verdnatura/salix
verdnatura
/
salix
3
4
Fork 0
Code Issues Pull Requests 58 Releases Wiki Activity

refs #6434 feat: add new error message
gitea/salix/pipeline/head There was a failure building this commit Details

This commit is contained in:
Javier Segarra 2023-11-14 13:00:20 +01:00
parent ad07c4ec97
commit 5c777c705f
3 changed files with 29 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
back/methods/vn-user/sign-in.js
View File

@ -26,7 +26,7 @@ module.exports = Self => {
} }
}); });
Self.signIn = async function(ctx, user, password, options) { Self.signIn = async function (ctx, user, password, options) {
const myOptions = {}; const myOptions = {};
if (typeof options == 'object') if (typeof options == 'object')
Object.assign(myOptions, options); Object.assign(myOptions, options);
@ -40,15 +40,17 @@ module.exports = Self => {
const validCredentials = vnUser const validCredentials = vnUser
&& await vnUser.hasPassword(password); && await vnUser.hasPassword(password);
if (validCredentials) { if (!validCredentials)
if (!vnUser.active) throw new UserError('Invalid credentials');
throw new UserError('User disabled');
await Self.sendTwoFactor(ctx, vnUser, myOptions);
await Self.passExpired(vnUser, myOptions);
if (vnUser.twoFactor) if (!vnUser.active)
throw new ForbiddenError(null, 'REQUIRES_2FA'); throw new UserError('User disabled');
}
await Self.sendTwoFactor(ctx, vnUser, myOptions);
await Self.passExpired(vnUser, myOptions);
if (vnUser.twoFactor)
throw new ForbiddenError(null, 'REQUIRES_2FA');
return Self.validateLogin(user, password); return Self.validateLogin(user, password);
}; };
@ -59,18 +61,18 @@ module.exports = Self => {
if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime()) { if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime()) {
const err = new UserError('Pass expired', 'passExpired'); const err = new UserError('Pass expired', 'passExpired');
err.details = {userId: vnUser.id, twoFactor: vnUser.twoFactor ? true : false}; err.details = { userId: vnUser.id, twoFactor: vnUser.twoFactor ? true : false };
throw err; throw err;
} }
}; };
Self.sendTwoFactor = async(ctx, vnUser, myOptions) => { Self.sendTwoFactor = async (ctx, vnUser, myOptions) => {
if (vnUser.twoFactor === 'email') { if (vnUser.twoFactor === 'email') {
const $ = Self.app.models; const $ = Self.app.models;
const code = String(Math.floor(Math.random() * 999999)); const code = String(Math.floor(Math.random() * 999999));
const maxTTL = ((60 * 1000) * 5); // 5 min const maxTTL = ((60 * 1000) * 5); // 5 min
await $.AuthCode.upsertWithWhere({userFk: vnUser.id}, { await $.AuthCode.upsertWithWhere({ userFk: vnUser.id }, {
userFk: vnUser.id, userFk: vnUser.id,
code: code, code: code,
expires: Date.vnNow() + maxTTL expires: Date.vnNow() + maxTTL
@ -87,7 +89,7 @@ module.exports = Self => {
ip: ctx.req?.connection?.remoteAddress, ip: ctx.req?.connection?.remoteAddress,
device: platform && browser ? platform + ', ' + browser : headers['user-agent'], device: platform && browser ? platform + ', ' + browser : headers['user-agent'],
}, },
req: {getLocale: ctx.req.getLocale}, req: { getLocale: ctx.req.getLocale },
}; };
await Self.sendTemplate(params, 'auth-code', true); await Self.sendTemplate(params, 'auth-code', true);

13
back/models/vn-user.js
View File

@ -2,6 +2,7 @@ const vnModel = require('vn-loopback/common/models/vn-model');
const {Email} = require('vn-print'); const {Email} = require('vn-print');
const ForbiddenError = require('vn-loopback/util/forbiddenError'); const ForbiddenError = require('vn-loopback/util/forbiddenError');
const LoopBackContext = require('loopback-context'); const LoopBackContext = require('loopback-context');
const UserError = require('vn-loopback/util/user-error');
module.exports = function(Self) { module.exports = function(Self) {
vnModel(Self); vnModel(Self);
@ -121,10 +122,18 @@ module.exports = function(Self) {
}); });
Self.validateLogin = async function(user, password) { Self.validateLogin = async function(user, password) {
let loginInfo = Object.assign({password}, Self.userUses(user)); const loginInfo = Object.assign({password}, Self.userUses(user));
token = await Self.login(loginInfo, 'user'); const token = await Self.login(loginInfo, 'user');
const userToken = await token.user.get(); const userToken = await token.user.get();
if (userToken.username !== user) {
console.error('ERROR!!! - Signin with other user', userToken, user);
throw new UserError('Try again');
}
const userCheck = await Self.app.models.VnUser.findOne({where: {name: user}});
if (userToken.id != userCheck.id) await Self.validateLogin(user, password);
try { try {
await Self.app.models.Account.sync(userToken.name, password); await Self.app.models.Account.sync(userToken.name, password);
} catch (err) { } catch (err) {

4
loopback/locale/es.json
View File

@ -325,5 +325,7 @@
"The ticket is in preparation": "El ticket [{{ticketId}}]({{{ticketUrl}}}) del comercial {{salesPersonId}} está en preparación", "The ticket is in preparation": "El ticket [{{ticketId}}]({{{ticketUrl}}}) del comercial {{salesPersonId}} está en preparación",
"The amount cannot be less than the minimum": "La cantidad no puede ser menor que la cantidad mímina", "The amount cannot be less than the minimum": "La cantidad no puede ser menor que la cantidad mímina",
"quantityLessThanMin": "La cantidad no puede ser menor que la cantidad mímina", "quantityLessThanMin": "La cantidad no puede ser menor que la cantidad mímina",
"The notification subscription of this worker cant be modified": "La subscripción a la notificación de este trabajador no puede ser modificada" "The notification subscription of this worker cant be modified": "La subscripción a la notificación de este trabajador no puede ser modificada",
"User disabled": "User disabled",
"Invalid credentials": "Invalid credentials"
} }