UNPKG

@budibase/worker

Version:

Budibase background service

github.com/Budibase/budibase

Budibase/budibase

99 lines (84 loc) 2.43 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
import { auth as authCore, env as coreEnv, events, HTTPError, sessions, tenancy, utils as coreUtils, cache, } from "@budibase/backend-core" import { PlatformLogoutOpts, User, EmailTemplatePurpose } from "@budibase/types" import jwt from "jsonwebtoken" import * as userSdk from "../users" import * as emails from "../../utilities/email" // LOGIN / LOGOUT export async function loginUser(user: User) { const sessionId = coreUtils.newid() const tenantId = tenancy.getTenantId() const sessionResult = await sessions.createASession(user._id!, { sessionId, tenantId, email: user.email, }) const token = jwt.sign( { userId: user._id, sessionId, tenantId, email: user.email, }, coreEnv.JWT_SECRET! ) return { token, invalidatedSessionCount: sessionResult.invalidatedSessionCount, } } export async function logout(opts: PlatformLogoutOpts) { // TODO: This should be moved out of core and into worker only // account-portal can call worker endpoint return authCore.platformLogout(opts) } // PASSWORD MANAGEMENT /** * Reset the user password, used as part of a forgotten password flow. */ export const reset = async (email: string) => { const configured = await emails.isEmailConfigured() if (!configured) { throw new HTTPError( "Please contact your platform administrator, SMTP is not configured.", 400 ) } const user = await userSdk.core.getGlobalUserByEmail(email) // exit if user doesn't exist if (!user) { return } // exit if user has sso if (await userSdk.db.isPreventPasswordActions(user)) { return } // send password reset await emails.sendEmail(email, EmailTemplatePurpose.PASSWORD_RECOVERY, { user, subject: "{{ company }} platform password reset", }) await events.user.passwordResetRequested(user) } /** * Perform the user password update if the provided reset code is valid. */ export const resetUpdate = async (resetCode: string, password: string) => { const { userId } = await cache.passwordReset.getCode(resetCode) let user = await userSdk.db.getUser(userId) user.password = password user = await userSdk.db.save(user) await cache.passwordReset.invalidateCode(resetCode) await sessions.invalidateSessions(userId) // remove password from the user before sending events delete user.password await events.user.passwordReset(user) }