UNPKG

@verdaccio/web

Version:

web ui middleware

github.com/verdaccio/verdaccio

94 lines (83 loc) 2.87 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
import buildDebug from 'debug'; import { Request, Response, Router } from 'express'; import _ from 'lodash'; import { Auth } from '@verdaccio/auth'; import { API_ERROR, APP_ERROR, HEADERS, HTTP_STATUS, VerdaccioError, errorUtils, validatioUtils, } from '@verdaccio/core'; import { rateLimit } from '@verdaccio/middleware'; import { Config, JWTSignOptions, RemoteUser } from '@verdaccio/types'; import { $NextFunctionVer } from './package'; const debug = buildDebug('verdaccio:web:api:user'); function addUserAuthApi(auth: Auth, config: Config): Router { const route = Router(); /* eslint new-cap: 0 */ route.post( '/login', rateLimit(config?.userRateLimit), function (req: Request, res: Response, next: $NextFunctionVer): void { const { username, password } = req.body; debug('authenticate %o', username); auth.authenticate( username, password, async (err: VerdaccioError | null, user?: RemoteUser): Promise<void> => { if (err) { const errorCode = err.message ? HTTP_STATUS.UNAUTHORIZED : HTTP_STATUS.INTERNAL_ERROR; debug('error authenticate %o', errorCode); next(errorUtils.getCode(errorCode, err.message)); } else { req.remote_user = user as RemoteUser; const jWTSignOptions: JWTSignOptions = config.security.web.sign; res.set(HEADERS.CACHE_CONTROL, 'no-cache, no-store'); next({ token: await auth.jwtEncrypt(user as RemoteUser, jWTSignOptions), username: req.remote_user.name, }); } } ); } ); if (config?.flags?.changePassword === true) { route.put( '/reset_password', rateLimit(config?.userRateLimit), function (req: Request, res: Response, next: $NextFunctionVer): void { if (_.isNil(req.remote_user.name)) { res.status(HTTP_STATUS.UNAUTHORIZED); return next({ // FUTURE: update to a more meaningful message message: API_ERROR.MUST_BE_LOGGED, }); } const { password } = req.body; const { name } = req.remote_user; if ( validatioUtils.validatePassword( password.new, config?.serverSettings?.passwordValidationRegex ) === false ) { return next(errorUtils.getCode(HTTP_STATUS.BAD_REQUEST, APP_ERROR.PASSWORD_VALIDATION)); } auth.changePassword(name as string, password.old, password.new, (err, isUpdated): void => { if (_.isNil(err) && isUpdated) { next({ ok: true, }); } else { return next(errorUtils.getInternalError(API_ERROR.INTERNAL_SERVER_ERROR)); } }); } ); } return route; } export default addUserAuthApi;