protonfile-auth 1.2.0 → 1.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/Entities/TempToken.d.ts +5 -0
- package/lib/Entities/TempToken.js +22 -0
- package/lib/controllers/change_password.js +6 -0
- package/lib/controllers/qr.js +5 -3
- package/lib/index.d.ts +8 -0
- package/lib/index.js +10 -2
- package/lib/services/SessionCleaner.d.ts +7 -0
- package/lib/services/SessionCleaner.js +39 -0
- package/lib/services/TempToken.d.ts +9 -0
- package/lib/services/TempToken.js +40 -0
- package/package.json +1 -1
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
+
exports.TempToken = void 0;
|
|
10
|
+
const typeorm_1 = require("typeorm");
|
|
11
|
+
let TempToken = class TempToken extends typeorm_1.BaseEntity {
|
|
12
|
+
};
|
|
13
|
+
__decorate([
|
|
14
|
+
(0, typeorm_1.PrimaryColumn)('text')
|
|
15
|
+
], TempToken.prototype, "token", void 0);
|
|
16
|
+
__decorate([
|
|
17
|
+
(0, typeorm_1.Column)('bigint')
|
|
18
|
+
], TempToken.prototype, "expires", void 0);
|
|
19
|
+
TempToken = __decorate([
|
|
20
|
+
(0, typeorm_1.Entity)()
|
|
21
|
+
], TempToken);
|
|
22
|
+
exports.TempToken = TempToken;
|
|
@@ -18,6 +18,7 @@ const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
|
|
|
18
18
|
const mail_1 = require("../services/mail");
|
|
19
19
|
const bcryptjs_1 = __importDefault(require("bcryptjs"));
|
|
20
20
|
const Session_1 = require("../Entities/Session");
|
|
21
|
+
const TempToken_1 = require("../services/TempToken");
|
|
21
22
|
const get = (req, res) => __awaiter(void 0, void 0, void 0, function* () {
|
|
22
23
|
const user = yield User_1.User.findOne({ email: req.params.email });
|
|
23
24
|
if (!user) {
|
|
@@ -35,6 +36,10 @@ const post = (req, res) => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
35
36
|
if (typeof token === 'string') {
|
|
36
37
|
throw 'token malformed';
|
|
37
38
|
}
|
|
39
|
+
const temptoken = new TempToken_1.TempTokenService(req.body.token, token.exp || 0);
|
|
40
|
+
if (!(yield temptoken.isValid())) {
|
|
41
|
+
throw 'token expired';
|
|
42
|
+
}
|
|
38
43
|
const user = yield User_1.User.findOne({ user_id: token.user_id });
|
|
39
44
|
if (!user) {
|
|
40
45
|
return res.sendStatus(404);
|
|
@@ -43,6 +48,7 @@ const post = (req, res) => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
43
48
|
if (req.body.revoke_all) {
|
|
44
49
|
yield Session_1.Session.delete({ user_id: user.user_id });
|
|
45
50
|
}
|
|
51
|
+
yield temptoken.invalidate();
|
|
46
52
|
res.sendStatus(200);
|
|
47
53
|
}
|
|
48
54
|
catch (err) {
|
package/lib/controllers/qr.js
CHANGED
|
@@ -27,10 +27,12 @@ const get = (req, res) => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
27
27
|
if (typeof request_id !== 'string') {
|
|
28
28
|
return res.sendStatus(400);
|
|
29
29
|
}
|
|
30
|
-
|
|
30
|
+
const handler = (user) => __awaiter(void 0, void 0, void 0, function* () {
|
|
31
31
|
const token = yield (0, auth_1.performLogin)(req, res, user);
|
|
32
|
-
|
|
33
|
-
})
|
|
32
|
+
res.status(200).json(Object.assign(Object.assign({}, user), { token }));
|
|
33
|
+
});
|
|
34
|
+
emitter.on(request_id, handler);
|
|
35
|
+
req.on('close', () => emitter.removeListener(request_id, handler));
|
|
34
36
|
});
|
|
35
37
|
exports.get = get;
|
|
36
38
|
const post = (req, res) => __awaiter(void 0, void 0, void 0, function* () {
|
package/lib/index.d.ts
CHANGED
|
@@ -4,12 +4,20 @@ import express from 'express';
|
|
|
4
4
|
import { ConnectionOptions } from 'typeorm';
|
|
5
5
|
import { User } from './Entities/User';
|
|
6
6
|
import { Session } from './Entities/Session';
|
|
7
|
+
import { TempToken } from './Entities/TempToken';
|
|
8
|
+
import { TempTokenService } from './services/TempToken';
|
|
9
|
+
import SessionCleaner from './services/SessionCleaner';
|
|
7
10
|
declare const _default: {
|
|
8
11
|
router: (typeormConfig: ConnectionOptions) => import("express-serve-static-core").Router;
|
|
9
12
|
authMiddleware: (req: express.Request<import("express-serve-static-core").ParamsDictionary, any, any, import("qs").ParsedQs, Record<string, any>>, res: express.Response<any, Record<string, any>>, next: express.NextFunction) => Promise<void | express.Response<any, Record<string, any>>>;
|
|
10
13
|
entities: {
|
|
11
14
|
User: typeof User;
|
|
12
15
|
Session: typeof Session;
|
|
16
|
+
TempToken: typeof TempToken;
|
|
17
|
+
};
|
|
18
|
+
services: {
|
|
19
|
+
TempTokenService: typeof TempTokenService;
|
|
20
|
+
SessionCleaner: typeof SessionCleaner;
|
|
13
21
|
};
|
|
14
22
|
};
|
|
15
23
|
export default _default;
|
package/lib/index.js
CHANGED
|
@@ -17,9 +17,16 @@ const cookie_parser_1 = __importDefault(require("cookie-parser"));
|
|
|
17
17
|
const typeorm_1 = require("typeorm");
|
|
18
18
|
const User_1 = require("./Entities/User");
|
|
19
19
|
const Session_1 = require("./Entities/Session");
|
|
20
|
+
const TempToken_1 = require("./Entities/TempToken");
|
|
21
|
+
const TempToken_2 = require("./services/TempToken");
|
|
22
|
+
const SessionCleaner_1 = __importDefault(require("./services/SessionCleaner"));
|
|
20
23
|
exports.default = {
|
|
21
24
|
router: (typeormConfig) => {
|
|
22
|
-
(0, typeorm_1.createConnection)(Object.assign(Object.assign({}, typeormConfig), { entities: [User_1.User, Session_1.Session] }))
|
|
25
|
+
(0, typeorm_1.createConnection)(Object.assign(Object.assign({}, typeormConfig), { entities: [User_1.User, Session_1.Session, TempToken_1.TempToken] })).then((connection) => {
|
|
26
|
+
User_1.User.useConnection(connection);
|
|
27
|
+
Session_1.Session.useConnection(connection);
|
|
28
|
+
TempToken_1.TempToken.useConnection(connection);
|
|
29
|
+
});
|
|
23
30
|
const router = express_1.default.Router();
|
|
24
31
|
router.use(body_parser_1.default.urlencoded({ extended: false }));
|
|
25
32
|
router.post('/register', register_1.default);
|
|
@@ -33,5 +40,6 @@ exports.default = {
|
|
|
33
40
|
return router;
|
|
34
41
|
},
|
|
35
42
|
authMiddleware: verifyToken_1.default,
|
|
36
|
-
entities: { User: User_1.User, Session: Session_1.Session },
|
|
43
|
+
entities: { User: User_1.User, Session: Session_1.Session, TempToken: TempToken_1.TempToken },
|
|
44
|
+
services: { TempTokenService: TempToken_2.TempTokenService, SessionCleaner: SessionCleaner_1.default },
|
|
37
45
|
};
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
// removes expired sessions
|
|
3
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
4
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
5
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
6
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
7
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
8
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
9
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
10
|
+
});
|
|
11
|
+
};
|
|
12
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
13
|
+
const Session_1 = require("../Entities/Session");
|
|
14
|
+
const jsonwebtoken_1 = require("jsonwebtoken");
|
|
15
|
+
class SessionCleaner {
|
|
16
|
+
constructor() { }
|
|
17
|
+
register(interval) {
|
|
18
|
+
this.handle = setInterval(() => __awaiter(this, void 0, void 0, function* () {
|
|
19
|
+
const sessions = yield Session_1.Session.find();
|
|
20
|
+
for (const session of sessions) {
|
|
21
|
+
const decodedToken = (0, jsonwebtoken_1.decode)(session.token);
|
|
22
|
+
if (typeof decodedToken === 'string' || !decodedToken)
|
|
23
|
+
return;
|
|
24
|
+
const { exp } = decodedToken;
|
|
25
|
+
const expiration = exp ? exp * 1000 : 0;
|
|
26
|
+
const now = Date.now();
|
|
27
|
+
const isExpired = now > expiration;
|
|
28
|
+
if (isExpired)
|
|
29
|
+
Session_1.Session.remove(session);
|
|
30
|
+
}
|
|
31
|
+
}), interval || 60000);
|
|
32
|
+
}
|
|
33
|
+
unregister() {
|
|
34
|
+
if (!this.handle)
|
|
35
|
+
return;
|
|
36
|
+
clearInterval(this.handle);
|
|
37
|
+
}
|
|
38
|
+
}
|
|
39
|
+
exports.default = SessionCleaner;
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import { TempToken } from '../Entities/TempToken';
|
|
2
|
+
export declare class TempTokenService {
|
|
3
|
+
token: string;
|
|
4
|
+
expires: number;
|
|
5
|
+
private tempToken;
|
|
6
|
+
constructor(token: string, expires: number);
|
|
7
|
+
invalidate(): Promise<TempToken>;
|
|
8
|
+
isValid(): Promise<boolean>;
|
|
9
|
+
}
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
+
});
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.TempTokenService = void 0;
|
|
13
|
+
const TempToken_1 = require("../Entities/TempToken");
|
|
14
|
+
const typeorm_1 = require("typeorm");
|
|
15
|
+
class TempTokenService {
|
|
16
|
+
constructor(token, expires) {
|
|
17
|
+
this.token = token;
|
|
18
|
+
this.expires = expires;
|
|
19
|
+
this.tempToken = new TempToken_1.TempToken();
|
|
20
|
+
this.tempToken.token = this.token;
|
|
21
|
+
this.tempToken.expires = this.expires;
|
|
22
|
+
setInterval(() => {
|
|
23
|
+
const timestamp = +new Date();
|
|
24
|
+
TempToken_1.TempToken.delete({ expires: (0, typeorm_1.LessThan)(timestamp) });
|
|
25
|
+
}, 600 * 1000);
|
|
26
|
+
}
|
|
27
|
+
invalidate() {
|
|
28
|
+
return this.tempToken.save();
|
|
29
|
+
}
|
|
30
|
+
isValid() {
|
|
31
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
32
|
+
const found = yield TempToken_1.TempToken.findOne({ token: this.token });
|
|
33
|
+
if (found) {
|
|
34
|
+
return false;
|
|
35
|
+
}
|
|
36
|
+
return true;
|
|
37
|
+
});
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
exports.TempTokenService = TempTokenService;
|