This commit is contained in:
parent
a7be577e92
commit
d71e7a4b41
|
|
@ -1,8 +1,8 @@
|
|||
const {models} = require('vn-loopback/server/server');
|
||||
|
||||
fdescribe('VnUser Sign-in()', () => {
|
||||
describe('VnUser Sign-in()', () => {
|
||||
const employeeId = 1;
|
||||
const unauthCtx = {
|
||||
const unAuthCtx = {
|
||||
req: {
|
||||
headers: {},
|
||||
connection: {
|
||||
|
|
@ -15,7 +15,7 @@ fdescribe('VnUser Sign-in()', () => {
|
|||
const {VnUser, AccessToken, SignInLog} = models;
|
||||
describe('when credentials are correct', () => {
|
||||
it('should return the token if user uses email', async() => {
|
||||
let login = await VnUser.signIn(unauthCtx, 'salesAssistant@mydomain.com', 'nightmare');
|
||||
let login = await VnUser.signIn(unAuthCtx, 'salesAssistant@mydomain.com', 'nightmare');
|
||||
let accessToken = await AccessToken.findById(login.token);
|
||||
let ctx = {req: {accessToken: accessToken}};
|
||||
let signInLog = await SignInLog.find({where: {token: accessToken.id}});
|
||||
|
|
@ -29,7 +29,7 @@ fdescribe('VnUser Sign-in()', () => {
|
|||
});
|
||||
|
||||
it('should return the token', async() => {
|
||||
let login = await VnUser.signIn(unauthCtx, 'salesAssistant', 'nightmare');
|
||||
let login = await VnUser.signIn(unAuthCtx, 'salesAssistant', 'nightmare');
|
||||
let accessToken = await AccessToken.findById(login.token);
|
||||
let ctx = {req: {accessToken: accessToken}};
|
||||
|
||||
|
|
@ -39,7 +39,7 @@ fdescribe('VnUser Sign-in()', () => {
|
|||
});
|
||||
|
||||
it('should return the token if the user doesnt exist but the client does', async() => {
|
||||
let login = await VnUser.signIn(unauthCtx, 'PetterParker', 'nightmare');
|
||||
let login = await VnUser.signIn(unAuthCtx, 'PetterParker', 'nightmare');
|
||||
let accessToken = await AccessToken.findById(login.token);
|
||||
let ctx = {req: {accessToken: accessToken}};
|
||||
|
||||
|
|
@ -54,7 +54,7 @@ fdescribe('VnUser Sign-in()', () => {
|
|||
let error;
|
||||
|
||||
try {
|
||||
await VnUser.signIn(unauthCtx, 'IDontExist', 'TotallyWrongPassword');
|
||||
await VnUser.signIn(unAuthCtx, 'IDontExist', 'TotallyWrongPassword');
|
||||
} catch (e) {
|
||||
error = e;
|
||||
}
|
||||
|
|
@ -75,7 +75,7 @@ fdescribe('VnUser Sign-in()', () => {
|
|||
const options = {transaction: tx};
|
||||
await employee.updateAttribute('twoFactor', 'email', options);
|
||||
|
||||
await VnUser.signIn(unauthCtx, 'employee', 'nightmare', options);
|
||||
await VnUser.signIn(unAuthCtx, 'employee', 'nightmare', options);
|
||||
await tx.rollback();
|
||||
} catch (e) {
|
||||
await tx.rollback();
|
||||
|
|
@ -100,7 +100,7 @@ fdescribe('VnUser Sign-in()', () => {
|
|||
const options = {transaction: tx};
|
||||
await employee.updateAttribute('passExpired', yesterday, options);
|
||||
|
||||
await VnUser.signIn(unauthCtx, 'employee', 'nightmare', options);
|
||||
await VnUser.signIn(unAuthCtx, 'employee', 'nightmare', options);
|
||||
await tx.rollback();
|
||||
} catch (e) {
|
||||
await tx.rollback();
|
||||
|
|
|
|||
|
|
@ -1,10 +1,10 @@
|
|||
const vnModel = require('vn-loopback/common/models/vn-model');
|
||||
const { Email } = require('vn-print');
|
||||
const {Email} = require('vn-print');
|
||||
const ForbiddenError = require('vn-loopback/util/forbiddenError');
|
||||
const LoopBackContext = require('loopback-context');
|
||||
const UserError = require('vn-loopback/util/user-error');
|
||||
|
||||
module.exports = function (Self) {
|
||||
module.exports = function(Self) {
|
||||
vnModel(Self);
|
||||
|
||||
require('../methods/vn-user/sign-in')(Self);
|
||||
|
|
@ -37,7 +37,7 @@ module.exports = function (Self) {
|
|||
{
|
||||
arg: 'ctx',
|
||||
type: 'Object',
|
||||
http: { source: 'context' }
|
||||
http: {source: 'context'}
|
||||
}
|
||||
],
|
||||
returns: {
|
||||
|
|
@ -50,7 +50,7 @@ module.exports = function (Self) {
|
|||
}
|
||||
});
|
||||
|
||||
Self.getCurrentUserData = async function (ctx) {
|
||||
Self.getCurrentUserData = async function(ctx) {
|
||||
let userId = ctx.req.accessToken.userId;
|
||||
return await Self.findById(userId, {
|
||||
fields: ['id', 'name', 'nickname']
|
||||
|
|
@ -65,7 +65,7 @@ module.exports = function (Self) {
|
|||
* @param {Object} options Options
|
||||
* @return {Boolean} %true if user has the role, %false otherwise
|
||||
*/
|
||||
Self.hasRole = async function (userId, name, options) {
|
||||
Self.hasRole = async function(userId, name, options) {
|
||||
const roles = await Self.getRoles(userId, options);
|
||||
return roles.some(role => role == name);
|
||||
};
|
||||
|
|
@ -77,7 +77,7 @@ module.exports = function (Self) {
|
|||
* @param {Object} options Options
|
||||
* @return {Object} User role list
|
||||
*/
|
||||
Self.getRoles = async (userId, options) => {
|
||||
Self.getRoles = async(userId, options) => {
|
||||
const result = await Self.rawSql(
|
||||
`SELECT r.name
|
||||
FROM account.user u
|
||||
|
|
@ -92,9 +92,9 @@ module.exports = function (Self) {
|
|||
return roles;
|
||||
};
|
||||
|
||||
Self.on('resetPasswordRequest', async function (info) {
|
||||
Self.on('resetPasswordRequest', async function(info) {
|
||||
const loopBackContext = LoopBackContext.getCurrentContext();
|
||||
const httpCtx = { req: loopBackContext.active };
|
||||
const httpCtx = {req: loopBackContext.active};
|
||||
const httpRequest = httpCtx.req.http.req;
|
||||
const headers = httpRequest.headers;
|
||||
const origin = headers.origin;
|
||||
|
|
@ -124,7 +124,7 @@ module.exports = function (Self) {
|
|||
|
||||
return email.send();
|
||||
});
|
||||
Self.signInValidate = async (user, userToken, token, ctx) => {
|
||||
Self.signInValidate = async(user, userToken, token, ctx) => {
|
||||
const [[key, value]] = Object.entries(Self.userUses(user));
|
||||
const isOwner = Self.rawSql(`SELECT ? = ? `, [userToken[key], value]);
|
||||
await Self.app.models.SignInLog.create({
|
||||
|
|
@ -134,13 +134,13 @@ module.exports = function (Self) {
|
|||
owner: isOwner
|
||||
});
|
||||
if (!isOwner) {
|
||||
console.error('ERROR!!! - Signin with other user', userToken, user);
|
||||
console.error('ERROR!!! - SignIn with other user', userToken, user);
|
||||
throw new UserError('Try again');
|
||||
}
|
||||
};
|
||||
|
||||
Self.validateLogin = async function (user, password, ctx = null) {
|
||||
const loginInfo = Object.assign({ password }, Self.userUses(user));
|
||||
Self.validateLogin = async function(user, password, ctx = null) {
|
||||
const loginInfo = Object.assign({password}, Self.userUses(user));
|
||||
const token = await Self.login(loginInfo, 'user');
|
||||
|
||||
const userToken = await token.user.get();
|
||||
|
|
@ -154,17 +154,17 @@ module.exports = function (Self) {
|
|||
console.warn(err);
|
||||
}
|
||||
|
||||
return { token: token.id, ttl: token.ttl };
|
||||
return {token: token.id, ttl: token.ttl};
|
||||
};
|
||||
|
||||
Self.userUses = function (user) {
|
||||
Self.userUses = function(user) {
|
||||
return user.indexOf('@') !== -1
|
||||
? { email: user }
|
||||
: { username: user };
|
||||
? {email: user}
|
||||
: {username: user};
|
||||
};
|
||||
|
||||
const _setPassword = Self.prototype.setPassword;
|
||||
Self.prototype.setPassword = async function (newPassword, options, cb) {
|
||||
Self.prototype.setPassword = async function(newPassword, options, cb) {
|
||||
if (cb === undefined && typeof options === 'function') {
|
||||
cb = options;
|
||||
options = undefined;
|
||||
|
|
@ -199,10 +199,10 @@ module.exports = function (Self) {
|
|||
Self.sharedClass._methods.find(method => method.name == 'changePassword').ctor.settings.acls
|
||||
.filter(acl => acl.property != 'changePassword');
|
||||
|
||||
Self.userSecurity = async (ctx, userId, options) => {
|
||||
Self.userSecurity = async(ctx, userId, options) => {
|
||||
const models = Self.app.models;
|
||||
const accessToken = ctx?.options?.accessToken || LoopBackContext.getCurrentContext().active.accessToken;
|
||||
const ctxToken = { req: { accessToken } };
|
||||
const ctxToken = {req: {accessToken}};
|
||||
|
||||
if (userId === accessToken.userId) return;
|
||||
|
||||
|
|
@ -214,7 +214,7 @@ module.exports = function (Self) {
|
|||
if (hasHigherPrivileges) return;
|
||||
|
||||
const hasMediumPrivileges = await models.ACL.checkAccessAcl(ctxToken, 'VnUser', 'mediumPrivileges', myOptions);
|
||||
const user = await models.VnUser.findById(userId, { fields: ['id', 'emailVerified'] }, myOptions);
|
||||
const user = await models.VnUser.findById(userId, {fields: ['id', 'emailVerified']}, myOptions);
|
||||
if (!user.emailVerified && hasMediumPrivileges) return;
|
||||
|
||||
throw new ForbiddenError();
|
||||
|
|
@ -227,7 +227,7 @@ module.exports = function (Self) {
|
|||
if (!ctx.isNewInstance && (!newEmail || !oldEmail || newEmail == oldEmail)) return;
|
||||
|
||||
const loopBackContext = LoopBackContext.getCurrentContext();
|
||||
const httpCtx = { req: loopBackContext.active };
|
||||
const httpCtx = {req: loopBackContext.active};
|
||||
const httpRequest = httpCtx.req.http.req;
|
||||
const headers = httpRequest.headers;
|
||||
const origin = headers.origin;
|
||||
|
|
@ -237,8 +237,8 @@ module.exports = function (Self) {
|
|||
const liliumUrl = await Self.app.models.Url.findOne({
|
||||
where: {
|
||||
and: [
|
||||
{ appName: 'lilium' },
|
||||
{ environment: env }
|
||||
{appName: 'lilium'},
|
||||
{environment: env}
|
||||
]
|
||||
}
|
||||
});
|
||||
|
|
|
|||
Loading…
Reference in New Issue