verdnatura/salix
verdnatura
/
salix
3
5
Fork 0
Code Issues Pull Requests 65 Releases Wiki Activity

#6434 - SignIn issue_improve-signInLogMethod #1848

Closed
jsegarra wants to merge 65 commits from 6434-improve-signInLog into test
pull from: 6434-improve-signInLog
merge into: verdnatura:test
Conversation 0 Commits 65 Files Changed 83 +40 -31
3 changed files with 40 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit a3076e4fa1 - Show all commits

2
back/methods/vn-user/sign-in.js
View File

@ -49,7 +49,7 @@ module.exports = Self => {
if (vnUser.twoFactor)
throw new ForbiddenError(null, 'REQUIRES_2FA');
}
return Self.validateLogin(user, password);
return Self.validateLogin(user, password, ctx);
};
Self.passExpired = async vnUser => {

3
back/methods/vn-user/specs/sign-in.spec.js
View File

@ -1,6 +1,6 @@
const {models} = require('vn-loopback/server/server');
describe('VnUser Sign-in()', () => {
fdescribe('VnUser Sign-in()', () => {
const employeeId = 1;
const unauthCtx = {
req: {
@ -22,6 +22,7 @@ describe('VnUser Sign-in()', () => {
expect(signInLog.length).toEqual(1);
expect(signInLog[0].userFk).toEqual(accessToken.userId);
expect(signInLog[0].owner).toEqual(true);
expect(login.token).toBeDefined();
await VnUser.logout(ctx.req.accessToken.id);

66
back/models/vn-user.js
View File

@ -1,10 +1,10 @@
const vnModel = require('vn-loopback/common/models/vn-model');
const {Email} = require('vn-print');
const { Email } = require('vn-print');
const ForbiddenError = require('vn-loopback/util/forbiddenError');
const LoopBackContext = require('loopback-context');
const UserError = require('vn-loopback/util/user-error');
module.exports = function(Self) {
module.exports = function (Self) {
vnModel(Self);
require('../methods/vn-user/sign-in')(Self);
@ -37,7 +37,7 @@ module.exports = function(Self) {
{
arg: 'ctx',
type: 'Object',
http: {source: 'context'}
http: { source: 'context' }
}
],
returns: {
@ -50,7 +50,7 @@ module.exports = function(Self) {
}
});
Self.getCurrentUserData = async function(ctx) {
Self.getCurrentUserData = async function (ctx) {
let userId = ctx.req.accessToken.userId;
return await Self.findById(userId, {
fields: ['id', 'name', 'nickname']
@ -65,7 +65,7 @@ module.exports = function(Self) {
* @param {Object} options Options
* @return {Boolean} %true if user has the role, %false otherwise
*/
Self.hasRole = async function(userId, name, options) {
Self.hasRole = async function (userId, name, options) {
const roles = await Self.getRoles(userId, options);
return roles.some(role => role == name);
};
@ -77,7 +77,7 @@ module.exports = function(Self) {
* @param {Object} options Options
* @return {Object} User role list
*/
Self.getRoles = async(userId, options) => {
Self.getRoles = async (userId, options) => {
const result = await Self.rawSql(
`SELECT r.name
FROM account.user u
@ -92,9 +92,9 @@ module.exports = function(Self) {
return roles;
};
Self.on('resetPasswordRequest', async function(info) {
Self.on('resetPasswordRequest', async function (info) {
const loopBackContext = LoopBackContext.getCurrentContext();
const httpCtx = {req: loopBackContext.active};
const httpCtx = { req: loopBackContext.active };
const httpRequest = httpCtx.req.http.req;
const headers = httpRequest.headers;
const origin = headers.origin;
@ -124,28 +124,34 @@ module.exports = function(Self) {
return email.send();
});
Self.signInValidate = async(user, userToken) => {
Self.signInValidate = async (user, userToken, token, ctx) => {
const [[key, value]] = Object.entries(Self.userUses(user));
const isOwner = userToken[key].toLowerCase() !== value.toLowerCase();
const where = Self.userUses(user);
const vnUser = await Self.findOne({
fields: ['id', 'username', 'email'],
where
});
const isOwner = userToken[key].toLowerCase() === vnUser[key].toLowerCase();
await Self.app.models.SignInLog.create({
token: token.id,
userFk: userToken.id,
ip: ctx.req.ip,
owner: isOwner
});
if (isOwner) {
if (!isOwner) {
console.error('ERROR!!! - Signin with other user', userToken, user);
jsegarra marked this conversation as resolved Outdated
alexm commented 2023-11-21 08:59:11 +00:00
Outdated
Review
Copy Link

Pq el = null? sino el pases seria undefined que tame te val no?

Pq el = null? sino el pases seria undefined que tame te val no?
throw new UserError('Try again');
}
};
Self.validateLogin = async function(user, password) {
const loginInfo = Object.assign({password}, Self.userUses(user));
Self.validateLogin = async function (user, password, ctx = null) {
const loginInfo = Object.assign({ password }, Self.userUses(user));
const token = await Self.login(loginInfo, 'user');
const userToken = await token.user.get();
await Self.signInValidate(user, userToken);
if (ctx)
await Self.signInValidate(user, userToken, token, ctx);
try {
await Self.app.models.Account.sync(userToken.name, password);
@ -153,17 +159,17 @@ module.exports = function(Self) {
console.warn(err);
}
return {token: token.id, ttl: token.ttl};
return { token: token.id, ttl: token.ttl };
};
Self.userUses = function(user) {
Self.userUses = function (user) {
return user.indexOf('@') !== -1
? {email: user}
: {username: user};
? { email: user }
: { username: user };
};
const _setPassword = Self.prototype.setPassword;
Self.prototype.setPassword = async function(newPassword, options, cb) {
Self.prototype.setPassword = async function (newPassword, options, cb) {
if (cb === undefined && typeof options === 'function') {
cb = options;
options = undefined;
@ -195,13 +201,13 @@ module.exports = function(Self) {
};
Self.sharedClass._methods.find(method => method.name == 'changePassword').ctor.settings.acls =
Self.sharedClass._methods.find(method => method.name == 'changePassword').ctor.settings.acls
.filter(acl => acl.property != 'changePassword');
Self.sharedClass._methods.find(method => method.name == 'changePassword').ctor.settings.acls
.filter(acl => acl.property != 'changePassword');
Self.userSecurity = async(ctx, userId, options) => {
Self.userSecurity = async (ctx, userId, options) => {
const models = Self.app.models;
const accessToken = ctx?.options?.accessToken || LoopBackContext.getCurrentContext().active.accessToken;
const ctxToken = {req: {accessToken}};
const ctxToken = { req: { accessToken } };
if (userId === accessToken.userId) return;
@ -213,7 +219,7 @@ module.exports = function(Self) {
if (hasHigherPrivileges) return;
const hasMediumPrivileges = await models.ACL.checkAccessAcl(ctxToken, 'VnUser', 'mediumPrivileges', myOptions);
const user = await models.VnUser.findById(userId, {fields: ['id', 'emailVerified']}, myOptions);
const user = await models.VnUser.findById(userId, { fields: ['id', 'emailVerified'] }, myOptions);
if (!user.emailVerified && hasMediumPrivileges) return;
throw new ForbiddenError();
@ -226,7 +232,7 @@ module.exports = function(Self) {
if (!ctx.isNewInstance && (!newEmail || !oldEmail || newEmail == oldEmail)) return;
const loopBackContext = LoopBackContext.getCurrentContext();
const httpCtx = {req: loopBackContext.active};
const httpCtx = { req: loopBackContext.active };
const httpRequest = httpCtx.req.http.req;
const headers = httpRequest.headers;
const origin = headers.origin;
@ -234,10 +240,12 @@ module.exports = function(Self) {
const env = process.env.NODE_ENV;
const liliumUrl = await Self.app.models.Url.findOne({
where: {and: [
{appName: 'lilium'},
{environment: env}
]}
where: {
and: [
{ appName: 'lilium' },
{ environment: env }
]
}
});
class Mailer {