npm - session-sync-auth-site - Versions diffs - 0.5.6 → 0.5.7 - Mend

session-sync-auth-site 0.5.6 → 0.5.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md +18 -5
package/package.json +1 -1
package/src/deleteUser.js +44 -0
package/src/index.js +2 -0
package/src/setUpSessionSyncAuthRoutes.js +3 -2

package/README.md CHANGED Viewed

@@ -88,11 +88,11 @@ setUpSessionSyncAuthRoutes({
       // typically coincide with `extraUserTableSelectValues` above.
     }
   },
-  mergeUser: async ({ userId, mergeToUserId }) => {  // optional (when absent, merge requests will succeed even though no data is merged for this site)
-    // move all of userId's data to mergeToUserId
+  mergeUser: async ({ id, mergeToUserId, req }) => {  // optional (when absent, merge requests will succeed even though no data is merged for this site)
+    // move all of user's data to mergeToUserId
   },
-  deleteUser: async ({ id, email }) => {  // optional (when absent, the appropriate rows from users and sessions are deleted)
-    // delete all of userId's data, including appropriate rows from users and sessions tables
+  deleteUser: async ({ id, req }) => {  // optional (when absent, the appropriate rows from users and sessions are deleted)
+    // delete all of user's data, including appropriate rows from users and sessions tables
   },
   protocol: 'https',
   paths: {
@@ -108,9 +108,10 @@ setUpSessionSyncAuthRoutes({
 ## Admin backend functions
 ```js
-const { createUser, getLoginLink, updateUserAccount } = require('session-sync-auth-site')
+const { createUser, getLoginLink, updateUserAccount, deleteUser } = require('session-sync-auth-site')
 app.post(`create-user`, (req, res, next) => {
+  // first check that user is admin with permission to do this
   const userId = await createUser({
     email: req.body.email,
     req,
@@ -119,6 +120,7 @@ app.post(`create-user`, (req, res, next) => {
 })
 app.post(`get-login-link`, (req, res, next) => {
+  // first check that user is admin with permission to do this
   const loginLink = await getLoginLink({
     email: req.body.email,
     redirectUrl: req.body.redirectUrl,  // must begin with the frontend domain (default: req.headers.origin)
@@ -129,6 +131,7 @@ app.post(`get-login-link`, (req, res, next) => {
 })
 app.post(`update-user-account`, (req, res, next) => {
+  // first check that user is admin with permission to do this
   await updateUserAccount({
     userId: req.body.userId,
     data: {  // only include details being updated
@@ -144,6 +147,16 @@ app.post(`update-user-account`, (req, res, next) => {
   })
   res.send({ success: true })
 })
+app.post(`delete-user`, (req, res, next) => {
+  // first check that user is admin with permission to do this
+  await deleteUser({
+    id: req.body.id,
+    mergeToUserId: req.body.mergeToUserId,  // optional
+    req,
+  })
+  res.send({ success: true })
+})
 ```
 # Frontend usage

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "session-sync-auth-site",
-  "version": "0.5.6",
+  "version": "0.5.7",
   "main": "src/index.js",
   "repository": {
     "type": "git",

package/src/deleteUser.js ADDED Viewed

@@ -0,0 +1,44 @@
+const fetch = require('node-fetch')
+const jwt = require('jsonwebtoken')
+const deleteUser = async ({
+  id,
+  mergeToUserId,
+  req,  // either this or `setup` is required
+  setup,  // keys: siteId, authDomain, and jwtSecret
+}={}) => {
+  const {
+    siteId,
+    authDomain,
+    jwtSecret,
+    protocol=req.sessionSyncAuthProtocol || `https`,
+  } = setup || await req.getSessionSyncAuthSetupInfo()
+  const deleteUserResult = await fetch(
+    `${protocol}://${authDomain}/api/delete-user`,
+    {
+      method: 'post',
+      body: JSON.stringify({
+        siteId,
+        jwtData: jwt.sign(
+          {
+            id,
+            mergeToUserId,
+            data,
+          },
+          jwtSecret,
+        ),
+      }),
+      headers: {
+        'Content-Type': 'application/json',
+      },
+    },
+  )
+  if(deleteUserResult.status !== 200) throw new Error(`Delete user failed: ${deleteUserResult.statusText} [${deleteUserResult.status}]`)
+  if(!(await deleteUserResult.json()).success) throw new Error(`Delete user failed: bad result from auth server`)
+}
+module.exports = deleteUser

package/src/index.js CHANGED Viewed

@@ -2,6 +2,7 @@ const authenticate = require('./authenticate')
 const setUpSessionSyncAuthRoutes = require('./setUpSessionSyncAuthRoutes')
 const createUser = require('./createUser')
 const updateUserAccount = require('./updateUserAccount')
+const deleteUser = require('./deleteUser')
 const getLoginLink = require('./getLoginLink')
 module.exports = {
@@ -9,5 +10,6 @@ module.exports = {
   setUpSessionSyncAuthRoutes,
   createUser,
   updateUserAccount,
+  deleteUser,
   getLoginLink,
 }

package/src/setUpSessionSyncAuthRoutes.js CHANGED Viewed

@@ -246,7 +246,7 @@ const setUpSessionSyncAuthRoutes = ({
           const [ userRow ] = await global.sessionSyncAuthSiteConnection.asyncQuery(
             `
-              SELECT email
+              SELECT \`${(userTableColNameMap.email || `email`).replace(/`/g, '')}\` AS email
               FROM \`${userTableName}\`
               WHERE \`${(userTableColNameMap.id || `id`).replace(/`/g, '')}\` = :userId
             `,
@@ -262,11 +262,12 @@ const setUpSessionSyncAuthRoutes = ({
             await mergeUser({
               id,
               mergeToUserId,
+              req,
             })
           }
           if(deleteUser) {
-            await deleteUser({ id })
+            await deleteUser({ id, req })
           } else {
             await global.sessionSyncAuthSiteConnection.asyncQuery(
               `