n req,\n req: {\n fallbackLocale,\n locale,\n payload,\n payload: { secret },\n },\n showHiddenFields,\n } = args\n\n // /////////////////////////////////////\n // Login\n // /////////////////////////////////////\n\n const { email: unsanitizedEmail, password } = data\n const loginWithUsername = collectionConfig.auth.loginWithUsername\n\n const sanitizedEmail =\n typeof unsanitizedEmail === 'string' ? unsanitizedEmail.toLowerCase().trim() : null\n const sanitizedUsername =\n 'username' in data && typeof data?.username === 'string'\n ? data.username.toLowerCase().trim()\n : null\n\n const { canLoginWithEmail, canLoginWithUsername } = getLoginOptions(loginWithUsername)\n\n // cannot login with email, did not provide username\n if (!canLoginWithEmail && !sanitizedUsername) {\n throw new ValidationError({\n collection: collectionConfig.slug,\n errors: [{ message: req.i18n.t('validation:required'), path: 'username' }],\n })\n }\n\n // cannot login with username, did not provide email\n if (!canLoginWithUsername && !sanitizedEmail) {\n throw new ValidationError({\n collection: collectionConfig.slug,\n errors: [{ message: req.i18n.t('validation:required'), path: 'email' }],\n })\n }\n\n // can login with either email or username, did not provide either\n if (!sanitizedUsername && !sanitizedEmail) {\n throw new ValidationError({\n collection: collectionConfig.slug,\n errors: [\n { message: req.i18n.t('validation:required'), path: 'email' },\n { message: req.i18n.t('validation:required'), path: 'username' },\n ],\n })\n }\n\n // did not provide password for login\n if (typeof password !== 'string' || password.trim() === '') {\n throw new ValidationError({\n collection: collectionConfig.slug,\n errors: [{ message: req.i18n.t('validation:required'), path: 'password' }],\n })\n }\n\n let whereConstraint: Where = {}\n const emailConstraint: Where = {\n email: {\n equals: sanitizedEmail,\n },\n }\n const usernameConstraint: Where = {\n username: {\n equals: sanitizedUsername,\n },\n }\n\n if (canLoginWithEmail && canLoginWithUsername && (sanitizedUsername || sanitizedEmail)) {\n if (sanitizedUsername) {\n whereConstraint = {\n or: [\n usernameConstraint,\n {\n email: {\n equals: sanitizedUsername,\n },\n },\n ],\n }\n } else {\n whereConstraint = {\n or: [\n emailConstraint,\n {\n username: {\n equals: sanitizedEmail,\n },\n },\n ],\n }\n }\n } else if (canLoginWithEmail && sanitizedEmail) {\n whereConstraint = emailConstraint\n } else if (canLoginWithUsername && sanitizedUsername) {\n whereConstraint = usernameConstraint\n }\n\n // Exclude trashed users\n whereConstraint = appendNonTrashedFilter({\n enableTrash: collectionConfig.trash,\n trash: false,\n where: whereConstraint,\n })\n\n let user = (await payload.db.findOne<TypedUser>({\n collection: collectionConfig.slug,\n req,\n where: whereConstraint,\n })) as TypedUser\n\n checkLoginPermission({\n loggingInWithUsername: Boolean(canLoginWithUsername && sanitizedUsername),\n req,\n user,\n })\n\n user.collection = collectionConfig.slug\n user._strategy = 'local-jwt'\n\n const authResult = await authenticateLocalStrategy({ doc: user, password })\n user = sanitizeInternalFields(user)\n\n const maxLoginAttemptsEnabled = args.collection.config.auth.maxLoginAttempts > 0\n\n if (!authResult) {\n if (maxLoginAttemptsEnabled) {\n await incrementLoginAttempts({\n collection: collectionConfig,\n payload: req.payload,\n req,\n user,\n })\n\n // Re-check login permissions and max attempts after incrementing attempts, in case parallel updates occurred\n checkLoginPermission({\n loggingInWithUsername: Boolean(canLoginWithUsername && sanitizedUsername),\n req,\n user,\n })\n }\n\n throw new AuthenticationError(req.t)\n }\n\n if (collectionConfig.auth.verify && user._verified === false) {\n throw new UnverifiedEmail({ t: req.t })\n }\n\n /*\n * Correct password accepted - re‑check that the account didn't\n * get locked by parallel bad attempts in the meantime.\n */\n if (maxLoginAttemptsEnabled) {\n const { lockUntil, loginAttempts } = (await payload.db.findOne<TypedUser>({\n collection: collectionConfig.slug,\n req,\n select: {\n lockUntil: true,\n loginAttempts: true,\n },\n where: { id: { equals: user.id } },\n }))!\n\n user.lockUntil = lockUntil\n user.loginAttempts = loginAttempts\n\n checkLoginPermission({\n req,\n user,\n })\n }\n\n const fieldsToSignArgs: Parameters<typeof getFieldsToSign>[0] = {\n collectionConfig,\n email: sanitizedEmail!,\n user,\n }\n\n const { sid } = await addSessionToUser({\n collectionConfig,\n payload,\n req,\n user,\n })\n\n if (sid) {\n fieldsToSignArgs.sid = sid\n }\n\n const fieldsToSign = getFieldsToSign(fieldsToSignArgs)\n\n if (maxLoginAttemptsEnabled) {\n await resetLoginAttempts({\n collection: collectionConfig,\n doc: user,\n payload: req.payload,\n req,\n })\n }\n\n // /////////////////////////////////////\n // beforeLogin - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.beforeLogin?.length) {\n for (const hook of collectionConfig.hooks.beforeLogin) {\n user =\n (await hook({\n collection: args.collection?.config,\n context: args.req.context,\n req: args.req,\n user,\n })) || user\n }\n }\n\n const { exp, token } = await jwtSign({\n fieldsToSign,\n secret,\n tokenExpiration: collectionConfig.auth.tokenExpiration,\n })\n\n req.user = user\n\n // /////////////////////////////////////\n // afterLogin - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.afterLogin?.length) {\n for (const hook of collectionConfig.hooks.afterLogin) {\n user =\n (await hook({\n collection: args.collection?.config,\n context: args.req.context,\n req: args.req,\n token,\n user,\n })) || user\n }\n }\n\n // /////////////////////////////////////\n // afterRead - Fields\n // /////////////////////////////////////\n\n user = await afterRead({\n collection: collectionConfig,\n context: req.context,\n depth: depth!,\n doc: user,\n // @ts-expect-error - vestiges of when tsconfig was not strict. Feel free to improve\n draft: undefined,\n fallbackLocale: fallbackLocale!,\n global: null,\n locale: locale!,\n overrideAccess: overrideAccess!,\n req,\n showHiddenFields: showHiddenFields!,\n })\n\n // /////////////////////////////////////\n // afterRead - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.afterRead?.length) {\n for (const hook of collectionConfig.hooks.afterRead) {\n user =\n (await hook({\n collection: args.collection?.config,\n context: req.context,\n doc: user,\n req,\n })) || user\n }\n }\n\n let result: { user: DataFromCollectionSlug<TSlug> } & Result = {\n exp,\n token,\n user,\n }\n\n // /////////////////////////////////////\n // afterOperation - Collection\n // /////////////////////////////////////\n\n result = await buildAfterOperation({\n args,\n collection: args.collection?.config,\n operation: 'login',\n result,\n })\n\n // /////////////////////////////////////\n // Return results\n // /////////////////////////////////////\n\n return result\n } catch (error: unknown) {\n await killTransaction(args.req)\n throw error\n }\n}\n"],"names":["buildAfterOperation","AuthenticationError","LockedAuth","UnverifiedEmail","ValidationError","afterRead","Forbidden","appendNonTrashedFilter","killTransaction","sanitizeInternalFields","getFieldsToSign","getLoginOptions","isUserLocked","jwtSign","addSessionToUser","authenticateLocalStrategy","incrementLoginAttempts","resetLoginAttempts","checkLoginPermission","loggingInWithUsername","req","user","t","Boolean","Date","lockUntil","loginOperation","incomingArgs","args","collection","config","auth","disableLocalStrategy","hooks","beforeOperation","length","hook","context","operation","collectionConfig","data","depth","overrideAccess","fallbackLocale","locale","payload","secret","showHiddenFields","email","unsanitizedEmail","password","loginWithUsername","sanitizedEmail","toLowerCase","trim","sanitizedUsername","username","canLoginWithEmail","canLoginWithUsername","slug","errors","message","i18n","path","whereConstraint","emailConstraint","equals","usernameConstraint","or","enableTrash","trash","where","db","findOne","_strategy","authResult","doc","maxLoginAttemptsEnabled","maxLoginAttempts","verify","_verified","loginAttempts","select","id","fieldsToSignArgs","sid","fieldsToSign","beforeLogin","exp","token","tokenExpiration","afterLogin","draft","undefined","global","result","error"],"mappings":"AAQA,SAASA,mBAAmB,QAAQ,wCAAuC;AAC3E,SACEC,mBAAmB,EACnBC,UAAU,EACVC,eAAe,EACfC,eAAe,QACV,wBAAuB;AAC9B,SAASC,SAAS,QAAQ,wCAAuC;AACjE,SAASC,SAAS,QAAQ,iBAAgB;AAC1C,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,YAAY,QAAQ,qBAAoB;AACjD,SAASC,OAAO,QAAQ,YAAW;AACnC,SAASC,gBAAgB,QAAQ,iBAAgB;AACjD,SAASC,yBAAyB,QAAQ,sCAAqC;AAC/E,SAASC,sBAAsB,QAAQ,gDAA+C;AACtF,SAASC,kBAAkB,QAAQ,4CAA2C;AAuB9E;;;;CAIC,GACD,OAAO,MAAMC,uBAAuB,CAAC,EACnCC,qBAAqB,EACrBC,GAAG,EACHC,IAAI,EACqB;IACzB,IAAI,CAACA,MAAM;QACT,MAAM,IAAIpB,oBAAoBmB,IAAIE,CAAC,EAAEC,QAAQJ;IAC/C;IAEA,IAAIP,aAAa,IAAIY,KAAKH,KAAKI,SAAS,IAAI;QAC1C,MAAM,IAAIvB,WAAWkB,IAAIE,CAAC;IAC5B;AACF,EAAC;AAED,OAAO,MAAMI,iBAAiB,OAC5BC;IAEA,IAAIC,OAAOD;IAEX,IAAIC,KAAKC,UAAU,CAACC,MAAM,CAACC,IAAI,CAACC,oBAAoB,EAAE;QACpD,MAAM,IAAI1B,UAAUsB,KAAKR,GAAG,CAACE,CAAC;IAChC;IAEA,IAAI;QACF,wCAAwC;QACxC,+BAA+B;QAC/B,wCAAwC;QAExC,IAAIM,KAAKC,UAAU,CAACC,MAAM,CAACG,KAAK,EAAEC,iBAAiBC,QAAQ;YACzD,KAAK,MAAMC,QAAQR,KAAKC,UAAU,CAACC,MAAM,CAACG,KAAK,CAACC,eAAe,CAAE;gBAC/DN,OACE,AAAC,MAAMQ,KAAK;oBACVR;oBACAC,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BO,SAAST,KAAKR,GAAG,CAACiB,OAAO;oBACzBC,WAAW;oBACXlB,KAAKQ,KAAKR,GAAG;gBACf,MAAOQ;YACX;QACF;QAEA,MAAM,EACJC,YAAY,EAAEC,QAAQS,gBAAgB,EAAE,EACxCC,IAAI,EACJC,KAAK,EACLC,cAAc,EACdtB,GAAG,EACHA,KAAK,EACHuB,cAAc,EACdC,MAAM,EACNC,OAAO,EACPA,SAAS,EAAEC,MAAM,EAAE,EACpB,EACDC,gBAAgB,EACjB,GAAGnB;QAEJ,wCAAwC;QACxC,QAAQ;QACR,wCAAwC;QAExC,MAAM,EAAEoB,OAAOC,gBAAgB,EAAEC,QAAQ,EAAE,GAAGV;QAC9C,MAAMW,oBAAoBZ,iBAAiBR,IAAI,CAACoB,iBAAiB;QAEjE,MAAMC,iBACJ,OAAOH,qBAAqB,WAAWA,iBAAiBI,WAAW,GAAGC,IAAI,KAAK;QACjF,MAAMC,oBACJ,cAAcf,QAAQ,OAAOA,MAAMgB,aAAa,WAC5ChB,KAAKgB,QAAQ,CAACH,WAAW,GAAGC,IAAI,KAChC;QAEN,MAAM,EAAEG,iBAAiB,EAAEC,oBAAoB,EAAE,GAAG/C,gBAAgBwC;QAEpE,oDAAoD;QACpD,IAAI,CAACM,qBAAqB,CAACF,mBAAmB;YAC5C,MAAM,IAAInD,gBAAgB;gBACxByB,YAAYU,iBAAiBoB,IAAI;gBACjCC,QAAQ;oBAAC;wBAAEC,SAASzC,IAAI0C,IAAI,CAACxC,CAAC,CAAC;wBAAwByC,MAAM;oBAAW;iBAAE;YAC5E;QACF;QAEA,oDAAoD;QACpD,IAAI,CAACL,wBAAwB,CAACN,gBAAgB;YAC5C,MAAM,IAAIhD,gBAAgB;gBACxByB,YAAYU,iBAAiBoB,IAAI;gBACjCC,QAAQ;oBAAC;wBAAEC,SAASzC,IAAI0C,IAAI,CAACxC,CAAC,CAAC;wBAAwByC,MAAM;oBAAQ;iBAAE;YACzE;QACF;QAEA,kEAAkE;QAClE,IAAI,CAACR,qBAAqB,CAACH,gBAAgB;YACzC,MAAM,IAAIhD,gBAAgB;gBACxByB,YAAYU,iBAAiBoB,IAAI;gBACjCC,QAAQ;oBACN;wBAAEC,SAASzC,IAAI0C,IAAI,CAACxC,CAAC,CAAC;wBAAwByC,MAAM;oBAAQ;oBAC5D;wBAAEF,SAASzC,IAAI0C,IAAI,CAACxC,CAAC,CAAC;wBAAwByC,MAAM;oBAAW;iBAChE;YACH;QACF;QAEA,qCAAqC;QACrC,IAAI,OAAOb,aAAa,YAAYA,SAASI,IAAI,OAAO,IAAI;YAC1D,MAAM,IAAIlD,gBAAgB;gBACxByB,YAAYU,iBAAiBoB,IAAI;gBACjCC,QAAQ;oBAAC;wBAAEC,SAASzC,IAAI0C,IAAI,CAACxC,CAAC,CAAC;wBAAwByC,MAAM;oBAAW;iBAAE;YAC5E;QACF;QAEA,IAAIC,kBAAyB,CAAC;QAC9B,MAAMC,kBAAyB;YAC7BjB,OAAO;gBACLkB,QAAQd;YACV;QACF;QACA,MAAMe,qBAA4B;YAChCX,UAAU;gBACRU,QAAQX;YACV;QACF;QAEA,IAAIE,qBAAqBC,wBAAyBH,CAAAA,qBAAqBH,cAAa,GAAI;YACtF,IAAIG,mBAAmB;gBACrBS,kBAAkB;oBAChBI,IAAI;wBACFD;wBACA;4BACEnB,OAAO;gCACLkB,QAAQX;4BACV;wBACF;qBACD;gBACH;YACF,OAAO;gBACLS,kBAAkB;oBAChBI,IAAI;wBACFH;wBACA;4BACET,UAAU;gCACRU,QAAQd;4BACV;wBACF;qBACD;gBACH;YACF;QACF,OAAO,IAAIK,qBAAqBL,gBAAgB;YAC9CY,kBAAkBC;QACpB,OAAO,IAAIP,wBAAwBH,mBAAmB;YACpDS,kBAAkBG;QACpB;QAEA,wBAAwB;QACxBH,kBAAkBzD,uBAAuB;YACvC8D,aAAa9B,iBAAiB+B,KAAK;YACnCA,OAAO;YACPC,OAAOP;QACT;QAEA,IAAI3C,OAAQ,MAAMwB,QAAQ2B,EAAE,CAACC,OAAO,CAAY;YAC9C5C,YAAYU,iBAAiBoB,IAAI;YACjCvC;YACAmD,OAAOP;QACT;QAEA9C,qBAAqB;YACnBC,uBAAuBI,QAAQmC,wBAAwBH;YACvDnC;YACAC;QACF;QAEAA,KAAKQ,UAAU,GAAGU,iBAAiBoB,IAAI;QACvCtC,KAAKqD,SAAS,GAAG;QAEjB,MAAMC,aAAa,MAAM5D,0BAA0B;YAAE6D,KAAKvD;YAAM6B;QAAS;QACzE7B,OAAOZ,uBAAuBY;QAE9B,MAAMwD,0BAA0BjD,KAAKC,UAAU,CAACC,MAAM,CAACC,IAAI,CAAC+C,gBAAgB,GAAG;QAE/E,IAAI,CAACH,YAAY;YACf,IAAIE,yBAAyB;gBAC3B,MAAM7D,uBAAuB;oBAC3Ba,YAAYU;oBACZM,SAASzB,IAAIyB,OAAO;oBACpBzB;oBACAC;gBACF;gBAEA,6GAA6G;gBAC7GH,qBAAqB;oBACnBC,uBAAuBI,QAAQmC,wBAAwBH;oBACvDnC;oBACAC;gBACF;YACF;YAEA,MAAM,IAAIpB,oBAAoBmB,IAAIE,CAAC;QACrC;QAEA,IAAIiB,iBAAiBR,IAAI,CAACgD,MAAM,IAAI1D,KAAK2D,SAAS,KAAK,OAAO;YAC5D,MAAM,IAAI7E,gBAAgB;gBAAEmB,GAAGF,IAAIE,CAAC;YAAC;QACvC;QAEA;;;KAGC,GACD,IAAIuD,yBAAyB;YAC3B,MAAM,EAAEpD,SAAS,EAAEwD,aAAa,EAAE,GAAI,MAAMpC,QAAQ2B,EAAE,CAACC,OAAO,CAAY;gBACxE5C,YAAYU,iBAAiBoB,IAAI;gBACjCvC;gBACA8D,QAAQ;oBACNzD,WAAW;oBACXwD,eAAe;gBACjB;gBACAV,OAAO;oBAAEY,IAAI;wBAAEjB,QAAQ7C,KAAK8D,EAAE;oBAAC;gBAAE;YACnC;YAEA9D,KAAKI,SAAS,GAAGA;YACjBJ,KAAK4D,aAAa,GAAGA;YAErB/D,qBAAqB;gBACnBE;gBACAC;YACF;QACF;QAEA,MAAM+D,mBAA0D;YAC9D7C;YACAS,OAAOI;YACP/B;QACF;QAEA,MAAM,EAAEgE,GAAG,EAAE,GAAG,MAAMvE,iBAAiB;YACrCyB;YACAM;YACAzB;YACAC;QACF;QAEA,IAAIgE,KAAK;YACPD,iBAAiBC,GAAG,GAAGA;QACzB;QAEA,MAAMC,eAAe5E,gBAAgB0E;QAErC,IAAIP,yBAAyB;YAC3B,MAAM5D,mBAAmB;gBACvBY,YAAYU;gBACZqC,KAAKvD;gBACLwB,SAASzB,IAAIyB,OAAO;gBACpBzB;YACF;QACF;QAEA,wCAAwC;QACxC,2BAA2B;QAC3B,wCAAwC;QAExC,IAAImB,iBAAiBN,KAAK,EAAEsD,aAAapD,QAAQ;YAC/C,KAAK,MAAMC,QAAQG,iBAAiBN,KAAK,CAACsD,WAAW,CAAE;gBACrDlE,OACE,AAAC,MAAMe,KAAK;oBACVP,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BO,SAAST,KAAKR,GAAG,CAACiB,OAAO;oBACzBjB,KAAKQ,KAAKR,GAAG;oBACbC;gBACF,MAAOA;YACX;QACF;QAEA,MAAM,EAAEmE,GAAG,EAAEC,KAAK,EAAE,GAAG,MAAM5E,QAAQ;YACnCyE;YACAxC;YACA4C,iBAAiBnD,iBAAiBR,IAAI,CAAC2D,eAAe;QACxD;QAEAtE,IAAIC,IAAI,GAAGA;QAEX,wCAAwC;QACxC,0BAA0B;QAC1B,wCAAwC;QAExC,IAAIkB,iBAAiBN,KAAK,EAAE0D,YAAYxD,QAAQ;YAC9C,KAAK,MAAMC,QAAQG,iBAAiBN,KAAK,CAAC0D,UAAU,CAAE;gBACpDtE,OACE,AAAC,MAAMe,KAAK;oBACVP,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BO,SAAST,KAAKR,GAAG,CAACiB,OAAO;oBACzBjB,KAAKQ,KAAKR,GAAG;oBACbqE;oBACApE;gBACF,MAAOA;YACX;QACF;QAEA,wCAAwC;QACxC,qBAAqB;QACrB,wCAAwC;QAExCA,OAAO,MAAMhB,UAAU;YACrBwB,YAAYU;YACZF,SAASjB,IAAIiB,OAAO;YACpBI,OAAOA;YACPmC,KAAKvD;YACL,oFAAoF;YACpFuE,OAAOC;YACPlD,gBAAgBA;YAChBmD,QAAQ;YACRlD,QAAQA;YACRF,gBAAgBA;YAChBtB;YACA2B,kBAAkBA;QACpB;QAEA,wCAAwC;QACxC,yBAAyB;QACzB,wCAAwC;QAExC,IAAIR,iBAAiBN,KAAK,EAAE5B,WAAW8B,QAAQ;YAC7C,KAAK,MAAMC,QAAQG,iBAAiBN,KAAK,CAAC5B,SAAS,CAAE;gBACnDgB,OACE,AAAC,MAAMe,KAAK;oBACVP,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BO,SAASjB,IAAIiB,OAAO;oBACpBuC,KAAKvD;oBACLD;gBACF,MAAOC;YACX;QACF;QAEA,IAAI0E,SAA2D;YAC7DP;YACAC;YACApE;QACF;QAEA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExC0E,SAAS,MAAM/F,oBAAoB;YACjC4B;YACAC,YAAYD,KAAKC,UAAU,EAAEC;YAC7BQ,WAAW;YACXyD;QACF;QAEA,wCAAwC;QACxC,iBAAiB;QACjB,wCAAwC;QAExC,OAAOA;IACT,EAAE,OAAOC,OAAgB;QACvB,MAAMxF,gBAAgBoB,KAAKR,GAAG;QAC9B,MAAM4E;IACR;AACF,EAAC"}
1
+ {"version":3,"sources":["../../../src/auth/operations/login.ts"],"sourcesContent":["import type {\n AuthOperationsFromCollectionSlug,\n Collection,\n DataFromCollectionSlug,\n} from '../../collections/config/types.js'\nimport type { CollectionSlug, TypedUser } from '../../index.js'\nimport type { PayloadRequest, Where } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utilities/buildAfterOperation.js'\nimport { buildBeforeOperation } from '../../collections/operations/utilities/buildBeforeOperation.js'\nimport {\n AuthenticationError,\n LockedAuth,\n UnverifiedEmail,\n ValidationError,\n} from '../../errors/index.js'\nimport { afterRead } from '../../fields/hooks/afterRead/index.js'\nimport { Forbidden } from '../../index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { sanitizeInternalFields } from '../../utilities/sanitizeInternalFields.js'\nimport { getFieldsToSign } from '../getFieldsToSign.js'\nimport { getLoginOptions } from '../getLoginOptions.js'\nimport { isUserLocked } from '../isUserLocked.js'\nimport { jwtSign } from '../jwt.js'\nimport { addSessionToUser } from '../sessions.js'\nimport { authenticateLocalStrategy } from '../strategies/local/authenticate.js'\nimport { incrementLoginAttempts } from '../strategies/local/incrementLoginAttempts.js'\nimport { resetLoginAttempts } from '../strategies/local/resetLoginAttempts.js'\n\nexport type Result = {\n exp?: number\n token?: string\n user?: TypedUser\n}\n\nexport type Arguments<TSlug extends CollectionSlug> = {\n collection: Collection\n data: AuthOperationsFromCollectionSlug<TSlug>['login']\n depth?: number\n overrideAccess?: boolean\n req: PayloadRequest\n showHiddenFields?: boolean\n}\n\ntype CheckLoginPermissionArgs = {\n loggingInWithUsername?: boolean\n req: PayloadRequest\n user: any\n}\n\n/**\n * Throws an error if the user is locked or does not exist.\n * This does not check the login attempts, only the lock status. Whoever increments login attempts\n * is responsible for locking the user properly, not whoever checks the login permission.\n */\nexport const checkLoginPermission = ({\n loggingInWithUsername,\n req,\n user,\n}: CheckLoginPermissionArgs) => {\n if (!user) {\n throw new AuthenticationError(req.t, Boolean(loggingInWithUsername))\n }\n\n if (isUserLocked(new Date(user.lockUntil))) {\n throw new LockedAuth(req.t)\n }\n}\n\nexport const loginOperation = async <TSlug extends CollectionSlug>(\n incomingArgs: Arguments<TSlug>,\n): Promise<{ user: DataFromCollectionSlug<TSlug> } & Result> => {\n let args = incomingArgs\n\n if (args.collection.config.auth.disableLocalStrategy) {\n throw new Forbidden(args.req.t)\n }\n\n try {\n // /////////////////////////////////////\n // beforeOperation - Collection\n // /////////////////////////////////////\n\n args = await buildBeforeOperation({\n args,\n collection: args.collection.config,\n operation: 'login',\n })\n\n const {\n collection: { config: collectionConfig },\n data,\n depth,\n overrideAccess,\n req,\n req: {\n fallbackLocale,\n locale,\n payload,\n payload: { secret },\n },\n showHiddenFields,\n } = args\n\n // /////////////////////////////////////\n // Login\n // /////////////////////////////////////\n\n const { email: unsanitizedEmail, password } = data\n const loginWithUsername = collectionConfig.auth.loginWithUsername\n\n const sanitizedEmail =\n typeof unsanitizedEmail === 'string' ? unsanitizedEmail.toLowerCase().trim() : null\n const sanitizedUsername =\n 'username' in data && typeof data?.username === 'string'\n ? data.username.toLowerCase().trim()\n : null\n\n const { canLoginWithEmail, canLoginWithUsername } = getLoginOptions(loginWithUsername)\n\n // cannot login with email, did not provide username\n if (!canLoginWithEmail && !sanitizedUsername) {\n throw new ValidationError({\n collection: collectionConfig.slug,\n errors: [{ message: req.i18n.t('validation:required'), path: 'username' }],\n })\n }\n\n // cannot login with username, did not provide email\n if (!canLoginWithUsername && !sanitizedEmail) {\n throw new ValidationError({\n collection: collectionConfig.slug,\n errors: [{ message: req.i18n.t('validation:required'), path: 'email' }],\n })\n }\n\n // can login with either email or username, did not provide either\n if (!sanitizedUsername && !sanitizedEmail) {\n throw new ValidationError({\n collection: collectionConfig.slug,\n errors: [\n { message: req.i18n.t('validation:required'), path: 'email' },\n { message: req.i18n.t('validation:required'), path: 'username' },\n ],\n })\n }\n\n // did not provide password for login\n if (typeof password !== 'string' || password.trim() === '') {\n throw new ValidationError({\n collection: collectionConfig.slug,\n errors: [{ message: req.i18n.t('validation:required'), path: 'password' }],\n })\n }\n\n let whereConstraint: Where = {}\n const emailConstraint: Where = {\n email: {\n equals: sanitizedEmail,\n },\n }\n const usernameConstraint: Where = {\n username: {\n equals: sanitizedUsername,\n },\n }\n\n if (canLoginWithEmail && canLoginWithUsername && (sanitizedUsername || sanitizedEmail)) {\n if (sanitizedUsername) {\n whereConstraint = {\n or: [\n usernameConstraint,\n {\n email: {\n equals: sanitizedUsername,\n },\n },\n ],\n }\n } else {\n whereConstraint = {\n or: [\n emailConstraint,\n {\n username: {\n equals: sanitizedEmail,\n },\n },\n ],\n }\n }\n } else if (canLoginWithEmail && sanitizedEmail) {\n whereConstraint = emailConstraint\n } else if (canLoginWithUsername && sanitizedUsername) {\n whereConstraint = usernameConstraint\n }\n\n // Exclude trashed users\n whereConstraint = appendNonTrashedFilter({\n enableTrash: collectionConfig.trash,\n trash: false,\n where: whereConstraint,\n })\n\n let user = (await payload.db.findOne<TypedUser>({\n collection: collectionConfig.slug,\n req,\n where: whereConstraint,\n })) as TypedUser\n\n checkLoginPermission({\n loggingInWithUsername: Boolean(canLoginWithUsername && sanitizedUsername),\n req,\n user,\n })\n\n user.collection = collectionConfig.slug\n user._strategy = 'local-jwt'\n\n const authResult = await authenticateLocalStrategy({ doc: user, password })\n user = sanitizeInternalFields(user)\n\n const maxLoginAttemptsEnabled = args.collection.config.auth.maxLoginAttempts > 0\n\n if (!authResult) {\n if (maxLoginAttemptsEnabled) {\n await incrementLoginAttempts({\n collection: collectionConfig,\n payload: req.payload,\n req,\n user,\n })\n\n // Re-check login permissions and max attempts after incrementing attempts, in case parallel updates occurred\n checkLoginPermission({\n loggingInWithUsername: Boolean(canLoginWithUsername && sanitizedUsername),\n req,\n user,\n })\n }\n\n throw new AuthenticationError(req.t)\n }\n\n if (collectionConfig.auth.verify && user._verified === false) {\n throw new UnverifiedEmail({ t: req.t })\n }\n\n /*\n * Correct password accepted - re‑check that the account didn't\n * get locked by parallel bad attempts in the meantime.\n */\n if (maxLoginAttemptsEnabled) {\n const { lockUntil, loginAttempts } = (await payload.db.findOne<TypedUser>({\n collection: collectionConfig.slug,\n req,\n select: {\n lockUntil: true,\n loginAttempts: true,\n },\n where: { id: { equals: user.id } },\n }))!\n\n user.lockUntil = lockUntil\n user.loginAttempts = loginAttempts\n\n checkLoginPermission({\n req,\n user,\n })\n }\n\n const fieldsToSignArgs: Parameters<typeof getFieldsToSign>[0] = {\n collectionConfig,\n email: sanitizedEmail!,\n user,\n }\n\n const { sid } = await addSessionToUser({\n collectionConfig,\n payload,\n req,\n user,\n })\n\n if (sid) {\n fieldsToSignArgs.sid = sid\n }\n\n const fieldsToSign = getFieldsToSign(fieldsToSignArgs)\n\n if (maxLoginAttemptsEnabled) {\n await resetLoginAttempts({\n collection: collectionConfig,\n doc: user,\n payload: req.payload,\n req,\n })\n }\n\n // /////////////////////////////////////\n // beforeLogin - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.beforeLogin?.length) {\n for (const hook of collectionConfig.hooks.beforeLogin) {\n user =\n (await hook({\n collection: args.collection?.config,\n context: args.req.context,\n req: args.req,\n user,\n })) || user\n }\n }\n\n const { exp, token } = await jwtSign({\n fieldsToSign,\n secret,\n tokenExpiration: collectionConfig.auth.tokenExpiration,\n })\n\n req.user = user\n\n // /////////////////////////////////////\n // afterLogin - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.afterLogin?.length) {\n for (const hook of collectionConfig.hooks.afterLogin) {\n user =\n (await hook({\n collection: args.collection?.config,\n context: args.req.context,\n req: args.req,\n token,\n user,\n })) || user\n }\n }\n\n // /////////////////////////////////////\n // afterRead - Fields\n // /////////////////////////////////////\n\n user = await afterRead({\n collection: collectionConfig,\n context: req.context,\n depth: depth!,\n doc: user,\n // @ts-expect-error - vestiges of when tsconfig was not strict. Feel free to improve\n draft: undefined,\n fallbackLocale: fallbackLocale!,\n global: null,\n locale: locale!,\n overrideAccess: overrideAccess!,\n req,\n showHiddenFields: showHiddenFields!,\n })\n\n // /////////////////////////////////////\n // afterRead - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.afterRead?.length) {\n for (const hook of collectionConfig.hooks.afterRead) {\n user =\n (await hook({\n collection: args.collection?.config,\n context: req.context,\n doc: user,\n req,\n })) || user\n }\n }\n\n let result: { user: DataFromCollectionSlug<TSlug> } & Result = {\n exp,\n token,\n user,\n }\n\n // /////////////////////////////////////\n // afterOperation - Collection\n // /////////////////////////////////////\n\n result = await buildAfterOperation({\n args,\n collection: args.collection?.config,\n operation: 'login',\n result,\n })\n\n // /////////////////////////////////////\n // Return results\n // /////////////////////////////////////\n\n return result\n } catch (error: unknown) {\n await killTransaction(args.req)\n throw error\n }\n}\n"],"names":["buildAfterOperation","buildBeforeOperation","AuthenticationError","LockedAuth","UnverifiedEmail","ValidationError","afterRead","Forbidden","appendNonTrashedFilter","killTransaction","sanitizeInternalFields","getFieldsToSign","getLoginOptions","isUserLocked","jwtSign","addSessionToUser","authenticateLocalStrategy","incrementLoginAttempts","resetLoginAttempts","checkLoginPermission","loggingInWithUsername","req","user","t","Boolean","Date","lockUntil","loginOperation","incomingArgs","args","collection","config","auth","disableLocalStrategy","operation","collectionConfig","data","depth","overrideAccess","fallbackLocale","locale","payload","secret","showHiddenFields","email","unsanitizedEmail","password","loginWithUsername","sanitizedEmail","toLowerCase","trim","sanitizedUsername","username","canLoginWithEmail","canLoginWithUsername","slug","errors","message","i18n","path","whereConstraint","emailConstraint","equals","usernameConstraint","or","enableTrash","trash","where","db","findOne","_strategy","authResult","doc","maxLoginAttemptsEnabled","maxLoginAttempts","verify","_verified","loginAttempts","select","id","fieldsToSignArgs","sid","fieldsToSign","hooks","beforeLogin","length","hook","context","exp","token","tokenExpiration","afterLogin","draft","undefined","global","result","error"],"mappings":"AAQA,SAASA,mBAAmB,QAAQ,gEAA+D;AACnG,SAASC,oBAAoB,QAAQ,iEAAgE;AACrG,SACEC,mBAAmB,EACnBC,UAAU,EACVC,eAAe,EACfC,eAAe,QACV,wBAAuB;AAC9B,SAASC,SAAS,QAAQ,wCAAuC;AACjE,SAASC,SAAS,QAAQ,iBAAgB;AAC1C,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,YAAY,QAAQ,qBAAoB;AACjD,SAASC,OAAO,QAAQ,YAAW;AACnC,SAASC,gBAAgB,QAAQ,iBAAgB;AACjD,SAASC,yBAAyB,QAAQ,sCAAqC;AAC/E,SAASC,sBAAsB,QAAQ,gDAA+C;AACtF,SAASC,kBAAkB,QAAQ,4CAA2C;AAuB9E;;;;CAIC,GACD,OAAO,MAAMC,uBAAuB,CAAC,EACnCC,qBAAqB,EACrBC,GAAG,EACHC,IAAI,EACqB;IACzB,IAAI,CAACA,MAAM;QACT,MAAM,IAAIpB,oBAAoBmB,IAAIE,CAAC,EAAEC,QAAQJ;IAC/C;IAEA,IAAIP,aAAa,IAAIY,KAAKH,KAAKI,SAAS,IAAI;QAC1C,MAAM,IAAIvB,WAAWkB,IAAIE,CAAC;IAC5B;AACF,EAAC;AAED,OAAO,MAAMI,iBAAiB,OAC5BC;IAEA,IAAIC,OAAOD;IAEX,IAAIC,KAAKC,UAAU,CAACC,MAAM,CAACC,IAAI,CAACC,oBAAoB,EAAE;QACpD,MAAM,IAAI1B,UAAUsB,KAAKR,GAAG,CAACE,CAAC;IAChC;IAEA,IAAI;QACF,wCAAwC;QACxC,+BAA+B;QAC/B,wCAAwC;QAExCM,OAAO,MAAM5B,qBAAqB;YAChC4B;YACAC,YAAYD,KAAKC,UAAU,CAACC,MAAM;YAClCG,WAAW;QACb;QAEA,MAAM,EACJJ,YAAY,EAAEC,QAAQI,gBAAgB,EAAE,EACxCC,IAAI,EACJC,KAAK,EACLC,cAAc,EACdjB,GAAG,EACHA,KAAK,EACHkB,cAAc,EACdC,MAAM,EACNC,OAAO,EACPA,SAAS,EAAEC,MAAM,EAAE,EACpB,EACDC,gBAAgB,EACjB,GAAGd;QAEJ,wCAAwC;QACxC,QAAQ;QACR,wCAAwC;QAExC,MAAM,EAAEe,OAAOC,gBAAgB,EAAEC,QAAQ,EAAE,GAAGV;QAC9C,MAAMW,oBAAoBZ,iBAAiBH,IAAI,CAACe,iBAAiB;QAEjE,MAAMC,iBACJ,OAAOH,qBAAqB,WAAWA,iBAAiBI,WAAW,GAAGC,IAAI,KAAK;QACjF,MAAMC,oBACJ,cAAcf,QAAQ,OAAOA,MAAMgB,aAAa,WAC5ChB,KAAKgB,QAAQ,CAACH,WAAW,GAAGC,IAAI,KAChC;QAEN,MAAM,EAAEG,iBAAiB,EAAEC,oBAAoB,EAAE,GAAG1C,gBAAgBmC;QAEpE,oDAAoD;QACpD,IAAI,CAACM,qBAAqB,CAACF,mBAAmB;YAC5C,MAAM,IAAI9C,gBAAgB;gBACxByB,YAAYK,iBAAiBoB,IAAI;gBACjCC,QAAQ;oBAAC;wBAAEC,SAASpC,IAAIqC,IAAI,CAACnC,CAAC,CAAC;wBAAwBoC,MAAM;oBAAW;iBAAE;YAC5E;QACF;QAEA,oDAAoD;QACpD,IAAI,CAACL,wBAAwB,CAACN,gBAAgB;YAC5C,MAAM,IAAI3C,gBAAgB;gBACxByB,YAAYK,iBAAiBoB,IAAI;gBACjCC,QAAQ;oBAAC;wBAAEC,SAASpC,IAAIqC,IAAI,CAACnC,CAAC,CAAC;wBAAwBoC,MAAM;oBAAQ;iBAAE;YACzE;QACF;QAEA,kEAAkE;QAClE,IAAI,CAACR,qBAAqB,CAACH,gBAAgB;YACzC,MAAM,IAAI3C,gBAAgB;gBACxByB,YAAYK,iBAAiBoB,IAAI;gBACjCC,QAAQ;oBACN;wBAAEC,SAASpC,IAAIqC,IAAI,CAACnC,CAAC,CAAC;wBAAwBoC,MAAM;oBAAQ;oBAC5D;wBAAEF,SAASpC,IAAIqC,IAAI,CAACnC,CAAC,CAAC;wBAAwBoC,MAAM;oBAAW;iBAChE;YACH;QACF;QAEA,qCAAqC;QACrC,IAAI,OAAOb,aAAa,YAAYA,SAASI,IAAI,OAAO,IAAI;YAC1D,MAAM,IAAI7C,gBAAgB;gBACxByB,YAAYK,iBAAiBoB,IAAI;gBACjCC,QAAQ;oBAAC;wBAAEC,SAASpC,IAAIqC,IAAI,CAACnC,CAAC,CAAC;wBAAwBoC,MAAM;oBAAW;iBAAE;YAC5E;QACF;QAEA,IAAIC,kBAAyB,CAAC;QAC9B,MAAMC,kBAAyB;YAC7BjB,OAAO;gBACLkB,QAAQd;YACV;QACF;QACA,MAAMe,qBAA4B;YAChCX,UAAU;gBACRU,QAAQX;YACV;QACF;QAEA,IAAIE,qBAAqBC,wBAAyBH,CAAAA,qBAAqBH,cAAa,GAAI;YACtF,IAAIG,mBAAmB;gBACrBS,kBAAkB;oBAChBI,IAAI;wBACFD;wBACA;4BACEnB,OAAO;gCACLkB,QAAQX;4BACV;wBACF;qBACD;gBACH;YACF,OAAO;gBACLS,kBAAkB;oBAChBI,IAAI;wBACFH;wBACA;4BACET,UAAU;gCACRU,QAAQd;4BACV;wBACF;qBACD;gBACH;YACF;QACF,OAAO,IAAIK,qBAAqBL,gBAAgB;YAC9CY,kBAAkBC;QACpB,OAAO,IAAIP,wBAAwBH,mBAAmB;YACpDS,kBAAkBG;QACpB;QAEA,wBAAwB;QACxBH,kBAAkBpD,uBAAuB;YACvCyD,aAAa9B,iBAAiB+B,KAAK;YACnCA,OAAO;YACPC,OAAOP;QACT;QAEA,IAAItC,OAAQ,MAAMmB,QAAQ2B,EAAE,CAACC,OAAO,CAAY;YAC9CvC,YAAYK,iBAAiBoB,IAAI;YACjClC;YACA8C,OAAOP;QACT;QAEAzC,qBAAqB;YACnBC,uBAAuBI,QAAQ8B,wBAAwBH;YACvD9B;YACAC;QACF;QAEAA,KAAKQ,UAAU,GAAGK,iBAAiBoB,IAAI;QACvCjC,KAAKgD,SAAS,GAAG;QAEjB,MAAMC,aAAa,MAAMvD,0BAA0B;YAAEwD,KAAKlD;YAAMwB;QAAS;QACzExB,OAAOZ,uBAAuBY;QAE9B,MAAMmD,0BAA0B5C,KAAKC,UAAU,CAACC,MAAM,CAACC,IAAI,CAAC0C,gBAAgB,GAAG;QAE/E,IAAI,CAACH,YAAY;YACf,IAAIE,yBAAyB;gBAC3B,MAAMxD,uBAAuB;oBAC3Ba,YAAYK;oBACZM,SAASpB,IAAIoB,OAAO;oBACpBpB;oBACAC;gBACF;gBAEA,6GAA6G;gBAC7GH,qBAAqB;oBACnBC,uBAAuBI,QAAQ8B,wBAAwBH;oBACvD9B;oBACAC;gBACF;YACF;YAEA,MAAM,IAAIpB,oBAAoBmB,IAAIE,CAAC;QACrC;QAEA,IAAIY,iBAAiBH,IAAI,CAAC2C,MAAM,IAAIrD,KAAKsD,SAAS,KAAK,OAAO;YAC5D,MAAM,IAAIxE,gBAAgB;gBAAEmB,GAAGF,IAAIE,CAAC;YAAC;QACvC;QAEA;;;KAGC,GACD,IAAIkD,yBAAyB;YAC3B,MAAM,EAAE/C,SAAS,EAAEmD,aAAa,EAAE,GAAI,MAAMpC,QAAQ2B,EAAE,CAACC,OAAO,CAAY;gBACxEvC,YAAYK,iBAAiBoB,IAAI;gBACjClC;gBACAyD,QAAQ;oBACNpD,WAAW;oBACXmD,eAAe;gBACjB;gBACAV,OAAO;oBAAEY,IAAI;wBAAEjB,QAAQxC,KAAKyD,EAAE;oBAAC;gBAAE;YACnC;YAEAzD,KAAKI,SAAS,GAAGA;YACjBJ,KAAKuD,aAAa,GAAGA;YAErB1D,qBAAqB;gBACnBE;gBACAC;YACF;QACF;QAEA,MAAM0D,mBAA0D;YAC9D7C;YACAS,OAAOI;YACP1B;QACF;QAEA,MAAM,EAAE2D,GAAG,EAAE,GAAG,MAAMlE,iBAAiB;YACrCoB;YACAM;YACApB;YACAC;QACF;QAEA,IAAI2D,KAAK;YACPD,iBAAiBC,GAAG,GAAGA;QACzB;QAEA,MAAMC,eAAevE,gBAAgBqE;QAErC,IAAIP,yBAAyB;YAC3B,MAAMvD,mBAAmB;gBACvBY,YAAYK;gBACZqC,KAAKlD;gBACLmB,SAASpB,IAAIoB,OAAO;gBACpBpB;YACF;QACF;QAEA,wCAAwC;QACxC,2BAA2B;QAC3B,wCAAwC;QAExC,IAAIc,iBAAiBgD,KAAK,EAAEC,aAAaC,QAAQ;YAC/C,KAAK,MAAMC,QAAQnD,iBAAiBgD,KAAK,CAACC,WAAW,CAAE;gBACrD9D,OACE,AAAC,MAAMgE,KAAK;oBACVxD,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BwD,SAAS1D,KAAKR,GAAG,CAACkE,OAAO;oBACzBlE,KAAKQ,KAAKR,GAAG;oBACbC;gBACF,MAAOA;YACX;QACF;QAEA,MAAM,EAAEkE,GAAG,EAAEC,KAAK,EAAE,GAAG,MAAM3E,QAAQ;YACnCoE;YACAxC;YACAgD,iBAAiBvD,iBAAiBH,IAAI,CAAC0D,eAAe;QACxD;QAEArE,IAAIC,IAAI,GAAGA;QAEX,wCAAwC;QACxC,0BAA0B;QAC1B,wCAAwC;QAExC,IAAIa,iBAAiBgD,KAAK,EAAEQ,YAAYN,QAAQ;YAC9C,KAAK,MAAMC,QAAQnD,iBAAiBgD,KAAK,CAACQ,UAAU,CAAE;gBACpDrE,OACE,AAAC,MAAMgE,KAAK;oBACVxD,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BwD,SAAS1D,KAAKR,GAAG,CAACkE,OAAO;oBACzBlE,KAAKQ,KAAKR,GAAG;oBACboE;oBACAnE;gBACF,MAAOA;YACX;QACF;QAEA,wCAAwC;QACxC,qBAAqB;QACrB,wCAAwC;QAExCA,OAAO,MAAMhB,UAAU;YACrBwB,YAAYK;YACZoD,SAASlE,IAAIkE,OAAO;YACpBlD,OAAOA;YACPmC,KAAKlD;YACL,oFAAoF;YACpFsE,OAAOC;YACPtD,gBAAgBA;YAChBuD,QAAQ;YACRtD,QAAQA;YACRF,gBAAgBA;YAChBjB;YACAsB,kBAAkBA;QACpB;QAEA,wCAAwC;QACxC,yBAAyB;QACzB,wCAAwC;QAExC,IAAIR,iBAAiBgD,KAAK,EAAE7E,WAAW+E,QAAQ;YAC7C,KAAK,MAAMC,QAAQnD,iBAAiBgD,KAAK,CAAC7E,SAAS,CAAE;gBACnDgB,OACE,AAAC,MAAMgE,KAAK;oBACVxD,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BwD,SAASlE,IAAIkE,OAAO;oBACpBf,KAAKlD;oBACLD;gBACF,MAAOC;YACX;QACF;QAEA,IAAIyE,SAA2D;YAC7DP;YACAC;YACAnE;QACF;QAEA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExCyE,SAAS,MAAM/F,oBAAoB;YACjC6B;YACAC,YAAYD,KAAKC,UAAU,EAAEC;YAC7BG,WAAW;YACX6D;QACF;QAEA,wCAAwC;QACxC,iBAAiB;QACjB,wCAAwC;QAExC,OAAOA;IACT,EAAE,OAAOC,OAAgB;QACvB,MAAMvF,gBAAgBoB,KAAKR,GAAG;QAC9B,MAAM2E;IACR;AACF,EAAC"}
package/dist/auth/operations/refresh.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"refresh.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/refresh.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mCAAmC,CAAA;AACnE,OAAO,KAAK,EAAE,QAAQ,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAWpE,MAAM,MAAM,MAAM,GAAG;IACnB,GAAG,EAAE,MAAM,CAAA;IACX,cAAc,EAAE,MAAM,CAAA;IACtB,SAAS,CAAC,EAAE,OAAO,CAAA;IACnB;;;;;OAKG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,IAAI,EAAE,QAAQ,CAAA;CACf,CAAA;AAED,MAAM,MAAM,SAAS,GAAG;IACtB,UAAU,EAAE,UAAU,CAAA;IACtB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,gBAAgB,iBAAwB,SAAS,KAAG,OAAO,CAAC,MAAM,CA6K9E,CAAA"}
1
+ {"version":3,"file":"refresh.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/refresh.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mCAAmC,CAAA;AACnE,OAAO,KAAK,EAAE,QAAQ,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAYpE,MAAM,MAAM,MAAM,GAAG;IACnB,GAAG,EAAE,MAAM,CAAA;IACX,cAAc,EAAE,MAAM,CAAA;IACtB,SAAS,CAAC,EAAE,OAAO,CAAA;IACnB;;;;;OAKG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,IAAI,EAAE,QAAQ,CAAA;CACf,CAAA;AAED,MAAM,MAAM,SAAS,GAAG;IACtB,UAAU,EAAE,UAAU,CAAA;IACtB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,gBAAgB,iBAAwB,SAAS,KAAG,OAAO,CAAC,MAAM,CAsK9E,CAAA"}
package/dist/auth/operations/refresh.js CHANGED
@@ -1,5 +1,6 @@
1
1
  import url from 'url';
2
- import { buildAfterOperation } from '../../collections/operations/utils.js';
2
+ import { buildAfterOperation } from '../../collections/operations/utilities/buildAfterOperation.js';
3
+ import { buildBeforeOperation } from '../../collections/operations/utilities/buildBeforeOperation.js';
3
4
  import { Forbidden } from '../../errors/index.js';
4
5
  import { commitTransaction } from '../../utilities/commitTransaction.js';
5
6
  import { initTransaction } from '../../utilities/initTransaction.js';
@@ -14,17 +15,11 @@ export const refreshOperation = async (incomingArgs)=>{
14
15
  // /////////////////////////////////////
15
16
  // beforeOperation - Collection
16
17
  // /////////////////////////////////////
17
- if (args.collection.config.hooks?.beforeOperation?.length) {
18
- for (const hook of args.collection.config.hooks.beforeOperation){
19
- args = await hook({
20
- args,
21
- collection: args.collection?.config,
22
- context: args.req.context,
23
- operation: 'refresh',
24
- req: args.req
25
- }) || args;
26
- }
27
- }
18
+ args = await buildBeforeOperation({
19
+ args,
20
+ collection: args.collection.config,
21
+ operation: 'refresh'
22
+ });
28
23
  // /////////////////////////////////////
29
24
  // Refresh
30
25
  // /////////////////////////////////////
package/dist/auth/operations/refresh.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../src/auth/operations/refresh.ts"],"sourcesContent":["import url from 'url'\n\nimport type { Collection } from '../../collections/config/types.js'\nimport type { Document, PayloadRequest } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utils.js'\nimport { Forbidden } from '../../errors/index.js'\nimport { commitTransaction } from '../../utilities/commitTransaction.js'\nimport { initTransaction } from '../../utilities/initTransaction.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { getFieldsToSign } from '../getFieldsToSign.js'\nimport { jwtSign } from '../jwt.js'\nimport { removeExpiredSessions } from '../sessions.js'\n\nexport type Result = {\n exp: number\n refreshedToken: string\n setCookie?: boolean\n /** @deprecated\n * use:\n * ```ts\n * user._strategy\n * ```\n */\n strategy?: string\n user: Document\n}\n\nexport type Arguments = {\n collection: Collection\n req: PayloadRequest\n}\n\nexport const refreshOperation = async (incomingArgs: Arguments): Promise<Result> => {\n let args = incomingArgs\n\n try {\n const shouldCommit = await initTransaction(args.req)\n\n // /////////////////////////////////////\n // beforeOperation - Collection\n // /////////////////////////////////////\n\n if (args.collection.config.hooks?.beforeOperation?.length) {\n for (const hook of args.collection.config.hooks.beforeOperation) {\n args =\n (await hook({\n args,\n collection: args.collection?.config,\n context: args.req.context,\n operation: 'refresh',\n req: args.req,\n })) || args\n }\n }\n\n // /////////////////////////////////////\n // Refresh\n // /////////////////////////////////////\n\n const {\n collection: { config: collectionConfig },\n req,\n req: {\n payload: { config, secret },\n },\n } = args\n\n if (!args.req.user) {\n throw new Forbidden(args.req.t)\n }\n\n const parsedURL = url.parse(args.req.url!)\n const isGraphQL = parsedURL.pathname === config.routes.graphQL\n\n let user = await req.payload.db.findOne<any>({\n collection: collectionConfig.slug,\n req,\n where: { id: { equals: args.req.user.id } },\n })\n\n const sid = args.req.user._sid\n\n if (collectionConfig.auth.useSessions && !collectionConfig.auth.disableLocalStrategy) {\n if (!Array.isArray(user.sessions) || !sid) {\n throw new Forbidden(args.req.t)\n }\n\n const existingSession = user.sessions.find(({ id }: { id: number }) => id === sid)\n\n const now = new Date()\n const tokenExpInMs = collectionConfig.auth.tokenExpiration * 1000\n existingSession.expiresAt = new Date(now.getTime() + tokenExpInMs)\n\n // Prevent updatedAt from being updated when only refreshing a session\n user.updatedAt = null\n\n await req.payload.db.updateOne({\n id: user.id,\n collection: collectionConfig.slug,\n data: {\n ...user,\n sessions: removeExpiredSessions(user.sessions),\n },\n req,\n returning: false,\n })\n }\n\n user = await req.payload.findByID({\n id: user.id,\n collection: collectionConfig.slug,\n depth: isGraphQL ? 0 : args.collection.config.auth.depth,\n req: args.req,\n })\n\n if (user) {\n user.collection = args.req.user.collection\n user._strategy = args.req.user._strategy\n }\n\n let result!: Result\n\n // /////////////////////////////////////\n // refresh hook - Collection\n // /////////////////////////////////////\n\n for (const refreshHook of args.collection.config.hooks.refresh) {\n const hookResult = await refreshHook({ args, user })\n\n if (hookResult) {\n result = hookResult\n break\n }\n }\n\n if (!result) {\n const fieldsToSign = getFieldsToSign({\n collectionConfig,\n email: user?.email as string,\n sid,\n user: args?.req?.user,\n })\n\n const { exp, token: refreshedToken } = await jwtSign({\n fieldsToSign,\n secret,\n tokenExpiration: collectionConfig.auth.tokenExpiration,\n })\n\n result = {\n exp,\n refreshedToken,\n setCookie: true,\n /** @deprecated\n * use:\n * ```ts\n * user._strategy\n * ```\n */\n strategy: args.req.user._strategy,\n user,\n }\n }\n\n // /////////////////////////////////////\n // After Refresh - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.afterRefresh?.length) {\n for (const hook of collectionConfig.hooks.afterRefresh) {\n result =\n (await hook({\n collection: args.collection?.config,\n context: args.req.context,\n exp: result.exp,\n req: args.req,\n token: result.refreshedToken,\n })) || result\n }\n }\n\n // /////////////////////////////////////\n // afterOperation - Collection\n // /////////////////////////////////////\n\n result = await buildAfterOperation({\n args,\n collection: args.collection?.config,\n operation: 'refresh',\n result,\n })\n\n // /////////////////////////////////////\n // Return results\n // /////////////////////////////////////\n\n if (shouldCommit) {\n await commitTransaction(req)\n }\n\n return result\n } catch (error: unknown) {\n await killTransaction(args.req)\n throw error\n }\n}\n"],"names":["url","buildAfterOperation","Forbidden","commitTransaction","initTransaction","killTransaction","getFieldsToSign","jwtSign","removeExpiredSessions","refreshOperation","incomingArgs","args","shouldCommit","req","collection","config","hooks","beforeOperation","length","hook","context","operation","collectionConfig","payload","secret","user","t","parsedURL","parse","isGraphQL","pathname","routes","graphQL","db","findOne","slug","where","id","equals","sid","_sid","auth","useSessions","disableLocalStrategy","Array","isArray","sessions","existingSession","find","now","Date","tokenExpInMs","tokenExpiration","expiresAt","getTime","updatedAt","updateOne","data","returning","findByID","depth","_strategy","result","refreshHook","refresh","hookResult","fieldsToSign","email","exp","token","refreshedToken","setCookie","strategy","afterRefresh","error"],"mappings":"AAAA,OAAOA,SAAS,MAAK;AAKrB,SAASC,mBAAmB,QAAQ,wCAAuC;AAC3E,SAASC,SAAS,QAAQ,wBAAuB;AACjD,SAASC,iBAAiB,QAAQ,uCAAsC;AACxE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,OAAO,QAAQ,YAAW;AACnC,SAASC,qBAAqB,QAAQ,iBAAgB;AAqBtD,OAAO,MAAMC,mBAAmB,OAAOC;IACrC,IAAIC,OAAOD;IAEX,IAAI;QACF,MAAME,eAAe,MAAMR,gBAAgBO,KAAKE,GAAG;QAEnD,wCAAwC;QACxC,+BAA+B;QAC/B,wCAAwC;QAExC,IAAIF,KAAKG,UAAU,CAACC,MAAM,CAACC,KAAK,EAAEC,iBAAiBC,QAAQ;YACzD,KAAK,MAAMC,QAAQR,KAAKG,UAAU,CAACC,MAAM,CAACC,KAAK,CAACC,eAAe,CAAE;gBAC/DN,OACE,AAAC,MAAMQ,KAAK;oBACVR;oBACAG,YAAYH,KAAKG,UAAU,EAAEC;oBAC7BK,SAAST,KAAKE,GAAG,CAACO,OAAO;oBACzBC,WAAW;oBACXR,KAAKF,KAAKE,GAAG;gBACf,MAAOF;YACX;QACF;QAEA,wCAAwC;QACxC,UAAU;QACV,wCAAwC;QAExC,MAAM,EACJG,YAAY,EAAEC,QAAQO,gBAAgB,EAAE,EACxCT,GAAG,EACHA,KAAK,EACHU,SAAS,EAAER,MAAM,EAAES,MAAM,EAAE,EAC5B,EACF,GAAGb;QAEJ,IAAI,CAACA,KAAKE,GAAG,CAACY,IAAI,EAAE;YAClB,MAAM,IAAIvB,UAAUS,KAAKE,GAAG,CAACa,CAAC;QAChC;QAEA,MAAMC,YAAY3B,IAAI4B,KAAK,CAACjB,KAAKE,GAAG,CAACb,GAAG;QACxC,MAAM6B,YAAYF,UAAUG,QAAQ,KAAKf,OAAOgB,MAAM,CAACC,OAAO;QAE9D,IAAIP,OAAO,MAAMZ,IAAIU,OAAO,CAACU,EAAE,CAACC,OAAO,CAAM;YAC3CpB,YAAYQ,iBAAiBa,IAAI;YACjCtB;YACAuB,OAAO;gBAAEC,IAAI;oBAAEC,QAAQ3B,KAAKE,GAAG,CAACY,IAAI,CAACY,EAAE;gBAAC;YAAE;QAC5C;QAEA,MAAME,MAAM5B,KAAKE,GAAG,CAACY,IAAI,CAACe,IAAI;QAE9B,IAAIlB,iBAAiBmB,IAAI,CAACC,WAAW,IAAI,CAACpB,iBAAiBmB,IAAI,CAACE,oBAAoB,EAAE;YACpF,IAAI,CAACC,MAAMC,OAAO,CAACpB,KAAKqB,QAAQ,KAAK,CAACP,KAAK;gBACzC,MAAM,IAAIrC,UAAUS,KAAKE,GAAG,CAACa,CAAC;YAChC;YAEA,MAAMqB,kBAAkBtB,KAAKqB,QAAQ,CAACE,IAAI,CAAC,CAAC,EAAEX,EAAE,EAAkB,GAAKA,OAAOE;YAE9E,MAAMU,MAAM,IAAIC;YAChB,MAAMC,eAAe7B,iBAAiBmB,IAAI,CAACW,eAAe,GAAG;YAC7DL,gBAAgBM,SAAS,GAAG,IAAIH,KAAKD,IAAIK,OAAO,KAAKH;YAErD,sEAAsE;YACtE1B,KAAK8B,SAAS,GAAG;YAEjB,MAAM1C,IAAIU,OAAO,CAACU,EAAE,CAACuB,SAAS,CAAC;gBAC7BnB,IAAIZ,KAAKY,EAAE;gBACXvB,YAAYQ,iBAAiBa,IAAI;gBACjCsB,MAAM;oBACJ,GAAGhC,IAAI;oBACPqB,UAAUtC,sBAAsBiB,KAAKqB,QAAQ;gBAC/C;gBACAjC;gBACA6C,WAAW;YACb;QACF;QAEAjC,OAAO,MAAMZ,IAAIU,OAAO,CAACoC,QAAQ,CAAC;YAChCtB,IAAIZ,KAAKY,EAAE;YACXvB,YAAYQ,iBAAiBa,IAAI;YACjCyB,OAAO/B,YAAY,IAAIlB,KAAKG,UAAU,CAACC,MAAM,CAAC0B,IAAI,CAACmB,KAAK;YACxD/C,KAAKF,KAAKE,GAAG;QACf;QAEA,IAAIY,MAAM;YACRA,KAAKX,UAAU,GAAGH,KAAKE,GAAG,CAACY,IAAI,CAACX,UAAU;YAC1CW,KAAKoC,SAAS,GAAGlD,KAAKE,GAAG,CAACY,IAAI,CAACoC,SAAS;QAC1C;QAEA,IAAIC;QAEJ,wCAAwC;QACxC,4BAA4B;QAC5B,wCAAwC;QAExC,KAAK,MAAMC,eAAepD,KAAKG,UAAU,CAACC,MAAM,CAACC,KAAK,CAACgD,OAAO,CAAE;YAC9D,MAAMC,aAAa,MAAMF,YAAY;gBAAEpD;gBAAMc;YAAK;YAElD,IAAIwC,YAAY;gBACdH,SAASG;gBACT;YACF;QACF;QAEA,IAAI,CAACH,QAAQ;YACX,MAAMI,eAAe5D,gBAAgB;gBACnCgB;gBACA6C,OAAO1C,MAAM0C;gBACb5B;gBACAd,MAAMd,MAAME,KAAKY;YACnB;YAEA,MAAM,EAAE2C,GAAG,EAAEC,OAAOC,cAAc,EAAE,GAAG,MAAM/D,QAAQ;gBACnD2D;gBACA1C;gBACA4B,iBAAiB9B,iBAAiBmB,IAAI,CAACW,eAAe;YACxD;YAEAU,SAAS;gBACPM;gBACAE;gBACAC,WAAW;gBACX;;;;;SAKC,GACDC,UAAU7D,KAAKE,GAAG,CAACY,IAAI,CAACoC,SAAS;gBACjCpC;YACF;QACF;QAEA,wCAAwC;QACxC,6BAA6B;QAC7B,wCAAwC;QAExC,IAAIH,iBAAiBN,KAAK,EAAEyD,cAAcvD,QAAQ;YAChD,KAAK,MAAMC,QAAQG,iBAAiBN,KAAK,CAACyD,YAAY,CAAE;gBACtDX,SACE,AAAC,MAAM3C,KAAK;oBACVL,YAAYH,KAAKG,UAAU,EAAEC;oBAC7BK,SAAST,KAAKE,GAAG,CAACO,OAAO;oBACzBgD,KAAKN,OAAOM,GAAG;oBACfvD,KAAKF,KAAKE,GAAG;oBACbwD,OAAOP,OAAOQ,cAAc;gBAC9B,MAAOR;YACX;QACF;QAEA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExCA,SAAS,MAAM7D,oBAAoB;YACjCU;YACAG,YAAYH,KAAKG,UAAU,EAAEC;YAC7BM,WAAW;YACXyC;QACF;QAEA,wCAAwC;QACxC,iBAAiB;QACjB,wCAAwC;QAExC,IAAIlD,cAAc;YAChB,MAAMT,kBAAkBU;QAC1B;QAEA,OAAOiD;IACT,EAAE,OAAOY,OAAgB;QACvB,MAAMrE,gBAAgBM,KAAKE,GAAG;QAC9B,MAAM6D;IACR;AACF,EAAC"}
1
+ {"version":3,"sources":["../../../src/auth/operations/refresh.ts"],"sourcesContent":["import url from 'url'\n\nimport type { Collection } from '../../collections/config/types.js'\nimport type { Document, PayloadRequest } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utilities/buildAfterOperation.js'\nimport { buildBeforeOperation } from '../../collections/operations/utilities/buildBeforeOperation.js'\nimport { Forbidden } from '../../errors/index.js'\nimport { commitTransaction } from '../../utilities/commitTransaction.js'\nimport { initTransaction } from '../../utilities/initTransaction.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { getFieldsToSign } from '../getFieldsToSign.js'\nimport { jwtSign } from '../jwt.js'\nimport { removeExpiredSessions } from '../sessions.js'\n\nexport type Result = {\n exp: number\n refreshedToken: string\n setCookie?: boolean\n /** @deprecated\n * use:\n * ```ts\n * user._strategy\n * ```\n */\n strategy?: string\n user: Document\n}\n\nexport type Arguments = {\n collection: Collection\n req: PayloadRequest\n}\n\nexport const refreshOperation = async (incomingArgs: Arguments): Promise<Result> => {\n let args = incomingArgs\n\n try {\n const shouldCommit = await initTransaction(args.req)\n\n // /////////////////////////////////////\n // beforeOperation - Collection\n // /////////////////////////////////////\n\n args = await buildBeforeOperation({\n args,\n collection: args.collection.config,\n operation: 'refresh',\n })\n\n // /////////////////////////////////////\n // Refresh\n // /////////////////////////////////////\n\n const {\n collection: { config: collectionConfig },\n req,\n req: {\n payload: { config, secret },\n },\n } = args\n\n if (!args.req.user) {\n throw new Forbidden(args.req.t)\n }\n\n const parsedURL = url.parse(args.req.url!)\n const isGraphQL = parsedURL.pathname === config.routes.graphQL\n\n let user = await req.payload.db.findOne<any>({\n collection: collectionConfig.slug,\n req,\n where: { id: { equals: args.req.user.id } },\n })\n\n const sid = args.req.user._sid\n\n if (collectionConfig.auth.useSessions && !collectionConfig.auth.disableLocalStrategy) {\n if (!Array.isArray(user.sessions) || !sid) {\n throw new Forbidden(args.req.t)\n }\n\n const existingSession = user.sessions.find(({ id }: { id: number }) => id === sid)\n\n const now = new Date()\n const tokenExpInMs = collectionConfig.auth.tokenExpiration * 1000\n existingSession.expiresAt = new Date(now.getTime() + tokenExpInMs)\n\n // Prevent updatedAt from being updated when only refreshing a session\n user.updatedAt = null\n\n await req.payload.db.updateOne({\n id: user.id,\n collection: collectionConfig.slug,\n data: {\n ...user,\n sessions: removeExpiredSessions(user.sessions),\n },\n req,\n returning: false,\n })\n }\n\n user = await req.payload.findByID({\n id: user.id,\n collection: collectionConfig.slug,\n depth: isGraphQL ? 0 : args.collection.config.auth.depth,\n req: args.req,\n })\n\n if (user) {\n user.collection = args.req.user.collection\n user._strategy = args.req.user._strategy\n }\n\n let result!: Result\n\n // /////////////////////////////////////\n // refresh hook - Collection\n // /////////////////////////////////////\n\n for (const refreshHook of args.collection.config.hooks.refresh) {\n const hookResult = await refreshHook({ args, user })\n\n if (hookResult) {\n result = hookResult\n break\n }\n }\n\n if (!result) {\n const fieldsToSign = getFieldsToSign({\n collectionConfig,\n email: user?.email as string,\n sid,\n user: args?.req?.user,\n })\n\n const { exp, token: refreshedToken } = await jwtSign({\n fieldsToSign,\n secret,\n tokenExpiration: collectionConfig.auth.tokenExpiration,\n })\n\n result = {\n exp,\n refreshedToken,\n setCookie: true,\n /** @deprecated\n * use:\n * ```ts\n * user._strategy\n * ```\n */\n strategy: args.req.user._strategy,\n user,\n }\n }\n\n // /////////////////////////////////////\n // After Refresh - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.afterRefresh?.length) {\n for (const hook of collectionConfig.hooks.afterRefresh) {\n result =\n (await hook({\n collection: args.collection?.config,\n context: args.req.context,\n exp: result.exp,\n req: args.req,\n token: result.refreshedToken,\n })) || result\n }\n }\n\n // /////////////////////////////////////\n // afterOperation - Collection\n // /////////////////////////////////////\n\n result = await buildAfterOperation({\n args,\n collection: args.collection?.config,\n operation: 'refresh',\n result,\n })\n\n // /////////////////////////////////////\n // Return results\n // /////////////////////////////////////\n\n if (shouldCommit) {\n await commitTransaction(req)\n }\n\n return result\n } catch (error: unknown) {\n await killTransaction(args.req)\n throw error\n }\n}\n"],"names":["url","buildAfterOperation","buildBeforeOperation","Forbidden","commitTransaction","initTransaction","killTransaction","getFieldsToSign","jwtSign","removeExpiredSessions","refreshOperation","incomingArgs","args","shouldCommit","req","collection","config","operation","collectionConfig","payload","secret","user","t","parsedURL","parse","isGraphQL","pathname","routes","graphQL","db","findOne","slug","where","id","equals","sid","_sid","auth","useSessions","disableLocalStrategy","Array","isArray","sessions","existingSession","find","now","Date","tokenExpInMs","tokenExpiration","expiresAt","getTime","updatedAt","updateOne","data","returning","findByID","depth","_strategy","result","refreshHook","hooks","refresh","hookResult","fieldsToSign","email","exp","token","refreshedToken","setCookie","strategy","afterRefresh","length","hook","context","error"],"mappings":"AAAA,OAAOA,SAAS,MAAK;AAKrB,SAASC,mBAAmB,QAAQ,gEAA+D;AACnG,SAASC,oBAAoB,QAAQ,iEAAgE;AACrG,SAASC,SAAS,QAAQ,wBAAuB;AACjD,SAASC,iBAAiB,QAAQ,uCAAsC;AACxE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,OAAO,QAAQ,YAAW;AACnC,SAASC,qBAAqB,QAAQ,iBAAgB;AAqBtD,OAAO,MAAMC,mBAAmB,OAAOC;IACrC,IAAIC,OAAOD;IAEX,IAAI;QACF,MAAME,eAAe,MAAMR,gBAAgBO,KAAKE,GAAG;QAEnD,wCAAwC;QACxC,+BAA+B;QAC/B,wCAAwC;QAExCF,OAAO,MAAMV,qBAAqB;YAChCU;YACAG,YAAYH,KAAKG,UAAU,CAACC,MAAM;YAClCC,WAAW;QACb;QAEA,wCAAwC;QACxC,UAAU;QACV,wCAAwC;QAExC,MAAM,EACJF,YAAY,EAAEC,QAAQE,gBAAgB,EAAE,EACxCJ,GAAG,EACHA,KAAK,EACHK,SAAS,EAAEH,MAAM,EAAEI,MAAM,EAAE,EAC5B,EACF,GAAGR;QAEJ,IAAI,CAACA,KAAKE,GAAG,CAACO,IAAI,EAAE;YAClB,MAAM,IAAIlB,UAAUS,KAAKE,GAAG,CAACQ,CAAC;QAChC;QAEA,MAAMC,YAAYvB,IAAIwB,KAAK,CAACZ,KAAKE,GAAG,CAACd,GAAG;QACxC,MAAMyB,YAAYF,UAAUG,QAAQ,KAAKV,OAAOW,MAAM,CAACC,OAAO;QAE9D,IAAIP,OAAO,MAAMP,IAAIK,OAAO,CAACU,EAAE,CAACC,OAAO,CAAM;YAC3Cf,YAAYG,iBAAiBa,IAAI;YACjCjB;YACAkB,OAAO;gBAAEC,IAAI;oBAAEC,QAAQtB,KAAKE,GAAG,CAACO,IAAI,CAACY,EAAE;gBAAC;YAAE;QAC5C;QAEA,MAAME,MAAMvB,KAAKE,GAAG,CAACO,IAAI,CAACe,IAAI;QAE9B,IAAIlB,iBAAiBmB,IAAI,CAACC,WAAW,IAAI,CAACpB,iBAAiBmB,IAAI,CAACE,oBAAoB,EAAE;YACpF,IAAI,CAACC,MAAMC,OAAO,CAACpB,KAAKqB,QAAQ,KAAK,CAACP,KAAK;gBACzC,MAAM,IAAIhC,UAAUS,KAAKE,GAAG,CAACQ,CAAC;YAChC;YAEA,MAAMqB,kBAAkBtB,KAAKqB,QAAQ,CAACE,IAAI,CAAC,CAAC,EAAEX,EAAE,EAAkB,GAAKA,OAAOE;YAE9E,MAAMU,MAAM,IAAIC;YAChB,MAAMC,eAAe7B,iBAAiBmB,IAAI,CAACW,eAAe,GAAG;YAC7DL,gBAAgBM,SAAS,GAAG,IAAIH,KAAKD,IAAIK,OAAO,KAAKH;YAErD,sEAAsE;YACtE1B,KAAK8B,SAAS,GAAG;YAEjB,MAAMrC,IAAIK,OAAO,CAACU,EAAE,CAACuB,SAAS,CAAC;gBAC7BnB,IAAIZ,KAAKY,EAAE;gBACXlB,YAAYG,iBAAiBa,IAAI;gBACjCsB,MAAM;oBACJ,GAAGhC,IAAI;oBACPqB,UAAUjC,sBAAsBY,KAAKqB,QAAQ;gBAC/C;gBACA5B;gBACAwC,WAAW;YACb;QACF;QAEAjC,OAAO,MAAMP,IAAIK,OAAO,CAACoC,QAAQ,CAAC;YAChCtB,IAAIZ,KAAKY,EAAE;YACXlB,YAAYG,iBAAiBa,IAAI;YACjCyB,OAAO/B,YAAY,IAAIb,KAAKG,UAAU,CAACC,MAAM,CAACqB,IAAI,CAACmB,KAAK;YACxD1C,KAAKF,KAAKE,GAAG;QACf;QAEA,IAAIO,MAAM;YACRA,KAAKN,UAAU,GAAGH,KAAKE,GAAG,CAACO,IAAI,CAACN,UAAU;YAC1CM,KAAKoC,SAAS,GAAG7C,KAAKE,GAAG,CAACO,IAAI,CAACoC,SAAS;QAC1C;QAEA,IAAIC;QAEJ,wCAAwC;QACxC,4BAA4B;QAC5B,wCAAwC;QAExC,KAAK,MAAMC,eAAe/C,KAAKG,UAAU,CAACC,MAAM,CAAC4C,KAAK,CAACC,OAAO,CAAE;YAC9D,MAAMC,aAAa,MAAMH,YAAY;gBAAE/C;gBAAMS;YAAK;YAElD,IAAIyC,YAAY;gBACdJ,SAASI;gBACT;YACF;QACF;QAEA,IAAI,CAACJ,QAAQ;YACX,MAAMK,eAAexD,gBAAgB;gBACnCW;gBACA8C,OAAO3C,MAAM2C;gBACb7B;gBACAd,MAAMT,MAAME,KAAKO;YACnB;YAEA,MAAM,EAAE4C,GAAG,EAAEC,OAAOC,cAAc,EAAE,GAAG,MAAM3D,QAAQ;gBACnDuD;gBACA3C;gBACA4B,iBAAiB9B,iBAAiBmB,IAAI,CAACW,eAAe;YACxD;YAEAU,SAAS;gBACPO;gBACAE;gBACAC,WAAW;gBACX;;;;;SAKC,GACDC,UAAUzD,KAAKE,GAAG,CAACO,IAAI,CAACoC,SAAS;gBACjCpC;YACF;QACF;QAEA,wCAAwC;QACxC,6BAA6B;QAC7B,wCAAwC;QAExC,IAAIH,iBAAiB0C,KAAK,EAAEU,cAAcC,QAAQ;YAChD,KAAK,MAAMC,QAAQtD,iBAAiB0C,KAAK,CAACU,YAAY,CAAE;gBACtDZ,SACE,AAAC,MAAMc,KAAK;oBACVzD,YAAYH,KAAKG,UAAU,EAAEC;oBAC7ByD,SAAS7D,KAAKE,GAAG,CAAC2D,OAAO;oBACzBR,KAAKP,OAAOO,GAAG;oBACfnD,KAAKF,KAAKE,GAAG;oBACboD,OAAOR,OAAOS,cAAc;gBAC9B,MAAOT;YACX;QACF;QAEA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExCA,SAAS,MAAMzD,oBAAoB;YACjCW;YACAG,YAAYH,KAAKG,UAAU,EAAEC;YAC7BC,WAAW;YACXyC;QACF;QAEA,wCAAwC;QACxC,iBAAiB;QACjB,wCAAwC;QAExC,IAAI7C,cAAc;YAChB,MAAMT,kBAAkBU;QAC1B;QAEA,OAAO4C;IACT,EAAE,OAAOgB,OAAgB;QACvB,MAAMpE,gBAAgBM,KAAKE,GAAG;QAC9B,MAAM4D;IACR;AACF,EAAC"}
package/dist/auth/operations/resetPassword.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"resetPassword.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/resetPassword.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAA0B,MAAM,mCAAmC,CAAA;AAC3F,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AACpD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAc1D,MAAM,MAAM,MAAM,GAAG;IACnB,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAC9B,CAAA;AAED,MAAM,MAAM,SAAS,GAAG;IACtB,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE;QACJ,QAAQ,EAAE,MAAM,CAAA;QAChB,KAAK,EAAE,MAAM,CAAA;KACd,CAAA;IACD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,sBAAsB,GAAU,KAAK,SAAS,cAAc,QACjE,SAAS,KACd,OAAO,CAAC,MAAM,CAmNhB,CAAA"}
1
+ {"version":3,"file":"resetPassword.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/resetPassword.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAA0B,MAAM,mCAAmC,CAAA;AAC3F,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AACpD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAe1D,MAAM,MAAM,MAAM,GAAG;IACnB,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAC9B,CAAA;AAED,MAAM,MAAM,SAAS,GAAG;IACtB,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE;QACJ,QAAQ,EAAE,MAAM,CAAA;QAChB,KAAK,EAAE,MAAM,CAAA;KACd,CAAA;IACD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,sBAAsB,GAAU,KAAK,SAAS,cAAc,QACjE,SAAS,KACd,OAAO,CAAC,MAAM,CA4MhB,CAAA"}
package/dist/auth/operations/resetPassword.js CHANGED
@@ -1,5 +1,6 @@
1
1
  import { status as httpStatus } from 'http-status';
2
- import { buildAfterOperation } from '../../collections/operations/utils.js';
2
+ import { buildAfterOperation } from '../../collections/operations/utilities/buildAfterOperation.js';
3
+ import { buildBeforeOperation } from '../../collections/operations/utilities/buildBeforeOperation.js';
3
4
  import { APIError, Forbidden } from '../../errors/index.js';
4
5
  import { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js';
5
6
  import { commitTransaction } from '../../utilities/commitTransaction.js';
@@ -20,17 +21,11 @@ export const resetPasswordOperation = async (args)=>{
20
21
  }
21
22
  try {
22
23
  const shouldCommit = await initTransaction(req);
23
- if (args.collection.config.hooks?.beforeOperation?.length) {
24
- for (const hook of args.collection.config.hooks.beforeOperation){
25
- args = await hook({
26
- args,
27
- collection: args.collection?.config,
28
- context: args.req.context,
29
- operation: 'resetPassword',
30
- req: args.req
31
- }) || args;
32
- }
33
- }
24
+ args = await buildBeforeOperation({
25
+ args,
26
+ collection: args.collection.config,
27
+ operation: 'resetPassword'
28
+ });
34
29
  // /////////////////////////////////////
35
30
  // Reset Password
36
31
  // /////////////////////////////////////
package/dist/auth/operations/resetPassword.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../src/auth/operations/resetPassword.ts"],"sourcesContent":["import { status as httpStatus } from 'http-status'\n\nimport type { Collection, DataFromCollectionSlug } from '../../collections/config/types.js'\nimport type { CollectionSlug } from '../../index.js'\nimport type { PayloadRequest } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utils.js'\nimport { APIError, Forbidden } from '../../errors/index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\nimport { commitTransaction } from '../../utilities/commitTransaction.js'\nimport { initTransaction } from '../../utilities/initTransaction.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { getFieldsToSign } from '../getFieldsToSign.js'\nimport { jwtSign } from '../jwt.js'\nimport { addSessionToUser } from '../sessions.js'\nimport { authenticateLocalStrategy } from '../strategies/local/authenticate.js'\nimport { generatePasswordSaltHash } from '../strategies/local/generatePasswordSaltHash.js'\n\nexport type Result = {\n token?: string\n user: Record<string, unknown>\n}\n\nexport type Arguments = {\n collection: Collection\n data: {\n password: string\n token: string\n }\n depth?: number\n overrideAccess?: boolean\n req: PayloadRequest\n}\n\nexport const resetPasswordOperation = async <TSlug extends CollectionSlug>(\n args: Arguments,\n): Promise<Result> => {\n const {\n collection: { config: collectionConfig },\n data,\n depth,\n overrideAccess,\n req: {\n payload: { secret },\n payload,\n },\n req,\n } = args\n\n if (\n !Object.prototype.hasOwnProperty.call(data, 'token') ||\n !Object.prototype.hasOwnProperty.call(data, 'password')\n ) {\n throw new APIError('Missing required data.', httpStatus.BAD_REQUEST)\n }\n\n if (collectionConfig.auth.disableLocalStrategy) {\n throw new Forbidden(req.t)\n }\n\n try {\n const shouldCommit = await initTransaction(req)\n\n if (args.collection.config.hooks?.beforeOperation?.length) {\n for (const hook of args.collection.config.hooks.beforeOperation) {\n args =\n (await hook({\n args,\n collection: args.collection?.config,\n context: args.req.context,\n operation: 'resetPassword',\n req: args.req,\n })) || args\n }\n }\n\n // /////////////////////////////////////\n // Reset Password\n // /////////////////////////////////////\n\n const where = appendNonTrashedFilter({\n enableTrash: Boolean(collectionConfig.trash),\n trash: false,\n where: {\n resetPasswordExpiration: { greater_than: new Date().toISOString() },\n resetPasswordToken: { equals: data.token },\n },\n })\n\n const user = await payload.db.findOne<any>({\n collection: collectionConfig.slug,\n req,\n where,\n })\n\n if (!user) {\n throw new APIError('Token is either invalid or has expired.', httpStatus.FORBIDDEN)\n }\n\n // TODO: replace this method\n const { hash, salt } = await generatePasswordSaltHash({\n collection: collectionConfig,\n password: data.password,\n req,\n })\n\n user.salt = salt\n user.hash = hash\n\n user.resetPasswordExpiration = new Date().toISOString()\n\n if (collectionConfig.auth.verify) {\n user._verified = Boolean(user._verified)\n }\n // /////////////////////////////////////\n // beforeValidate - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.beforeValidate?.length) {\n for (const hook of collectionConfig.hooks.beforeValidate) {\n await hook({\n collection: args.collection?.config,\n context: req.context,\n data: user,\n operation: 'update',\n req,\n })\n }\n }\n\n // /////////////////////////////////////\n // Update new password\n // /////////////////////////////////////\n\n // Ensure updatedAt date is always updated\n user.updatedAt = new Date().toISOString()\n\n const doc = await payload.db.updateOne({\n id: user.id,\n collection: collectionConfig.slug,\n data: user,\n req,\n })\n\n await authenticateLocalStrategy({ doc, password: data.password })\n\n const fieldsToSignArgs: Parameters<typeof getFieldsToSign>[0] = {\n collectionConfig,\n email: user.email,\n user,\n }\n\n const { sid } = await addSessionToUser({\n collectionConfig,\n payload,\n req,\n user,\n })\n\n if (sid) {\n fieldsToSignArgs.sid = sid\n }\n\n const fieldsToSign = getFieldsToSign(fieldsToSignArgs)\n\n // /////////////////////////////////////\n // beforeLogin - Collection\n // /////////////////////////////////////\n\n let userBeforeLogin = user\n\n if (collectionConfig.hooks?.beforeLogin?.length) {\n for (const hook of collectionConfig.hooks.beforeLogin) {\n userBeforeLogin =\n (await hook({\n collection: args.collection?.config,\n context: args.req.context,\n req: args.req,\n user: userBeforeLogin,\n })) || userBeforeLogin\n }\n }\n\n const { token } = await jwtSign({\n fieldsToSign,\n secret,\n tokenExpiration: collectionConfig.auth.tokenExpiration,\n })\n\n req.user = userBeforeLogin\n\n // /////////////////////////////////////\n // afterLogin - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.afterLogin?.length) {\n for (const hook of collectionConfig.hooks.afterLogin) {\n userBeforeLogin =\n (await hook({\n collection: args.collection?.config,\n context: args.req.context,\n req: args.req,\n token,\n user: userBeforeLogin,\n })) || userBeforeLogin\n }\n }\n\n const fullUser = await payload.findByID({\n id: user.id,\n collection: collectionConfig.slug,\n depth,\n overrideAccess,\n req,\n trash: false,\n })\n\n if (shouldCommit) {\n await commitTransaction(req)\n }\n\n if (fullUser) {\n fullUser.collection = collectionConfig.slug\n fullUser._strategy = 'local-jwt'\n }\n\n let result: { user: DataFromCollectionSlug<TSlug> } & Result = {\n token,\n user: fullUser,\n }\n\n // /////////////////////////////////////\n // afterOperation - Collection\n // /////////////////////////////////////\n\n result = await buildAfterOperation({\n args,\n collection: args.collection?.config,\n operation: 'resetPassword',\n result,\n })\n\n return result\n } catch (error: unknown) {\n await killTransaction(req)\n throw error\n }\n}\n"],"names":["status","httpStatus","buildAfterOperation","APIError","Forbidden","appendNonTrashedFilter","commitTransaction","initTransaction","killTransaction","getFieldsToSign","jwtSign","addSessionToUser","authenticateLocalStrategy","generatePasswordSaltHash","resetPasswordOperation","args","collection","config","collectionConfig","data","depth","overrideAccess","req","payload","secret","Object","prototype","hasOwnProperty","call","BAD_REQUEST","auth","disableLocalStrategy","t","shouldCommit","hooks","beforeOperation","length","hook","context","operation","where","enableTrash","Boolean","trash","resetPasswordExpiration","greater_than","Date","toISOString","resetPasswordToken","equals","token","user","db","findOne","slug","FORBIDDEN","hash","salt","password","verify","_verified","beforeValidate","updatedAt","doc","updateOne","id","fieldsToSignArgs","email","sid","fieldsToSign","userBeforeLogin","beforeLogin","tokenExpiration","afterLogin","fullUser","findByID","_strategy","result","error"],"mappings":"AAAA,SAASA,UAAUC,UAAU,QAAQ,cAAa;AAMlD,SAASC,mBAAmB,QAAQ,wCAAuC;AAC3E,SAASC,QAAQ,EAAEC,SAAS,QAAQ,wBAAuB;AAC3D,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,iBAAiB,QAAQ,uCAAsC;AACxE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,OAAO,QAAQ,YAAW;AACnC,SAASC,gBAAgB,QAAQ,iBAAgB;AACjD,SAASC,yBAAyB,QAAQ,sCAAqC;AAC/E,SAASC,wBAAwB,QAAQ,kDAAiD;AAkB1F,OAAO,MAAMC,yBAAyB,OACpCC;IAEA,MAAM,EACJC,YAAY,EAAEC,QAAQC,gBAAgB,EAAE,EACxCC,IAAI,EACJC,KAAK,EACLC,cAAc,EACdC,KAAK,EACHC,SAAS,EAAEC,MAAM,EAAE,EACnBD,OAAO,EACR,EACDD,GAAG,EACJ,GAAGP;IAEJ,IACE,CAACU,OAAOC,SAAS,CAACC,cAAc,CAACC,IAAI,CAACT,MAAM,YAC5C,CAACM,OAAOC,SAAS,CAACC,cAAc,CAACC,IAAI,CAACT,MAAM,aAC5C;QACA,MAAM,IAAIhB,SAAS,0BAA0BF,WAAW4B,WAAW;IACrE;IAEA,IAAIX,iBAAiBY,IAAI,CAACC,oBAAoB,EAAE;QAC9C,MAAM,IAAI3B,UAAUkB,IAAIU,CAAC;IAC3B;IAEA,IAAI;QACF,MAAMC,eAAe,MAAM1B,gBAAgBe;QAE3C,IAAIP,KAAKC,UAAU,CAACC,MAAM,CAACiB,KAAK,EAAEC,iBAAiBC,QAAQ;YACzD,KAAK,MAAMC,QAAQtB,KAAKC,UAAU,CAACC,MAAM,CAACiB,KAAK,CAACC,eAAe,CAAE;gBAC/DpB,OACE,AAAC,MAAMsB,KAAK;oBACVtB;oBACAC,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BqB,SAASvB,KAAKO,GAAG,CAACgB,OAAO;oBACzBC,WAAW;oBACXjB,KAAKP,KAAKO,GAAG;gBACf,MAAOP;YACX;QACF;QAEA,wCAAwC;QACxC,iBAAiB;QACjB,wCAAwC;QAExC,MAAMyB,QAAQnC,uBAAuB;YACnCoC,aAAaC,QAAQxB,iBAAiByB,KAAK;YAC3CA,OAAO;YACPH,OAAO;gBACLI,yBAAyB;oBAAEC,cAAc,IAAIC,OAAOC,WAAW;gBAAG;gBAClEC,oBAAoB;oBAAEC,QAAQ9B,KAAK+B,KAAK;gBAAC;YAC3C;QACF;QAEA,MAAMC,OAAO,MAAM5B,QAAQ6B,EAAE,CAACC,OAAO,CAAM;YACzCrC,YAAYE,iBAAiBoC,IAAI;YACjChC;YACAkB;QACF;QAEA,IAAI,CAACW,MAAM;YACT,MAAM,IAAIhD,SAAS,2CAA2CF,WAAWsD,SAAS;QACpF;QAEA,4BAA4B;QAC5B,MAAM,EAAEC,IAAI,EAAEC,IAAI,EAAE,GAAG,MAAM5C,yBAAyB;YACpDG,YAAYE;YACZwC,UAAUvC,KAAKuC,QAAQ;YACvBpC;QACF;QAEA6B,KAAKM,IAAI,GAAGA;QACZN,KAAKK,IAAI,GAAGA;QAEZL,KAAKP,uBAAuB,GAAG,IAAIE,OAAOC,WAAW;QAErD,IAAI7B,iBAAiBY,IAAI,CAAC6B,MAAM,EAAE;YAChCR,KAAKS,SAAS,GAAGlB,QAAQS,KAAKS,SAAS;QACzC;QACA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExC,IAAI1C,iBAAiBgB,KAAK,EAAE2B,gBAAgBzB,QAAQ;YAClD,KAAK,MAAMC,QAAQnB,iBAAiBgB,KAAK,CAAC2B,cAAc,CAAE;gBACxD,MAAMxB,KAAK;oBACTrB,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BqB,SAAShB,IAAIgB,OAAO;oBACpBnB,MAAMgC;oBACNZ,WAAW;oBACXjB;gBACF;YACF;QACF;QAEA,wCAAwC;QACxC,sBAAsB;QACtB,wCAAwC;QAExC,0CAA0C;QAC1C6B,KAAKW,SAAS,GAAG,IAAIhB,OAAOC,WAAW;QAEvC,MAAMgB,MAAM,MAAMxC,QAAQ6B,EAAE,CAACY,SAAS,CAAC;YACrCC,IAAId,KAAKc,EAAE;YACXjD,YAAYE,iBAAiBoC,IAAI;YACjCnC,MAAMgC;YACN7B;QACF;QAEA,MAAMV,0BAA0B;YAAEmD;YAAKL,UAAUvC,KAAKuC,QAAQ;QAAC;QAE/D,MAAMQ,mBAA0D;YAC9DhD;YACAiD,OAAOhB,KAAKgB,KAAK;YACjBhB;QACF;QAEA,MAAM,EAAEiB,GAAG,EAAE,GAAG,MAAMzD,iBAAiB;YACrCO;YACAK;YACAD;YACA6B;QACF;QAEA,IAAIiB,KAAK;YACPF,iBAAiBE,GAAG,GAAGA;QACzB;QAEA,MAAMC,eAAe5D,gBAAgByD;QAErC,wCAAwC;QACxC,2BAA2B;QAC3B,wCAAwC;QAExC,IAAII,kBAAkBnB;QAEtB,IAAIjC,iBAAiBgB,KAAK,EAAEqC,aAAanC,QAAQ;YAC/C,KAAK,MAAMC,QAAQnB,iBAAiBgB,KAAK,CAACqC,WAAW,CAAE;gBACrDD,kBACE,AAAC,MAAMjC,KAAK;oBACVrB,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BqB,SAASvB,KAAKO,GAAG,CAACgB,OAAO;oBACzBhB,KAAKP,KAAKO,GAAG;oBACb6B,MAAMmB;gBACR,MAAOA;YACX;QACF;QAEA,MAAM,EAAEpB,KAAK,EAAE,GAAG,MAAMxC,QAAQ;YAC9B2D;YACA7C;YACAgD,iBAAiBtD,iBAAiBY,IAAI,CAAC0C,eAAe;QACxD;QAEAlD,IAAI6B,IAAI,GAAGmB;QAEX,wCAAwC;QACxC,0BAA0B;QAC1B,wCAAwC;QAExC,IAAIpD,iBAAiBgB,KAAK,EAAEuC,YAAYrC,QAAQ;YAC9C,KAAK,MAAMC,QAAQnB,iBAAiBgB,KAAK,CAACuC,UAAU,CAAE;gBACpDH,kBACE,AAAC,MAAMjC,KAAK;oBACVrB,YAAYD,KAAKC,UAAU,EAAEC;oBAC7BqB,SAASvB,KAAKO,GAAG,CAACgB,OAAO;oBACzBhB,KAAKP,KAAKO,GAAG;oBACb4B;oBACAC,MAAMmB;gBACR,MAAOA;YACX;QACF;QAEA,MAAMI,WAAW,MAAMnD,QAAQoD,QAAQ,CAAC;YACtCV,IAAId,KAAKc,EAAE;YACXjD,YAAYE,iBAAiBoC,IAAI;YACjClC;YACAC;YACAC;YACAqB,OAAO;QACT;QAEA,IAAIV,cAAc;YAChB,MAAM3B,kBAAkBgB;QAC1B;QAEA,IAAIoD,UAAU;YACZA,SAAS1D,UAAU,GAAGE,iBAAiBoC,IAAI;YAC3CoB,SAASE,SAAS,GAAG;QACvB;QAEA,IAAIC,SAA2D;YAC7D3B;YACAC,MAAMuB;QACR;QAEA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExCG,SAAS,MAAM3E,oBAAoB;YACjCa;YACAC,YAAYD,KAAKC,UAAU,EAAEC;YAC7BsB,WAAW;YACXsC;QACF;QAEA,OAAOA;IACT,EAAE,OAAOC,OAAgB;QACvB,MAAMtE,gBAAgBc;QACtB,MAAMwD;IACR;AACF,EAAC"}
1
+ {"version":3,"sources":["../../../src/auth/operations/resetPassword.ts"],"sourcesContent":["import { status as httpStatus } from 'http-status'\n\nimport type { Collection, DataFromCollectionSlug } from '../../collections/config/types.js'\nimport type { CollectionSlug } from '../../index.js'\nimport type { PayloadRequest } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utilities/buildAfterOperation.js'\nimport { buildBeforeOperation } from '../../collections/operations/utilities/buildBeforeOperation.js'\nimport { APIError, Forbidden } from '../../errors/index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\nimport { commitTransaction } from '../../utilities/commitTransaction.js'\nimport { initTransaction } from '../../utilities/initTransaction.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { getFieldsToSign } from '../getFieldsToSign.js'\nimport { jwtSign } from '../jwt.js'\nimport { addSessionToUser } from '../sessions.js'\nimport { authenticateLocalStrategy } from '../strategies/local/authenticate.js'\nimport { generatePasswordSaltHash } from '../strategies/local/generatePasswordSaltHash.js'\n\nexport type Result = {\n token?: string\n user: Record<string, unknown>\n}\n\nexport type Arguments = {\n collection: Collection\n data: {\n password: string\n token: string\n }\n depth?: number\n overrideAccess?: boolean\n req: PayloadRequest\n}\n\nexport const resetPasswordOperation = async <TSlug extends CollectionSlug>(\n args: Arguments,\n): Promise<Result> => {\n const {\n collection: { config: collectionConfig },\n data,\n depth,\n overrideAccess,\n req: {\n payload: { secret },\n payload,\n },\n req,\n } = args\n\n if (\n !Object.prototype.hasOwnProperty.call(data, 'token') ||\n !Object.prototype.hasOwnProperty.call(data, 'password')\n ) {\n throw new APIError('Missing required data.', httpStatus.BAD_REQUEST)\n }\n\n if (collectionConfig.auth.disableLocalStrategy) {\n throw new Forbidden(req.t)\n }\n\n try {\n const shouldCommit = await initTransaction(req)\n\n args = await buildBeforeOperation({\n args,\n collection: args.collection.config,\n operation: 'resetPassword',\n })\n\n // /////////////////////////////////////\n // Reset Password\n // /////////////////////////////////////\n\n const where = appendNonTrashedFilter({\n enableTrash: Boolean(collectionConfig.trash),\n trash: false,\n where: {\n resetPasswordExpiration: { greater_than: new Date().toISOString() },\n resetPasswordToken: { equals: data.token },\n },\n })\n\n const user = await payload.db.findOne<any>({\n collection: collectionConfig.slug,\n req,\n where,\n })\n\n if (!user) {\n throw new APIError('Token is either invalid or has expired.', httpStatus.FORBIDDEN)\n }\n\n // TODO: replace this method\n const { hash, salt } = await generatePasswordSaltHash({\n collection: collectionConfig,\n password: data.password,\n req,\n })\n\n user.salt = salt\n user.hash = hash\n\n user.resetPasswordExpiration = new Date().toISOString()\n\n if (collectionConfig.auth.verify) {\n user._verified = Boolean(user._verified)\n }\n // /////////////////////////////////////\n // beforeValidate - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.beforeValidate?.length) {\n for (const hook of collectionConfig.hooks.beforeValidate) {\n await hook({\n collection: args.collection?.config,\n context: req.context,\n data: user,\n operation: 'update',\n req,\n })\n }\n }\n\n // /////////////////////////////////////\n // Update new password\n // /////////////////////////////////////\n\n // Ensure updatedAt date is always updated\n user.updatedAt = new Date().toISOString()\n\n const doc = await payload.db.updateOne({\n id: user.id,\n collection: collectionConfig.slug,\n data: user,\n req,\n })\n\n await authenticateLocalStrategy({ doc, password: data.password })\n\n const fieldsToSignArgs: Parameters<typeof getFieldsToSign>[0] = {\n collectionConfig,\n email: user.email,\n user,\n }\n\n const { sid } = await addSessionToUser({\n collectionConfig,\n payload,\n req,\n user,\n })\n\n if (sid) {\n fieldsToSignArgs.sid = sid\n }\n\n const fieldsToSign = getFieldsToSign(fieldsToSignArgs)\n\n // /////////////////////////////////////\n // beforeLogin - Collection\n // /////////////////////////////////////\n\n let userBeforeLogin = user\n\n if (collectionConfig.hooks?.beforeLogin?.length) {\n for (const hook of collectionConfig.hooks.beforeLogin) {\n userBeforeLogin =\n (await hook({\n collection: args.collection?.config,\n context: args.req.context,\n req: args.req,\n user: userBeforeLogin,\n })) || userBeforeLogin\n }\n }\n\n const { token } = await jwtSign({\n fieldsToSign,\n secret,\n tokenExpiration: collectionConfig.auth.tokenExpiration,\n })\n\n req.user = userBeforeLogin\n\n // /////////////////////////////////////\n // afterLogin - Collection\n // /////////////////////////////////////\n\n if (collectionConfig.hooks?.afterLogin?.length) {\n for (const hook of collectionConfig.hooks.afterLogin) {\n userBeforeLogin =\n (await hook({\n collection: args.collection?.config,\n context: args.req.context,\n req: args.req,\n token,\n user: userBeforeLogin,\n })) || userBeforeLogin\n }\n }\n\n const fullUser = await payload.findByID({\n id: user.id,\n collection: collectionConfig.slug,\n depth,\n overrideAccess,\n req,\n trash: false,\n })\n\n if (shouldCommit) {\n await commitTransaction(req)\n }\n\n if (fullUser) {\n fullUser.collection = collectionConfig.slug\n fullUser._strategy = 'local-jwt'\n }\n\n let result: { user: DataFromCollectionSlug<TSlug> } & Result = {\n token,\n user: fullUser,\n }\n\n // /////////////////////////////////////\n // afterOperation - Collection\n // /////////////////////////////////////\n\n result = await buildAfterOperation({\n args,\n collection: args.collection?.config,\n operation: 'resetPassword',\n result,\n })\n\n return result\n } catch (error: unknown) {\n await killTransaction(req)\n throw error\n }\n}\n"],"names":["status","httpStatus","buildAfterOperation","buildBeforeOperation","APIError","Forbidden","appendNonTrashedFilter","commitTransaction","initTransaction","killTransaction","getFieldsToSign","jwtSign","addSessionToUser","authenticateLocalStrategy","generatePasswordSaltHash","resetPasswordOperation","args","collection","config","collectionConfig","data","depth","overrideAccess","req","payload","secret","Object","prototype","hasOwnProperty","call","BAD_REQUEST","auth","disableLocalStrategy","t","shouldCommit","operation","where","enableTrash","Boolean","trash","resetPasswordExpiration","greater_than","Date","toISOString","resetPasswordToken","equals","token","user","db","findOne","slug","FORBIDDEN","hash","salt","password","verify","_verified","hooks","beforeValidate","length","hook","context","updatedAt","doc","updateOne","id","fieldsToSignArgs","email","sid","fieldsToSign","userBeforeLogin","beforeLogin","tokenExpiration","afterLogin","fullUser","findByID","_strategy","result","error"],"mappings":"AAAA,SAASA,UAAUC,UAAU,QAAQ,cAAa;AAMlD,SAASC,mBAAmB,QAAQ,gEAA+D;AACnG,SAASC,oBAAoB,QAAQ,iEAAgE;AACrG,SAASC,QAAQ,EAAEC,SAAS,QAAQ,wBAAuB;AAC3D,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,iBAAiB,QAAQ,uCAAsC;AACxE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,OAAO,QAAQ,YAAW;AACnC,SAASC,gBAAgB,QAAQ,iBAAgB;AACjD,SAASC,yBAAyB,QAAQ,sCAAqC;AAC/E,SAASC,wBAAwB,QAAQ,kDAAiD;AAkB1F,OAAO,MAAMC,yBAAyB,OACpCC;IAEA,MAAM,EACJC,YAAY,EAAEC,QAAQC,gBAAgB,EAAE,EACxCC,IAAI,EACJC,KAAK,EACLC,cAAc,EACdC,KAAK,EACHC,SAAS,EAAEC,MAAM,EAAE,EACnBD,OAAO,EACR,EACDD,GAAG,EACJ,GAAGP;IAEJ,IACE,CAACU,OAAOC,SAAS,CAACC,cAAc,CAACC,IAAI,CAACT,MAAM,YAC5C,CAACM,OAAOC,SAAS,CAACC,cAAc,CAACC,IAAI,CAACT,MAAM,aAC5C;QACA,MAAM,IAAIhB,SAAS,0BAA0BH,WAAW6B,WAAW;IACrE;IAEA,IAAIX,iBAAiBY,IAAI,CAACC,oBAAoB,EAAE;QAC9C,MAAM,IAAI3B,UAAUkB,IAAIU,CAAC;IAC3B;IAEA,IAAI;QACF,MAAMC,eAAe,MAAM1B,gBAAgBe;QAE3CP,OAAO,MAAMb,qBAAqB;YAChCa;YACAC,YAAYD,KAAKC,UAAU,CAACC,MAAM;YAClCiB,WAAW;QACb;QAEA,wCAAwC;QACxC,iBAAiB;QACjB,wCAAwC;QAExC,MAAMC,QAAQ9B,uBAAuB;YACnC+B,aAAaC,QAAQnB,iBAAiBoB,KAAK;YAC3CA,OAAO;YACPH,OAAO;gBACLI,yBAAyB;oBAAEC,cAAc,IAAIC,OAAOC,WAAW;gBAAG;gBAClEC,oBAAoB;oBAAEC,QAAQzB,KAAK0B,KAAK;gBAAC;YAC3C;QACF;QAEA,MAAMC,OAAO,MAAMvB,QAAQwB,EAAE,CAACC,OAAO,CAAM;YACzChC,YAAYE,iBAAiB+B,IAAI;YACjC3B;YACAa;QACF;QAEA,IAAI,CAACW,MAAM;YACT,MAAM,IAAI3C,SAAS,2CAA2CH,WAAWkD,SAAS;QACpF;QAEA,4BAA4B;QAC5B,MAAM,EAAEC,IAAI,EAAEC,IAAI,EAAE,GAAG,MAAMvC,yBAAyB;YACpDG,YAAYE;YACZmC,UAAUlC,KAAKkC,QAAQ;YACvB/B;QACF;QAEAwB,KAAKM,IAAI,GAAGA;QACZN,KAAKK,IAAI,GAAGA;QAEZL,KAAKP,uBAAuB,GAAG,IAAIE,OAAOC,WAAW;QAErD,IAAIxB,iBAAiBY,IAAI,CAACwB,MAAM,EAAE;YAChCR,KAAKS,SAAS,GAAGlB,QAAQS,KAAKS,SAAS;QACzC;QACA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExC,IAAIrC,iBAAiBsC,KAAK,EAAEC,gBAAgBC,QAAQ;YAClD,KAAK,MAAMC,QAAQzC,iBAAiBsC,KAAK,CAACC,cAAc,CAAE;gBACxD,MAAME,KAAK;oBACT3C,YAAYD,KAAKC,UAAU,EAAEC;oBAC7B2C,SAAStC,IAAIsC,OAAO;oBACpBzC,MAAM2B;oBACNZ,WAAW;oBACXZ;gBACF;YACF;QACF;QAEA,wCAAwC;QACxC,sBAAsB;QACtB,wCAAwC;QAExC,0CAA0C;QAC1CwB,KAAKe,SAAS,GAAG,IAAIpB,OAAOC,WAAW;QAEvC,MAAMoB,MAAM,MAAMvC,QAAQwB,EAAE,CAACgB,SAAS,CAAC;YACrCC,IAAIlB,KAAKkB,EAAE;YACXhD,YAAYE,iBAAiB+B,IAAI;YACjC9B,MAAM2B;YACNxB;QACF;QAEA,MAAMV,0BAA0B;YAAEkD;YAAKT,UAAUlC,KAAKkC,QAAQ;QAAC;QAE/D,MAAMY,mBAA0D;YAC9D/C;YACAgD,OAAOpB,KAAKoB,KAAK;YACjBpB;QACF;QAEA,MAAM,EAAEqB,GAAG,EAAE,GAAG,MAAMxD,iBAAiB;YACrCO;YACAK;YACAD;YACAwB;QACF;QAEA,IAAIqB,KAAK;YACPF,iBAAiBE,GAAG,GAAGA;QACzB;QAEA,MAAMC,eAAe3D,gBAAgBwD;QAErC,wCAAwC;QACxC,2BAA2B;QAC3B,wCAAwC;QAExC,IAAII,kBAAkBvB;QAEtB,IAAI5B,iBAAiBsC,KAAK,EAAEc,aAAaZ,QAAQ;YAC/C,KAAK,MAAMC,QAAQzC,iBAAiBsC,KAAK,CAACc,WAAW,CAAE;gBACrDD,kBACE,AAAC,MAAMV,KAAK;oBACV3C,YAAYD,KAAKC,UAAU,EAAEC;oBAC7B2C,SAAS7C,KAAKO,GAAG,CAACsC,OAAO;oBACzBtC,KAAKP,KAAKO,GAAG;oBACbwB,MAAMuB;gBACR,MAAOA;YACX;QACF;QAEA,MAAM,EAAExB,KAAK,EAAE,GAAG,MAAMnC,QAAQ;YAC9B0D;YACA5C;YACA+C,iBAAiBrD,iBAAiBY,IAAI,CAACyC,eAAe;QACxD;QAEAjD,IAAIwB,IAAI,GAAGuB;QAEX,wCAAwC;QACxC,0BAA0B;QAC1B,wCAAwC;QAExC,IAAInD,iBAAiBsC,KAAK,EAAEgB,YAAYd,QAAQ;YAC9C,KAAK,MAAMC,QAAQzC,iBAAiBsC,KAAK,CAACgB,UAAU,CAAE;gBACpDH,kBACE,AAAC,MAAMV,KAAK;oBACV3C,YAAYD,KAAKC,UAAU,EAAEC;oBAC7B2C,SAAS7C,KAAKO,GAAG,CAACsC,OAAO;oBACzBtC,KAAKP,KAAKO,GAAG;oBACbuB;oBACAC,MAAMuB;gBACR,MAAOA;YACX;QACF;QAEA,MAAMI,WAAW,MAAMlD,QAAQmD,QAAQ,CAAC;YACtCV,IAAIlB,KAAKkB,EAAE;YACXhD,YAAYE,iBAAiB+B,IAAI;YACjC7B;YACAC;YACAC;YACAgB,OAAO;QACT;QAEA,IAAIL,cAAc;YAChB,MAAM3B,kBAAkBgB;QAC1B;QAEA,IAAImD,UAAU;YACZA,SAASzD,UAAU,GAAGE,iBAAiB+B,IAAI;YAC3CwB,SAASE,SAAS,GAAG;QACvB;QAEA,IAAIC,SAA2D;YAC7D/B;YACAC,MAAM2B;QACR;QAEA,wCAAwC;QACxC,8BAA8B;QAC9B,wCAAwC;QAExCG,SAAS,MAAM3E,oBAAoB;YACjCc;YACAC,YAAYD,KAAKC,UAAU,EAAEC;YAC7BiB,WAAW;YACX0C;QACF;QAEA,OAAOA;IACT,EAAE,OAAOC,OAAgB;QACvB,MAAMrE,gBAAgBc;QACtB,MAAMuD;IACR;AACF,EAAC"}
package/dist/auth/operations/unlock.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"unlock.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/unlock.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,gCAAgC,EAChC,UAAU,EACX,MAAM,mCAAmC,CAAA;AAC1C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AACpD,OAAO,KAAK,EAAE,cAAc,EAAS,MAAM,sBAAsB,CAAA;AAYjE,MAAM,MAAM,SAAS,CAAC,KAAK,SAAS,cAAc,IAAI;IACpD,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE,gCAAgC,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,CAAA;IACvD,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,eAAe,GAAU,KAAK,SAAS,cAAc,QAC1D,SAAS,CAAC,KAAK,CAAC,KACrB,OAAO,CAAC,OAAO,CAsGjB,CAAA"}
1
+ {"version":3,"file":"unlock.d.ts","sourceRoot":"","sources":["../../../src/auth/operations/unlock.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,gCAAgC,EAChC,UAAU,EACX,MAAM,mCAAmC,CAAA;AAC1C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AACpD,OAAO,KAAK,EAAE,cAAc,EAAS,MAAM,sBAAsB,CAAA;AAcjE,MAAM,MAAM,SAAS,CAAC,KAAK,SAAS,cAAc,IAAI;IACpD,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE,gCAAgC,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,CAAA;IACvD,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,GAAG,EAAE,cAAc,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,eAAe,GAAU,KAAK,SAAS,cAAc,QAC1D,SAAS,CAAC,KAAK,CAAC,KACrB,OAAO,CAAC,OAAO,CAmHjB,CAAA"}
package/dist/auth/operations/unlock.js CHANGED
@@ -1,4 +1,6 @@
1
1
  import { status as httpStatus } from 'http-status';
2
+ import { buildAfterOperation } from '../../collections/operations/utilities/buildAfterOperation.js';
3
+ import { buildBeforeOperation } from '../../collections/operations/utilities/buildBeforeOperation.js';
2
4
  import { APIError } from '../../errors/index.js';
3
5
  import { combineQueries, Forbidden } from '../../index.js';
4
6
  import { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js';
@@ -21,6 +23,11 @@ export const unlockOperation = async (args)=>{
21
23
  throw new APIError(`Missing ${collectionConfig.auth.loginWithUsername ? 'username' : 'email'}.`, httpStatus.BAD_REQUEST);
22
24
  }
23
25
  try {
26
+ args = await buildBeforeOperation({
27
+ args,
28
+ collection: args.collection.config,
29
+ operation: 'unlock'
30
+ });
24
31
  const shouldCommit = await initTransaction(req);
25
32
  let whereConstraint = {};
26
33
  // /////////////////////////////////////
@@ -78,7 +85,13 @@ export const unlockOperation = async (args)=>{
78
85
  if (shouldCommit) {
79
86
  await commitTransaction(req);
80
87
  }
81
- return result;
88
+ result = await buildAfterOperation({
89
+ args,
90
+ collection: args.collection.config,
91
+ operation: 'unlock',
92
+ result
93
+ });
94
+ return Boolean(result);
82
95
  } catch (error) {
83
96
  await killTransaction(req);
84
97
  throw error;
package/dist/auth/operations/unlock.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../src/auth/operations/unlock.ts"],"sourcesContent":["import { status as httpStatus } from 'http-status'\n\nimport type {\n AuthOperationsFromCollectionSlug,\n Collection,\n} from '../../collections/config/types.js'\nimport type { CollectionSlug } from '../../index.js'\nimport type { PayloadRequest, Where } from '../../types/index.js'\n\nimport { APIError } from '../../errors/index.js'\nimport { combineQueries, Forbidden } from '../../index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\nimport { commitTransaction } from '../../utilities/commitTransaction.js'\nimport { initTransaction } from '../../utilities/initTransaction.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { executeAccess } from '../executeAccess.js'\nimport { getLoginOptions } from '../getLoginOptions.js'\nimport { resetLoginAttempts } from '../strategies/local/resetLoginAttempts.js'\n\nexport type Arguments<TSlug extends CollectionSlug> = {\n collection: Collection\n data: AuthOperationsFromCollectionSlug<TSlug>['unlock']\n overrideAccess?: boolean\n req: PayloadRequest\n}\n\nexport const unlockOperation = async <TSlug extends CollectionSlug>(\n args: Arguments<TSlug>,\n): Promise<boolean> => {\n const {\n collection: { config: collectionConfig },\n overrideAccess,\n req: { locale },\n req,\n } = args\n\n const loginWithUsername = collectionConfig.auth.loginWithUsername\n\n const { canLoginWithEmail, canLoginWithUsername } = getLoginOptions(loginWithUsername)\n\n const sanitizedEmail = canLoginWithEmail && (args.data?.email || '').toLowerCase().trim()\n const sanitizedUsername =\n (canLoginWithUsername &&\n 'username' in args.data &&\n typeof args.data.username === 'string' &&\n args.data.username.toLowerCase().trim()) ||\n null\n\n if (collectionConfig.auth.disableLocalStrategy) {\n throw new Forbidden(req.t)\n }\n if (!sanitizedEmail && !sanitizedUsername) {\n throw new APIError(\n `Missing ${collectionConfig.auth.loginWithUsername ? 'username' : 'email'}.`,\n httpStatus.BAD_REQUEST,\n )\n }\n\n try {\n const shouldCommit = await initTransaction(req)\n let whereConstraint: Where = {}\n\n // /////////////////////////////////////\n // Access\n // /////////////////////////////////////\n\n if (!overrideAccess) {\n const accessResult = await executeAccess({ req }, collectionConfig.access.unlock)\n\n if (accessResult && typeof accessResult === 'object') {\n whereConstraint = accessResult\n }\n }\n\n // /////////////////////////////////////\n // Unlock\n // /////////////////////////////////////\n\n if (canLoginWithEmail && sanitizedEmail) {\n whereConstraint = combineQueries(whereConstraint, {\n email: {\n equals: sanitizedEmail,\n },\n })\n } else if (canLoginWithUsername && sanitizedUsername) {\n whereConstraint = combineQueries(whereConstraint, {\n username: {\n equals: sanitizedUsername,\n },\n })\n }\n\n // Exclude trashed users unless `trash: true`\n whereConstraint = appendNonTrashedFilter({\n enableTrash: Boolean(collectionConfig.trash),\n trash: false,\n where: whereConstraint,\n })\n\n const user = await req.payload.db.findOne({\n collection: collectionConfig.slug,\n locale: locale!,\n req,\n where: whereConstraint,\n })\n\n let result: boolean | null = null\n\n if (user) {\n await resetLoginAttempts({\n collection: collectionConfig,\n doc: user,\n payload: req.payload,\n req,\n })\n result = true\n } else {\n result = null\n throw new Forbidden(req.t)\n }\n\n if (shouldCommit) {\n await commitTransaction(req)\n }\n\n return result\n } catch (error: unknown) {\n await killTransaction(req)\n throw error\n }\n}\n"],"names":["status","httpStatus","APIError","combineQueries","Forbidden","appendNonTrashedFilter","commitTransaction","initTransaction","killTransaction","executeAccess","getLoginOptions","resetLoginAttempts","unlockOperation","args","collection","config","collectionConfig","overrideAccess","req","locale","loginWithUsername","auth","canLoginWithEmail","canLoginWithUsername","sanitizedEmail","data","email","toLowerCase","trim","sanitizedUsername","username","disableLocalStrategy","t","BAD_REQUEST","shouldCommit","whereConstraint","accessResult","access","unlock","equals","enableTrash","Boolean","trash","where","user","payload","db","findOne","slug","result","doc","error"],"mappings":"AAAA,SAASA,UAAUC,UAAU,QAAQ,cAAa;AASlD,SAASC,QAAQ,QAAQ,wBAAuB;AAChD,SAASC,cAAc,EAAEC,SAAS,QAAQ,iBAAgB;AAC1D,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,iBAAiB,QAAQ,uCAAsC;AACxE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,aAAa,QAAQ,sBAAqB;AACnD,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,kBAAkB,QAAQ,4CAA2C;AAS9E,OAAO,MAAMC,kBAAkB,OAC7BC;IAEA,MAAM,EACJC,YAAY,EAAEC,QAAQC,gBAAgB,EAAE,EACxCC,cAAc,EACdC,KAAK,EAAEC,MAAM,EAAE,EACfD,GAAG,EACJ,GAAGL;IAEJ,MAAMO,oBAAoBJ,iBAAiBK,IAAI,CAACD,iBAAiB;IAEjE,MAAM,EAAEE,iBAAiB,EAAEC,oBAAoB,EAAE,GAAGb,gBAAgBU;IAEpE,MAAMI,iBAAiBF,qBAAqB,AAACT,CAAAA,KAAKY,IAAI,EAAEC,SAAS,EAAC,EAAGC,WAAW,GAAGC,IAAI;IACvF,MAAMC,oBACJ,AAACN,wBACC,cAAcV,KAAKY,IAAI,IACvB,OAAOZ,KAAKY,IAAI,CAACK,QAAQ,KAAK,YAC9BjB,KAAKY,IAAI,CAACK,QAAQ,CAACH,WAAW,GAAGC,IAAI,MACvC;IAEF,IAAIZ,iBAAiBK,IAAI,CAACU,oBAAoB,EAAE;QAC9C,MAAM,IAAI3B,UAAUc,IAAIc,CAAC;IAC3B;IACA,IAAI,CAACR,kBAAkB,CAACK,mBAAmB;QACzC,MAAM,IAAI3B,SACR,CAAC,QAAQ,EAAEc,iBAAiBK,IAAI,CAACD,iBAAiB,GAAG,aAAa,QAAQ,CAAC,CAAC,EAC5EnB,WAAWgC,WAAW;IAE1B;IAEA,IAAI;QACF,MAAMC,eAAe,MAAM3B,gBAAgBW;QAC3C,IAAIiB,kBAAyB,CAAC;QAE9B,wCAAwC;QACxC,SAAS;QACT,wCAAwC;QAExC,IAAI,CAAClB,gBAAgB;YACnB,MAAMmB,eAAe,MAAM3B,cAAc;gBAAES;YAAI,GAAGF,iBAAiBqB,MAAM,CAACC,MAAM;YAEhF,IAAIF,gBAAgB,OAAOA,iBAAiB,UAAU;gBACpDD,kBAAkBC;YACpB;QACF;QAEA,wCAAwC;QACxC,SAAS;QACT,wCAAwC;QAExC,IAAId,qBAAqBE,gBAAgB;YACvCW,kBAAkBhC,eAAegC,iBAAiB;gBAChDT,OAAO;oBACLa,QAAQf;gBACV;YACF;QACF,OAAO,IAAID,wBAAwBM,mBAAmB;YACpDM,kBAAkBhC,eAAegC,iBAAiB;gBAChDL,UAAU;oBACRS,QAAQV;gBACV;YACF;QACF;QAEA,6CAA6C;QAC7CM,kBAAkB9B,uBAAuB;YACvCmC,aAAaC,QAAQzB,iBAAiB0B,KAAK;YAC3CA,OAAO;YACPC,OAAOR;QACT;QAEA,MAAMS,OAAO,MAAM1B,IAAI2B,OAAO,CAACC,EAAE,CAACC,OAAO,CAAC;YACxCjC,YAAYE,iBAAiBgC,IAAI;YACjC7B,QAAQA;YACRD;YACAyB,OAAOR;QACT;QAEA,IAAIc,SAAyB;QAE7B,IAAIL,MAAM;YACR,MAAMjC,mBAAmB;gBACvBG,YAAYE;gBACZkC,KAAKN;gBACLC,SAAS3B,IAAI2B,OAAO;gBACpB3B;YACF;YACA+B,SAAS;QACX,OAAO;YACLA,SAAS;YACT,MAAM,IAAI7C,UAAUc,IAAIc,CAAC;QAC3B;QAEA,IAAIE,cAAc;YAChB,MAAM5B,kBAAkBY;QAC1B;QAEA,OAAO+B;IACT,EAAE,OAAOE,OAAgB;QACvB,MAAM3C,gBAAgBU;QACtB,MAAMiC;IACR;AACF,EAAC"}
1
+ {"version":3,"sources":["../../../src/auth/operations/unlock.ts"],"sourcesContent":["import { status as httpStatus } from 'http-status'\n\nimport type {\n AuthOperationsFromCollectionSlug,\n Collection,\n} from '../../collections/config/types.js'\nimport type { CollectionSlug } from '../../index.js'\nimport type { PayloadRequest, Where } from '../../types/index.js'\n\nimport { buildAfterOperation } from '../../collections/operations/utilities/buildAfterOperation.js'\nimport { buildBeforeOperation } from '../../collections/operations/utilities/buildBeforeOperation.js'\nimport { APIError } from '../../errors/index.js'\nimport { combineQueries, Forbidden } from '../../index.js'\nimport { appendNonTrashedFilter } from '../../utilities/appendNonTrashedFilter.js'\nimport { commitTransaction } from '../../utilities/commitTransaction.js'\nimport { initTransaction } from '../../utilities/initTransaction.js'\nimport { killTransaction } from '../../utilities/killTransaction.js'\nimport { executeAccess } from '../executeAccess.js'\nimport { getLoginOptions } from '../getLoginOptions.js'\nimport { resetLoginAttempts } from '../strategies/local/resetLoginAttempts.js'\n\nexport type Arguments<TSlug extends CollectionSlug> = {\n collection: Collection\n data: AuthOperationsFromCollectionSlug<TSlug>['unlock']\n overrideAccess?: boolean\n req: PayloadRequest\n}\n\nexport const unlockOperation = async <TSlug extends CollectionSlug>(\n args: Arguments<TSlug>,\n): Promise<boolean> => {\n const {\n collection: { config: collectionConfig },\n overrideAccess,\n req: { locale },\n req,\n } = args\n\n const loginWithUsername = collectionConfig.auth.loginWithUsername\n\n const { canLoginWithEmail, canLoginWithUsername } = getLoginOptions(loginWithUsername)\n\n const sanitizedEmail = canLoginWithEmail && (args.data?.email || '').toLowerCase().trim()\n const sanitizedUsername =\n (canLoginWithUsername &&\n 'username' in args.data &&\n typeof args.data.username === 'string' &&\n args.data.username.toLowerCase().trim()) ||\n null\n\n if (collectionConfig.auth.disableLocalStrategy) {\n throw new Forbidden(req.t)\n }\n if (!sanitizedEmail && !sanitizedUsername) {\n throw new APIError(\n `Missing ${collectionConfig.auth.loginWithUsername ? 'username' : 'email'}.`,\n httpStatus.BAD_REQUEST,\n )\n }\n\n try {\n args = await buildBeforeOperation({\n args,\n collection: args.collection.config,\n operation: 'unlock',\n })\n\n const shouldCommit = await initTransaction(req)\n let whereConstraint: Where = {}\n\n // /////////////////////////////////////\n // Access\n // /////////////////////////////////////\n\n if (!overrideAccess) {\n const accessResult = await executeAccess({ req }, collectionConfig.access.unlock)\n\n if (accessResult && typeof accessResult === 'object') {\n whereConstraint = accessResult\n }\n }\n\n // /////////////////////////////////////\n // Unlock\n // /////////////////////////////////////\n\n if (canLoginWithEmail && sanitizedEmail) {\n whereConstraint = combineQueries(whereConstraint, {\n email: {\n equals: sanitizedEmail,\n },\n })\n } else if (canLoginWithUsername && sanitizedUsername) {\n whereConstraint = combineQueries(whereConstraint, {\n username: {\n equals: sanitizedUsername,\n },\n })\n }\n\n // Exclude trashed users unless `trash: true`\n whereConstraint = appendNonTrashedFilter({\n enableTrash: Boolean(collectionConfig.trash),\n trash: false,\n where: whereConstraint,\n })\n\n const user = await req.payload.db.findOne({\n collection: collectionConfig.slug,\n locale: locale!,\n req,\n where: whereConstraint,\n })\n\n let result: boolean | null = null\n\n if (user) {\n await resetLoginAttempts({\n collection: collectionConfig,\n doc: user,\n payload: req.payload,\n req,\n })\n result = true\n } else {\n result = null\n throw new Forbidden(req.t)\n }\n\n if (shouldCommit) {\n await commitTransaction(req)\n }\n\n result = await buildAfterOperation({\n args,\n collection: args.collection.config,\n operation: 'unlock',\n result,\n })\n\n return Boolean(result)\n } catch (error: unknown) {\n await killTransaction(req)\n throw error\n }\n}\n"],"names":["status","httpStatus","buildAfterOperation","buildBeforeOperation","APIError","combineQueries","Forbidden","appendNonTrashedFilter","commitTransaction","initTransaction","killTransaction","executeAccess","getLoginOptions","resetLoginAttempts","unlockOperation","args","collection","config","collectionConfig","overrideAccess","req","locale","loginWithUsername","auth","canLoginWithEmail","canLoginWithUsername","sanitizedEmail","data","email","toLowerCase","trim","sanitizedUsername","username","disableLocalStrategy","t","BAD_REQUEST","operation","shouldCommit","whereConstraint","accessResult","access","unlock","equals","enableTrash","Boolean","trash","where","user","payload","db","findOne","slug","result","doc","error"],"mappings":"AAAA,SAASA,UAAUC,UAAU,QAAQ,cAAa;AASlD,SAASC,mBAAmB,QAAQ,gEAA+D;AACnG,SAASC,oBAAoB,QAAQ,iEAAgE;AACrG,SAASC,QAAQ,QAAQ,wBAAuB;AAChD,SAASC,cAAc,EAAEC,SAAS,QAAQ,iBAAgB;AAC1D,SAASC,sBAAsB,QAAQ,4CAA2C;AAClF,SAASC,iBAAiB,QAAQ,uCAAsC;AACxE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,eAAe,QAAQ,qCAAoC;AACpE,SAASC,aAAa,QAAQ,sBAAqB;AACnD,SAASC,eAAe,QAAQ,wBAAuB;AACvD,SAASC,kBAAkB,QAAQ,4CAA2C;AAS9E,OAAO,MAAMC,kBAAkB,OAC7BC;IAEA,MAAM,EACJC,YAAY,EAAEC,QAAQC,gBAAgB,EAAE,EACxCC,cAAc,EACdC,KAAK,EAAEC,MAAM,EAAE,EACfD,GAAG,EACJ,GAAGL;IAEJ,MAAMO,oBAAoBJ,iBAAiBK,IAAI,CAACD,iBAAiB;IAEjE,MAAM,EAAEE,iBAAiB,EAAEC,oBAAoB,EAAE,GAAGb,gBAAgBU;IAEpE,MAAMI,iBAAiBF,qBAAqB,AAACT,CAAAA,KAAKY,IAAI,EAAEC,SAAS,EAAC,EAAGC,WAAW,GAAGC,IAAI;IACvF,MAAMC,oBACJ,AAACN,wBACC,cAAcV,KAAKY,IAAI,IACvB,OAAOZ,KAAKY,IAAI,CAACK,QAAQ,KAAK,YAC9BjB,KAAKY,IAAI,CAACK,QAAQ,CAACH,WAAW,GAAGC,IAAI,MACvC;IAEF,IAAIZ,iBAAiBK,IAAI,CAACU,oBAAoB,EAAE;QAC9C,MAAM,IAAI3B,UAAUc,IAAIc,CAAC;IAC3B;IACA,IAAI,CAACR,kBAAkB,CAACK,mBAAmB;QACzC,MAAM,IAAI3B,SACR,CAAC,QAAQ,EAAEc,iBAAiBK,IAAI,CAACD,iBAAiB,GAAG,aAAa,QAAQ,CAAC,CAAC,EAC5ErB,WAAWkC,WAAW;IAE1B;IAEA,IAAI;QACFpB,OAAO,MAAMZ,qBAAqB;YAChCY;YACAC,YAAYD,KAAKC,UAAU,CAACC,MAAM;YAClCmB,WAAW;QACb;QAEA,MAAMC,eAAe,MAAM5B,gBAAgBW;QAC3C,IAAIkB,kBAAyB,CAAC;QAE9B,wCAAwC;QACxC,SAAS;QACT,wCAAwC;QAExC,IAAI,CAACnB,gBAAgB;YACnB,MAAMoB,eAAe,MAAM5B,cAAc;gBAAES;YAAI,GAAGF,iBAAiBsB,MAAM,CAACC,MAAM;YAEhF,IAAIF,gBAAgB,OAAOA,iBAAiB,UAAU;gBACpDD,kBAAkBC;YACpB;QACF;QAEA,wCAAwC;QACxC,SAAS;QACT,wCAAwC;QAExC,IAAIf,qBAAqBE,gBAAgB;YACvCY,kBAAkBjC,eAAeiC,iBAAiB;gBAChDV,OAAO;oBACLc,QAAQhB;gBACV;YACF;QACF,OAAO,IAAID,wBAAwBM,mBAAmB;YACpDO,kBAAkBjC,eAAeiC,iBAAiB;gBAChDN,UAAU;oBACRU,QAAQX;gBACV;YACF;QACF;QAEA,6CAA6C;QAC7CO,kBAAkB/B,uBAAuB;YACvCoC,aAAaC,QAAQ1B,iBAAiB2B,KAAK;YAC3CA,OAAO;YACPC,OAAOR;QACT;QAEA,MAAMS,OAAO,MAAM3B,IAAI4B,OAAO,CAACC,EAAE,CAACC,OAAO,CAAC;YACxClC,YAAYE,iBAAiBiC,IAAI;YACjC9B,QAAQA;YACRD;YACA0B,OAAOR;QACT;QAEA,IAAIc,SAAyB;QAE7B,IAAIL,MAAM;YACR,MAAMlC,mBAAmB;gBACvBG,YAAYE;gBACZmC,KAAKN;gBACLC,SAAS5B,IAAI4B,OAAO;gBACpB5B;YACF;YACAgC,SAAS;QACX,OAAO;YACLA,SAAS;YACT,MAAM,IAAI9C,UAAUc,IAAIc,CAAC;QAC3B;QAEA,IAAIG,cAAc;YAChB,MAAM7B,kBAAkBY;QAC1B;QAEAgC,SAAS,MAAMlD,oBAAoB;YACjCa;YACAC,YAAYD,KAAKC,UAAU,CAACC,MAAM;YAClCmB,WAAW;YACXgB;QACF;QAEA,OAAOR,QAAQQ;IACjB,EAAE,OAAOE,OAAgB;QACvB,MAAM5C,gBAAgBU;QACtB,MAAMkC;IACR;AACF,EAAC"}
package/dist/collections/config/sanitize.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"sanitize.d.ts","sourceRoot":"","sources":["../../../src/collections/config/sanitize.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAA;AACpE,OAAO,KAAK,EACV,gBAAgB,EAChB,yBAAyB,EAG1B,MAAM,YAAY,CAAA;AAuBnB,eAAO,MAAM,kBAAkB,WACrB,MAAM,cACF,gBAAgB,iCAKG,KAAK,CAAC,CAAC,MAAM,EAAE,eAAe,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC,wBAC1D,MAAM,EAAE,KAC7B,OAAO,CAAC,yBAAyB,CAoPnC,CAAA"}
1
+ {"version":3,"file":"sanitize.d.ts","sourceRoot":"","sources":["../../../src/collections/config/sanitize.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAA;AACpE,OAAO,KAAK,EACV,gBAAgB,EAChB,yBAAyB,EAG1B,MAAM,YAAY,CAAA;AAuBnB,eAAO,MAAM,kBAAkB,WACrB,MAAM,cACF,gBAAgB,iCAKG,KAAK,CAAC,CAAC,MAAM,EAAE,eAAe,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC,wBAC1D,MAAM,EAAE,KAC7B,OAAO,CAAC,yBAAyB,CAsPnC,CAAA"}
package/dist/collections/config/sanitize.js CHANGED
@@ -151,6 +151,8 @@ export const sanitizeCollection = async (config, collection, /**
151
151
  }
152
152
  sanitized.fields = mergeBaseFields(sanitized.fields, baseVersionFields);
153
153
  }
154
+ } else {
155
+ delete sanitized.versions;
154
156
  }
155
157
  if (sanitized.folders === true) {
156
158
  sanitized.folders = {