UNPKG

@authup/server-api

Version:

This is a standalone application.

github.com/authup/authup

authup/authup

160 lines 6.06 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
"use strict"; /* * Copyright (c) 2021-2021. * Author Peter Placzek (tada5hi) * For the full copyright and license information, * view the LICENSE file that was distributed with this source code. */ Object.defineProperty(exports, "__esModule", { value: true }); exports.UserRepository = void 0; const typeorm_1 = require("typeorm"); const core_1 = require("@authup/core"); const server_core_1 = require("@authup/server-core"); const redis_extension_1 = require("redis-extension"); const role_1 = require("../role"); const user_role_1 = require("../user-role"); const user_permission_1 = require("../user-permission"); const entity_1 = require("./entity"); const constants_1 = require("../../database/constants"); const user_attribute_1 = require("../user-attribute"); const utils_1 = require("../utils"); class UserRepository extends typeorm_1.Repository { constructor(instance) { super(entity_1.UserEntity, typeorm_1.InstanceChecker.isDataSource(instance) ? instance.manager : instance); } async appendAttributes(entity, names) { const attributeRepository = this.manager.getRepository(user_attribute_1.UserAttributeEntity); const where = { user_id: entity.id, }; if (names) { where.name = (0, typeorm_1.In)(names); } const rawAttributes = await attributeRepository.find({ where: { user_id: entity.id, }, cache: { id: (0, redis_extension_1.buildKeyPath)({ prefix: constants_1.CachePrefix.USER_OWNED_ATTRIBUTES, id: entity.id, }), milliseconds: 60.000, }, }); const attributes = (0, utils_1.transformAttributesToRecord)(rawAttributes); (0, utils_1.appendAttributes)(entity, attributes); return entity; } async syncRoles(userId, roleIds) { const userRoleRepository = this.manager.getRepository(user_role_1.UserRoleEntity); const userRoles = await userRoleRepository.createQueryBuilder('userRole') .where('userRole.user_id = :userId', { userId }) .getMany(); const userRoleIdsToDrop = userRoles .filter((userRole) => roleIds.indexOf(userRole.role_id) === -1) .map((userRole) => userRole.id); if (userRoleIdsToDrop.length > 0) { await userRoleRepository.delete({ id: (0, typeorm_1.In)(userRoleIdsToDrop), }); } const userRolesToAdd = roleIds .filter((roleId) => userRoles.findIndex((userRole) => userRole.role_id === roleId) === -1) .map((roleId) => userRoleRepository.create({ role_id: roleId, user_id: userId })); if (userRolesToAdd.length > 0) { await userRoleRepository.insert(userRolesToAdd); } } // ------------------------------------------------------------------ async getOwnedPermissions(id) { const permissions = await this.getSelfOwnedPermissions(id); const roles = await this.manager .getRepository(user_role_1.UserRoleEntity) .find({ where: { user_id: id, }, cache: { id: (0, redis_extension_1.buildKeyPath)({ prefix: constants_1.CachePrefix.USER_OWNED_ROLES, id, }), milliseconds: 60.000, }, }); const roleIds = roles.map((userRole) => userRole.role_id); if (roleIds.length === 0) { return permissions; } const roleRepository = new role_1.RoleRepository(this.manager); permissions.push(...await roleRepository.getOwnedPermissionsByMany(roleIds)); return permissions; } async getSelfOwnedPermissions(id) { const repository = this.manager.getRepository(user_permission_1.UserPermissionEntity); const entities = await repository.find({ where: { user_id: id, }, relations: { permission: true, }, cache: { id: (0, redis_extension_1.buildKeyPath)({ prefix: constants_1.CachePrefix.USER_OWNED_PERMISSIONS, id, }), milliseconds: 60.000, }, }); const result = []; for (let i = 0; i < entities.length; i++) { result.push((0, core_1.buildPermissionDescriptorFromRelation)(entities[i])); } return result; } // ------------------------------------------------------------------ /** * Verify a user by name and password. * * @param name * @param password * @param realmId */ async verifyCredentials(name, password, realmId) { const query = this.createQueryBuilder('user') .leftJoinAndSelect('user.realm', 'realm') .where('user.name LIKE :name', { name }); if (realmId) { query.andWhere('user.realm_id = :realmId', { realmId }); } const entities = await query .addSelect('user.password') .getMany(); for (let i = 0; i < entities.length; i++) { if (!entities[i].password) { continue; } const verified = await (0, server_core_1.compare)(password, entities[i].password); if (verified) { return entities[i]; } } return undefined; } async createWithPassword(data) { const entity = this.create(data); const password = entity.password || (0, core_1.createNanoID)(64); entity.password = await this.hashPassword(password); return { entity, password, }; } async hashPassword(password) { return (0, server_core_1.hash)(password); } } exports.UserRepository = UserRepository; //# sourceMappingURL=repository.js.map