pico-auth 0.0.13 → 0.0.15
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/pico-auth.esm.js
CHANGED
|
@@ -98,7 +98,8 @@ const mfaRegister = async (appName, login, userProvider) => {
|
|
|
98
98
|
enabled: false
|
|
99
99
|
};
|
|
100
100
|
console.log(`mfaInfo2 = ${JSON.stringify(mfaInfo)}`);
|
|
101
|
-
userProvider.userSecretPath ?
|
|
101
|
+
const propName = userProvider.userSecretPath ? userProvider.userSecretPath : "mfa";
|
|
102
|
+
user[propName] = mfaInfo;
|
|
102
103
|
console.log(`user = ${JSON.stringify(user)}`);
|
|
103
104
|
}
|
|
104
105
|
mfaInfo.secret.temp = secret.base32;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
const speakeasy=require("speakeasy"),qrcode=require("qrcode"),md5=require("md5"),jwt=require("jsonwebtoken"),authenticate=async(e,t,r,a,s,o,i)=>{var n;let c=await s.getUser(e);const l=s.userSecretPath?c[s.userSecretPath]:c.mfa,u=s.userPasswordPath?c[s.userPasswordPath]:c.password;if(null==l?void 0:l.enabled){if(!speakeasy.totp.verify({secret:null===(n=null==l?void 0:l.secret)||void 0===n?void 0:n.actual,encoding:"base32",mfaToken:r,window:1}))throw new Error(`Failed authentication attempt ${e}`)}if(md5(t||"")==u){const e=a,t=c;if(e){let r=!1;if(e.startsWith("@")){if(r=r||await o.canImpersonate(c,e),!r)throw new Error(`Failed impersonate attempt. From: ${t.id} into ${e}`);await o.impersonateOrg(c,e)}else{const a=await s.getUser(e);if(r=r||await o.canImpersonate(c,e),!r)throw new Error(`Failed impersonate attempt. From: ${t.id} into ${e}`);c=a}console.info(`Impersonate success. From: ${t.login} into ${e}`)}let r=i.secretKey,n={time:Date.now(),user:c};const l=jwt.sign(n,r,{expiresIn:i.expiryTimeMs});return console.log(`Successful login: ${c.id}`),l}throw new Error(`Failed authentication attempt ${e}`)},mfaRegister=async(e,t,r)=>new Promise((async(a,s)=>{let o=await r.getUser(t),i=r.userSecretPath?o[r.userSecretPath]:o.mfa;console.log(`mfaInfo = ${JSON.stringify(i)}`);const n=speakeasy.generateSecret({name:`${e} (${t})`});
|
|
1
|
+
const speakeasy=require("speakeasy"),qrcode=require("qrcode"),md5=require("md5"),jwt=require("jsonwebtoken"),authenticate=async(e,t,r,a,s,o,i)=>{var n;let c=await s.getUser(e);const l=s.userSecretPath?c[s.userSecretPath]:c.mfa,u=s.userPasswordPath?c[s.userPasswordPath]:c.password;if(null==l?void 0:l.enabled){if(!speakeasy.totp.verify({secret:null===(n=null==l?void 0:l.secret)||void 0===n?void 0:n.actual,encoding:"base32",mfaToken:r,window:1}))throw new Error(`Failed authentication attempt ${e}`)}if(md5(t||"")==u){const e=a,t=c;if(e){let r=!1;if(e.startsWith("@")){if(r=r||await o.canImpersonate(c,e),!r)throw new Error(`Failed impersonate attempt. From: ${t.id} into ${e}`);await o.impersonateOrg(c,e)}else{const a=await s.getUser(e);if(r=r||await o.canImpersonate(c,e),!r)throw new Error(`Failed impersonate attempt. From: ${t.id} into ${e}`);c=a}console.info(`Impersonate success. From: ${t.login} into ${e}`)}let r=i.secretKey,n={time:Date.now(),user:c};const l=jwt.sign(n,r,{expiresIn:i.expiryTimeMs});return console.log(`Successful login: ${c.id}`),l}throw new Error(`Failed authentication attempt ${e}`)},mfaRegister=async(e,t,r)=>new Promise((async(a,s)=>{let o=await r.getUser(t),i=r.userSecretPath?o[r.userSecretPath]:o.mfa;console.log(`mfaInfo = ${JSON.stringify(i)}`);const n=speakeasy.generateSecret({name:`${e} (${t})`});if(!i){i={secret:{temp:void 0,actual:void 0},enabled:!1},console.log(`mfaInfo2 = ${JSON.stringify(i)}`);o[r.userSecretPath?r.userSecretPath:"mfa"]=i,console.log(`user = ${JSON.stringify(o)}`)}i.secret.temp=n.base32,i.secret.actual=void 0,console.log(`user2 = ${JSON.stringify(o)}`),await r.putUser(o),qrcode.toDataURL(n.otpauth_url,((e,t)=>{if(e)throw new Error("Error generating QR code");a({qr_code:t,secret:n.base32})}))})),mfaVerify=async(e,t,r)=>{var a,s;const o=t;let i=await r.getUser(e);const n=r.userSecretPath?i[r.userSecretPath]:i.mfa;return speakeasy.totp.verify({secret:null===(a=null==n?void 0:n.secret)||void 0===a?void 0:a.temp,encoding:"base32",token:o})?(n.secret.actual=null===(s=null==n?void 0:n.secret)||void 0===s?void 0:s.temp,n.enabled=!0,await r.putUser(i),!0):(console.log(`Failed mfa verification for ${e}`),!1)},mfaEnabled=async(e,t)=>{let r=await t.getUser(e);const a=t.userSecretPath?r[t.userSecretPath]:r.mfa;return null==a?void 0:a.enabled};export{authenticate,mfaEnabled,mfaRegister,mfaVerify};
|
package/dist/pico-auth.umd.js
CHANGED
|
@@ -104,7 +104,8 @@
|
|
|
104
104
|
enabled: false
|
|
105
105
|
};
|
|
106
106
|
console.log(`mfaInfo2 = ${JSON.stringify(mfaInfo)}`);
|
|
107
|
-
userProvider.userSecretPath ?
|
|
107
|
+
const propName = userProvider.userSecretPath ? userProvider.userSecretPath : "mfa";
|
|
108
|
+
user[propName] = mfaInfo;
|
|
108
109
|
console.log(`user = ${JSON.stringify(user)}`);
|
|
109
110
|
}
|
|
110
111
|
mfaInfo.secret.temp = secret.base32;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).picoAuth={})}(this,(function(e){"use strict";const t=require("speakeasy"),r=require("qrcode"),o=require("md5"),a=require("jsonwebtoken");e.authenticate=async(e,r,s,n,
|
|
1
|
+
!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).picoAuth={})}(this,(function(e){"use strict";const t=require("speakeasy"),r=require("qrcode"),o=require("md5"),a=require("jsonwebtoken");e.authenticate=async(e,r,s,i,n,c,l)=>{var u;let d=await n.getUser(e);const f=n.userSecretPath?d[n.userSecretPath]:d.mfa,m=n.userPasswordPath?d[n.userPasswordPath]:d.password;if(null==f?void 0:f.enabled){if(!t.totp.verify({secret:null===(u=null==f?void 0:f.secret)||void 0===u?void 0:u.actual,encoding:"base32",mfaToken:s,window:1}))throw new Error(`Failed authentication attempt ${e}`)}if(o(r||"")==m){const e=i,t=d;if(e){let r=!1;if(e.startsWith("@")){if(r=r||await c.canImpersonate(d,e),!r)throw new Error(`Failed impersonate attempt. From: ${t.id} into ${e}`);await c.impersonateOrg(d,e)}else{const o=await n.getUser(e);if(r=r||await c.canImpersonate(d,e),!r)throw new Error(`Failed impersonate attempt. From: ${t.id} into ${e}`);d=o}console.info(`Impersonate success. From: ${t.login} into ${e}`)}let r=l.secretKey,o={time:Date.now(),user:d};const s=a.sign(o,r,{expiresIn:l.expiryTimeMs});return console.log(`Successful login: ${d.id}`),s}throw new Error(`Failed authentication attempt ${e}`)},e.mfaEnabled=async(e,t)=>{let r=await t.getUser(e);const o=t.userSecretPath?r[t.userSecretPath]:r.mfa;return null==o?void 0:o.enabled},e.mfaRegister=async(e,o,a)=>new Promise((async(s,i)=>{let n=await a.getUser(o),c=a.userSecretPath?n[a.userSecretPath]:n.mfa;console.log(`mfaInfo = ${JSON.stringify(c)}`);const l=t.generateSecret({name:`${e} (${o})`});if(!c){c={secret:{temp:void 0,actual:void 0},enabled:!1},console.log(`mfaInfo2 = ${JSON.stringify(c)}`);n[a.userSecretPath?a.userSecretPath:"mfa"]=c,console.log(`user = ${JSON.stringify(n)}`)}c.secret.temp=l.base32,c.secret.actual=void 0,console.log(`user2 = ${JSON.stringify(n)}`),await a.putUser(n),r.toDataURL(l.otpauth_url,((e,t)=>{if(e)throw new Error("Error generating QR code");s({qr_code:t,secret:l.base32})}))})),e.mfaVerify=async(e,r,o)=>{var a,s;const i=r;let n=await o.getUser(e);const c=o.userSecretPath?n[o.userSecretPath]:n.mfa;return t.totp.verify({secret:null===(a=null==c?void 0:c.secret)||void 0===a?void 0:a.temp,encoding:"base32",token:i})?(c.secret.actual=null===(s=null==c?void 0:c.secret)||void 0===s?void 0:s.temp,c.enabled=!0,await o.putUser(n),!0):(console.log(`Failed mfa verification for ${e}`),!1)},Object.defineProperty(e,"__esModule",{value:!0})}));
|