pico-auth 0.0.11 → 0.0.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/pico-auth.esm.js
CHANGED
|
@@ -88,7 +88,7 @@ const mfaRegister = async (appName, login, userProvider) => {
|
|
|
88
88
|
const secret = speakeasy.generateSecret({
|
|
89
89
|
name: `${appName} (${login})`,
|
|
90
90
|
});
|
|
91
|
-
if (!mfaInfo)
|
|
91
|
+
if (!mfaInfo) {
|
|
92
92
|
mfaInfo = {
|
|
93
93
|
secret: {
|
|
94
94
|
temp: undefined,
|
|
@@ -96,6 +96,8 @@ const mfaRegister = async (appName, login, userProvider) => {
|
|
|
96
96
|
},
|
|
97
97
|
enabled: false
|
|
98
98
|
};
|
|
99
|
+
userProvider.userSecretPath ? user[userProvider.userSecretPath] : user.mfa = mfaInfo;
|
|
100
|
+
}
|
|
99
101
|
mfaInfo.secret.temp = secret.base32;
|
|
100
102
|
mfaInfo.secret.actual = undefined;
|
|
101
103
|
await userProvider.putUser(user);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
const speakeasy=require("speakeasy"),qrcode=require("qrcode"),md5=require("md5"),jwt=require("jsonwebtoken"),authenticate=async(e,t,a,r,s,o,i)=>{var n;let c=await s.getUser(e);const l=s.userSecretPath?c[s.userSecretPath]:c.mfa,
|
|
1
|
+
const speakeasy=require("speakeasy"),qrcode=require("qrcode"),md5=require("md5"),jwt=require("jsonwebtoken"),authenticate=async(e,t,a,r,s,o,i)=>{var n;let c=await s.getUser(e);const l=s.userSecretPath?c[s.userSecretPath]:c.mfa,u=s.userPasswordPath?c[s.userPasswordPath]:c.password;if(null==l?void 0:l.enabled){if(!speakeasy.totp.verify({secret:null===(n=null==l?void 0:l.secret)||void 0===n?void 0:n.actual,encoding:"base32",mfaToken:a,window:1}))throw new Error(`Failed authentication attempt ${e}`)}if(md5(t||"")==u){const e=r,t=c;if(e){let a=!1;if(e.startsWith("@")){if(a=a||await o.canImpersonate(c,e),!a)throw new Error(`Failed impersonate attempt. From: ${t.id} into ${e}`);await o.impersonateOrg(c,e)}else{const r=await s.getUser(e);if(a=a||await o.canImpersonate(c,e),!a)throw new Error(`Failed impersonate attempt. From: ${t.id} into ${e}`);c=r}console.info(`Impersonate success. From: ${t.login} into ${e}`)}let a=i.secretKey,n={time:Date.now(),user:c};const l=jwt.sign(n,a,{expiresIn:i.expiryTimeMs});return console.log(`Successful login: ${c.id}`),l}throw new Error(`Failed authentication attempt ${e}`)},mfaRegister=async(e,t,a)=>new Promise((async(r,s)=>{let o=await a.getUser(t),i=a.userSecretPath?o[a.userSecretPath]:o.mfa;const n=speakeasy.generateSecret({name:`${e} (${t})`});i||(i={secret:{temp:void 0,actual:void 0},enabled:!1},a.userSecretPath?o[a.userSecretPath]:o.mfa=i),i.secret.temp=n.base32,i.secret.actual=void 0,await a.putUser(o),qrcode.toDataURL(n.otpauth_url,((e,t)=>{if(e)throw new Error("Error generating QR code");r({qr_code:t,secret:n.base32})}))})),mfaVerify=async(e,t,a)=>{var r,s;const o=t;let i=await a.getUser(e);const n=a.userSecretPath?i[a.userSecretPath]:i.mfa;return speakeasy.totp.verify({secret:null===(r=null==n?void 0:n.secret)||void 0===r?void 0:r.temp,encoding:"base32",token:o})?(n.secret.actual=null===(s=null==n?void 0:n.secret)||void 0===s?void 0:s.temp,n.enabled=!0,await a.putUser(i),!0):(console.log(`Failed mfa verification for ${e}`),!1)},mfaEnabled=async(e,t)=>{let a=await t.getUser(e);const r=t.userSecretPath?a[t.userSecretPath]:a.mfa;return null==r?void 0:r.enabled};export{authenticate,mfaEnabled,mfaRegister,mfaVerify};
|
package/dist/pico-auth.umd.js
CHANGED
|
@@ -94,7 +94,7 @@
|
|
|
94
94
|
const secret = speakeasy.generateSecret({
|
|
95
95
|
name: `${appName} (${login})`,
|
|
96
96
|
});
|
|
97
|
-
if (!mfaInfo)
|
|
97
|
+
if (!mfaInfo) {
|
|
98
98
|
mfaInfo = {
|
|
99
99
|
secret: {
|
|
100
100
|
temp: undefined,
|
|
@@ -102,6 +102,8 @@
|
|
|
102
102
|
},
|
|
103
103
|
enabled: false
|
|
104
104
|
};
|
|
105
|
+
userProvider.userSecretPath ? user[userProvider.userSecretPath] : user.mfa = mfaInfo;
|
|
106
|
+
}
|
|
105
107
|
mfaInfo.secret.temp = secret.base32;
|
|
106
108
|
mfaInfo.secret.actual = undefined;
|
|
107
109
|
await userProvider.putUser(user);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).picoAuth={})}(this,(function(e){"use strict";const t=require("speakeasy"),r=require("qrcode"),a=require("md5"),o=require("jsonwebtoken");e.authenticate=async(e,r,i,n,
|
|
1
|
+
!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).picoAuth={})}(this,(function(e){"use strict";const t=require("speakeasy"),r=require("qrcode"),a=require("md5"),o=require("jsonwebtoken");e.authenticate=async(e,r,i,s,n,c,l)=>{var u;let d=await n.getUser(e);const f=n.userSecretPath?d[n.userSecretPath]:d.mfa,m=n.userPasswordPath?d[n.userPasswordPath]:d.password;if(null==f?void 0:f.enabled){if(!t.totp.verify({secret:null===(u=null==f?void 0:f.secret)||void 0===u?void 0:u.actual,encoding:"base32",mfaToken:i,window:1}))throw new Error(`Failed authentication attempt ${e}`)}if(a(r||"")==m){const e=s,t=d;if(e){let r=!1;if(e.startsWith("@")){if(r=r||await c.canImpersonate(d,e),!r)throw new Error(`Failed impersonate attempt. From: ${t.id} into ${e}`);await c.impersonateOrg(d,e)}else{const a=await n.getUser(e);if(r=r||await c.canImpersonate(d,e),!r)throw new Error(`Failed impersonate attempt. From: ${t.id} into ${e}`);d=a}console.info(`Impersonate success. From: ${t.login} into ${e}`)}let r=l.secretKey,a={time:Date.now(),user:d};const i=o.sign(a,r,{expiresIn:l.expiryTimeMs});return console.log(`Successful login: ${d.id}`),i}throw new Error(`Failed authentication attempt ${e}`)},e.mfaEnabled=async(e,t)=>{let r=await t.getUser(e);const a=t.userSecretPath?r[t.userSecretPath]:r.mfa;return null==a?void 0:a.enabled},e.mfaRegister=async(e,a,o)=>new Promise((async(i,s)=>{let n=await o.getUser(a),c=o.userSecretPath?n[o.userSecretPath]:n.mfa;const l=t.generateSecret({name:`${e} (${a})`});c||(c={secret:{temp:void 0,actual:void 0},enabled:!1},o.userSecretPath?n[o.userSecretPath]:n.mfa=c),c.secret.temp=l.base32,c.secret.actual=void 0,await o.putUser(n),r.toDataURL(l.otpauth_url,((e,t)=>{if(e)throw new Error("Error generating QR code");i({qr_code:t,secret:l.base32})}))})),e.mfaVerify=async(e,r,a)=>{var o,i;const s=r;let n=await a.getUser(e);const c=a.userSecretPath?n[a.userSecretPath]:n.mfa;return t.totp.verify({secret:null===(o=null==c?void 0:c.secret)||void 0===o?void 0:o.temp,encoding:"base32",token:s})?(c.secret.actual=null===(i=null==c?void 0:c.secret)||void 0===i?void 0:i.temp,c.enabled=!0,await a.putUser(n),!0):(console.log(`Failed mfa verification for ${e}`),!1)},Object.defineProperty(e,"__esModule",{value:!0})}));
|