UNPKG

@syngrisi/syngrisi

Version:

Syngrisi - Visual Testing Tool

github.com/syngrisi/syngrisi/tree/main/packages/syngrisi

syngrisi/syngrisi

157 lines (138 loc) 5.13 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
const httpStatus = require('http-status'); const passport = require('passport'); const hasha = require('hasha'); const uuidAPIKey = require('uuid-apikey'); const { User } = require('../models'); const catchAsync = require('../utils/catchAsync'); function getApiKey() { return uuidAPIKey.create().apiKey; } const $this = this; $this.logMeta = { scope: 'authentication', msgType: 'AUTHENTICATION', }; // const { authService, userService, tokenService, emailService } = require('../services'); const apikey = catchAsync(async (req, res, next) => { const apiKey = getApiKey(); log.debug( `generate API Key for user: '${req.user.username}'`, $this, { user: req.user.username, scope: 'apikey', msgType: 'GENERATE_API' } ); const hash = hasha(apiKey); const user = await User.findOne({ username: req.user.username }); user.apiKey = hash; await user.save(); res.status(200) .json({ apikey: apiKey }); }); const login = catchAsync(async (req, res, next) => { const logOpts = { scope: 'login', msgType: 'AUTHENTICATION', }; passport.authenticate('local', (err, user, info) => { if (err) { log.error(`Authentication error: '${err}'`, this, logOpts); return res.status(httpStatus.UNAUTHORIZED) .json({ message: 'authentication error' }); } if (!user) { log.error(`Authentication error: '${info.message}'`, this, logOpts); return res.status(httpStatus.UNAUTHORIZED) .json({ message: `Authentication error: '${info.message}'` }); } req.logIn(user, (e) => { if (e) { log.error(e.stack || e.toString()); return next(e); } log.info('user is logged in', this, { user: user.username }); return res.status(200) .json({ message: 'success' }); }); })(req, res, next); }); const logout = catchAsync(async (req, res) => { const logOpts = { scope: 'logout', msgType: 'AUTHENTICATION', }; try { log.debug(`try to log out user: '${req?.user?.username}'`, $this, logOpts); await req.logout( {}, () => res.status(httpStatus.OK) .json({ message: 'success' }) ); } catch (e) { log.error(e.stack || e.toString()); res.status(httpStatus.INTERNAL_SERVER_ERROR) .json({ message: 'fail' }); } }); const changePassword = catchAsync(async (req, res) => { const logOpts = { scope: 'changePassword', msgType: 'CHANGE_PASSWORD', itemType: 'user', ref: req?.user?.username, }; const { currentPassword, newPassword, // newPasswordConfirmation, } = req.body; const username = req?.user?.username; log.debug(`change password for '${username}', params: '${JSON.stringify(req.body)}'`, this, logOpts); const user = await User.findOne({ username }); if (!user) { log.error('user is not logged in', this, logOpts); return res.status(httpStatus.UNAUTHORIZED) .json({ message: 'user is not logged in' }); } try { await user.changePassword(currentPassword, newPassword); } catch (e) { log.error(e.stack || e.toString(), this, logOpts); return res.status(httpStatus.INTERNAL_SERVER_ERROR) .json({ message: e.toString() }); } log.debug(`password was successfully changed for user: ${req.user.username}`, this, logOpts); return res.status(200) .json({ message: 'success' }); }); const changePasswordFirstRun = catchAsync(async (req, res) => { const logOpts = { scope: 'changePasswordFirstRun', msgType: 'CHANGE_PASSWORD_FIRST_RUN', itemType: 'user', ref: req?.user?.username, }; const { newPassword } = req.body; if ((await global.AppSettings.isAuthEnabled()) && ((await global.AppSettings.isFirstRun()))) { log.debug(`first run, change password for default 'Administrator', params: '${JSON.stringify(req.body)}'`, $this, logOpts); const user = await User.findOne({ username: 'Administrator' }) .exec(); logOpts.ref = user?.username; await user.setPassword(newPassword); await user.save(); log.debug('password was successfully changed for default Administrator', $this, logOpts); await global.AppSettings.set('first_run', false); return res.status(200) .json({ message: 'success' }); } log.error(`trying to use first run API with no first run state, auth: '${await global.AppSettings.isAuthEnabled()}', ` + `global settings: '${(await global.AppSettings.get('first_run'))}'`, $this, logOpts); return res.status(httpStatus.FORBIDDEN) .json({ message: 'forbidden' }); }); module.exports = { login, changePassword, changePasswordFirstRun, logout, apikey, };