|
|
|
|
@ -71,7 +71,8 @@ export async function signup(req: Request, res: Response<TableType>) {
|
|
|
|
|
password, |
|
|
|
|
email_verification_token, |
|
|
|
|
invite_token: null, |
|
|
|
|
invite_token_expires: null |
|
|
|
|
invite_token_expires: null, |
|
|
|
|
email: user.email |
|
|
|
|
}); |
|
|
|
|
} else { |
|
|
|
|
NcError.badRequest('User already exist'); |
|
|
|
|
@ -102,7 +103,8 @@ export async function signup(req: Request, res: Response<TableType>) {
|
|
|
|
|
salt, |
|
|
|
|
password, |
|
|
|
|
email_verification_token, |
|
|
|
|
roles |
|
|
|
|
roles, |
|
|
|
|
token_expired: false |
|
|
|
|
}); |
|
|
|
|
} |
|
|
|
|
user = await User.getByEmail(email); |
|
|
|
|
@ -126,7 +128,8 @@ export async function signup(req: Request, res: Response<TableType>) {
|
|
|
|
|
await promisify((req as any).login.bind(req))(user); |
|
|
|
|
const refreshToken = randomTokenString(); |
|
|
|
|
await User.update(user.id, { |
|
|
|
|
refresh_token: refreshToken |
|
|
|
|
refresh_token: refreshToken, |
|
|
|
|
email: user.email |
|
|
|
|
}); |
|
|
|
|
|
|
|
|
|
setTokenCookie(res, refreshToken); |
|
|
|
|
@ -179,7 +182,9 @@ async function successfulSignIn({
|
|
|
|
|
const refreshToken = randomTokenString(); |
|
|
|
|
|
|
|
|
|
await User.update(user.id, { |
|
|
|
|
refresh_token: refreshToken |
|
|
|
|
refresh_token: refreshToken, |
|
|
|
|
email: user.email, |
|
|
|
|
token_expired: false |
|
|
|
|
}); |
|
|
|
|
setTokenCookie(res, refreshToken); |
|
|
|
|
|
|
|
|
|
@ -249,6 +254,7 @@ async function googleSignin(req, res, next) {
|
|
|
|
|
function randomTokenString(): string { |
|
|
|
|
return crypto.randomBytes(40).toString('hex'); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
function setTokenCookie(res, token): void { |
|
|
|
|
// create http only cookie with refresh token that expires in 7 days
|
|
|
|
|
const cookieOptions = { |
|
|
|
|
@ -285,7 +291,8 @@ async function passwordChange(req: Request<any, any>, res): Promise<any> {
|
|
|
|
|
await User.update(user.id, { |
|
|
|
|
salt, |
|
|
|
|
password, |
|
|
|
|
email: user.email |
|
|
|
|
email: user.email, |
|
|
|
|
token_expired: true |
|
|
|
|
}); |
|
|
|
|
|
|
|
|
|
Audit.insert({ |
|
|
|
|
@ -311,6 +318,7 @@ async function passwordForgot(req: Request<any, any>, res): Promise<any> {
|
|
|
|
|
if (user) { |
|
|
|
|
const token = uuidv4(); |
|
|
|
|
await User.update(user.id, { |
|
|
|
|
email: user.email, |
|
|
|
|
reset_password_token: token, |
|
|
|
|
reset_password_expires: new Date(Date.now() + 60 * 60 * 1000) |
|
|
|
|
}); |
|
|
|
|
@ -363,6 +371,9 @@ async function tokenValidate(req, res): Promise<any> {
|
|
|
|
|
if (user.reset_password_expires < new Date()) { |
|
|
|
|
NcError.badRequest('Password reset url expired'); |
|
|
|
|
} |
|
|
|
|
if (user.token_expired) { |
|
|
|
|
NcError.badRequest('Token Expired. Please login again.'); |
|
|
|
|
} |
|
|
|
|
res.json(true); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@ -389,8 +400,10 @@ async function passwordReset(req, res): Promise<any> {
|
|
|
|
|
await User.update(user.id, { |
|
|
|
|
salt, |
|
|
|
|
password, |
|
|
|
|
email: user.email, |
|
|
|
|
reset_password_expires: null, |
|
|
|
|
reset_password_token: '' |
|
|
|
|
reset_password_token: '', |
|
|
|
|
token_expired: true |
|
|
|
|
}); |
|
|
|
|
|
|
|
|
|
Audit.insert({ |
|
|
|
|
@ -416,6 +429,7 @@ async function emailVerification(req, res): Promise<any> {
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
await User.update(user.id, { |
|
|
|
|
email: user.email, |
|
|
|
|
email_verification_token: '', |
|
|
|
|
email_verified: true |
|
|
|
|
}); |
|
|
|
|
@ -446,7 +460,9 @@ async function refreshToken(req, res): Promise<any> {
|
|
|
|
|
const refreshToken = randomTokenString(); |
|
|
|
|
|
|
|
|
|
await User.update(user.id, { |
|
|
|
|
refresh_token: refreshToken |
|
|
|
|
email: user.email, |
|
|
|
|
refresh_token: refreshToken, |
|
|
|
|
token_expired: false |
|
|
|
|
}); |
|
|
|
|
|
|
|
|
|
setTokenCookie(res, refreshToken); |
|
|
|
|
|
Wing-Kam Wong
2 years ago