@tomei/sso
Version:
Tomei SSO Package
304 lines • 14.3 kB
JavaScript
"use strict";
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.LoginUser = void 0;
const user_1 = require("./user");
const group_entity_1 = require("../../models/group.entity");
const redis_service_1 = require("../../redis-client/redis.service");
const user_repository_1 = require("./user.repository");
const staff_entity_1 = require("../../models/staff.entity");
const user_entity_1 = require("../../models/user.entity");
const user_group_repository_1 = require("../user-group/user-group.repository");
const group_system_access_entity_1 = require("../../models/group-system-access.entity");
const system_entity_1 = require("../../models/system.entity");
const config_1 = require("@tomei/config");
class LoginUser extends user_1.User {
constructor() {
super(...arguments);
this.session = {
Id: null,
};
}
static init(sessionService_1, userId_1) {
return __awaiter(this, arguments, void 0, function* (sessionService, userId, dbTransaction = null) {
user_1.User._RedisService = yield redis_service_1.RedisService.init();
if (userId) {
if (dbTransaction) {
user_1.User._Repository = new user_repository_1.UserRepository();
}
const user = yield user_1.User._Repository.findOne({
where: {
UserId: userId,
},
include: [
{
model: staff_entity_1.default,
},
],
transaction: dbTransaction,
});
if (!user) {
throw new Error('Invalid credentials.');
}
if (user) {
const userAttr = {
UserId: user.UserId,
UserName: user.UserName,
FullName: (user === null || user === void 0 ? void 0 : user.FullName) || null,
IDNo: (user === null || user === void 0 ? void 0 : user.IdNo) || null,
IDType: (user === null || user === void 0 ? void 0 : user.IdType) || null,
ContactNo: (user === null || user === void 0 ? void 0 : user.ContactNo) || null,
Email: user.Email,
Password: user.Password,
Status: user.Status,
DefaultPasswordChangedYN: user.DefaultPasswordChangedYN,
FirstLoginAt: user.FirstLoginAt,
LastLoginAt: user.LastLoginAt,
MFAEnabled: user.MFAEnabled,
MFAConfig: user.MFAConfig,
MFABypassYN: user.MFABypassYN,
RecoveryEmail: user.RecoveryEmail,
FailedLoginAttemptCount: user.FailedLoginAttemptCount,
LastFailedLoginAt: user.LastFailedLoginAt,
LastPasswordChangedAt: user.LastPasswordChangedAt,
NeedToChangePasswordYN: user.NeedToChangePasswordYN,
PasscodeHash: user.PasscodeHash,
PasscodeUpdatedAt: user.PasscodeUpdatedAt,
CreatedById: user.CreatedById,
CreatedAt: user.CreatedAt,
UpdatedById: user.UpdatedById,
UpdatedAt: user.UpdatedAt,
staffs: user === null || user === void 0 ? void 0 : user.Staff,
};
return new LoginUser(sessionService, dbTransaction, userAttr);
}
else {
throw new Error('User not found');
}
}
return new LoginUser(sessionService, dbTransaction);
});
}
checkPrivileges(systemCode, privilegeName) {
return __awaiter(this, void 0, void 0, function* () {
try {
if (!this.ObjectId) {
throw new Error('ObjectId(UserId) is not set');
}
const sessionName = config_1.ApplicationConfig.getComponentConfigValue('sessionName');
if (!sessionName) {
throw new Error('Session name is not set');
}
const userSession = yield this._SessionService.retrieveUserSession(this.ObjectId, sessionName);
const systemLogin = userSession.systemLogins.find((system) => system.code === systemCode);
if (!systemLogin) {
return false;
}
const privileges = systemLogin.privileges;
const hasPrivilege = privileges.includes(privilegeName);
return hasPrivilege;
}
catch (error) {
throw error;
}
});
}
checkSession(systemCode, sessionId, userId) {
return __awaiter(this, void 0, void 0, function* () {
try {
const sessionName = config_1.ApplicationConfig.getComponentConfigValue('sessionName');
if (!sessionName) {
throw new Error('Session name is not set');
}
const userSession = yield this._SessionService.retrieveUserSession(userId, sessionName);
if (userSession.systemLogins.length === 0) {
throw new Error('Session expired.');
}
const systemLogin = userSession.systemLogins.find((sl) => sl.code === systemCode);
if (!systemLogin) {
throw new Error('Session expired.');
}
if (systemLogin.sessionId !== sessionId) {
throw new Error('Session expired.');
}
yield this._SessionService.refreshDuration(userId, sessionName);
return systemLogin;
}
catch (error) {
throw error;
}
});
}
logout(systemCode) {
return __awaiter(this, void 0, void 0, function* () {
try {
if (!this.ObjectId) {
throw new Error('ObjectId(UserId) is not set');
}
const sessionName = config_1.ApplicationConfig.getComponentConfigValue('sessionName');
if (!sessionName) {
throw new Error('Session name is not set');
}
const userSession = yield this._SessionService.retrieveUserSession(this.ObjectId, sessionName);
const index = userSession.systemLogins.findIndex((system) => system.code === systemCode);
userSession.systemLogins.splice(index, 1);
this._SessionService.setUserSession(this.ObjectId, userSession, sessionName);
}
catch (error) {
throw error;
}
});
}
getProfile(dbTransaction) {
return __awaiter(this, void 0, void 0, function* () {
const user = yield user_1.User._Repository.findOne({
where: {
UserId: this.UserId,
Status: 'Active',
},
include: [
{
model: staff_entity_1.default,
},
],
transaction: dbTransaction,
});
return user;
});
}
static getGroups(loginUser, dbTransaction) {
return __awaiter(this, void 0, void 0, function* () {
const userGroups = yield user_1.User._UserGroupRepo.findAll({
where: {
UserId: loginUser.ObjectId,
Status: 'Active',
},
include: [{ model: user_entity_1.default, as: 'User' }, { model: group_entity_1.default }],
transaction: dbTransaction,
});
return userGroups;
});
}
static getSystems(loginUser, dbTransaction) {
return __awaiter(this, void 0, void 0, function* () {
const groups = yield this.getGroups(loginUser, dbTransaction);
const systemAccess = yield user_1.User.combineSystemAccess(loginUser, dbTransaction, groups);
const output = [];
if (systemAccess) {
for (let i = 0; i < systemAccess.length; i++) {
const system = yield user_1.User._SystemRepository.findOne({
where: {
SystemCode: systemAccess[i].SystemCode,
Status: 'Active',
},
});
output.push({
UserSystemAccessId: systemAccess[i].UserSystemAccessId,
UserId: systemAccess[i].UserId,
SystemCode: systemAccess[i].SystemCode,
Status: systemAccess[i].Status,
CreatedById: systemAccess[i].CreatedById,
UpdatedById: systemAccess[i].UpdatedById,
CreatedAt: systemAccess[i].CreatedAt,
UpdatedAt: systemAccess[i].UpdatedAt,
inheritedBy: ['OWN'],
System: system,
});
}
}
let userGroupRepository = new user_group_repository_1.UserGroupRepository();
const userGroups = yield userGroupRepository.findAll({
where: {
UserId: loginUser.UserId,
Status: 'Active',
},
include: [
{
model: group_entity_1.default,
required: true,
where: {
Status: 'Active',
},
include: [
{
model: group_system_access_entity_1.default,
where: {
Status: 'Active',
},
include: [
{
model: system_entity_1.default,
},
],
},
],
},
],
transaction: dbTransaction,
});
if (userGroups) {
for (let i = 0; i < userGroups.length; i++) {
let systemAccessList = userGroups[i].Group.GroupSystemAccesses;
for (let j = 0; j < systemAccessList.length; j++) {
let systemDetails = systemAccessList[j];
let isFound = output.findIndex((e) => e.SystemCode === systemDetails.SystemCode);
if (isFound > -1) {
output[isFound].inheritedBy.push(userGroups[i].GroupCode);
}
else {
output.push({
UserSystemAccessId: systemDetails.GroupSystemAccessId,
UserId: systemDetails.GroupSystemAccessId,
SystemCode: systemDetails.SystemCode,
Status: systemDetails.Status,
CreatedById: systemDetails.CreatedById,
UpdatedById: systemDetails.UpdatedById,
CreatedAt: systemDetails.CreatedAt,
UpdatedAt: systemDetails.UpdatedAt,
inheritedBy: [userGroups[i].GroupCode],
System: systemDetails.System,
});
}
}
}
}
return output;
});
}
setSession(systemCode, sessionId, dbTransaction) {
return __awaiter(this, void 0, void 0, function* () {
const sessionName = config_1.ApplicationConfig.getComponentConfigValue('sessionName');
if (!sessionName) {
throw new Error('Session name is not set in the configuration');
}
const userSession = yield this._SessionService.retrieveUserSession(this.ObjectId, sessionName);
const systemLogin = userSession.systemLogins.find((system) => system.code === systemCode);
if (systemLogin) {
const privileges = yield this.getPrivileges(systemCode, dbTransaction);
systemLogin.sessionId = sessionId;
systemLogin.privileges = privileges;
userSession.systemLogins.map((system) => system.code === systemCode ? systemLogin : system);
}
else {
const newLogin = {
id: systemCode,
code: systemCode,
sessionId: sessionId,
privileges: yield this.getPrivileges(systemCode, dbTransaction),
};
userSession.systemLogins.push(newLogin);
}
this._SessionService.setUserSession(this.ObjectId, userSession, sessionName);
});
}
}
exports.LoginUser = LoginUser;
//# sourceMappingURL=login-user.js.map