alwaysai
Version:
The alwaysAI command-line interface (CLI)
109 lines • 4.63 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
global.fetch = require('node-fetch');
const amazon_cognito_identity_js_1 = require("amazon-cognito-identity-js");
const chalk_1 = require("chalk");
const cli_config_1 = require("./cli-config");
const credentials_store_1 = require("./credentials-store");
const alwayscli_1 = require("@alwaysai/alwayscli");
const cognitoUserPool = new amazon_cognito_identity_js_1.CognitoUserPool({
UserPoolId: cli_config_1.userPoolId,
ClientId: cli_config_1.userPoolClientId,
Storage: credentials_store_1.credentialsStore,
});
function getCurrentUser() {
const cognitoUser = cognitoUserPool.getCurrentUser();
if (!cognitoUser) {
return undefined;
}
return cognitoUser;
}
exports.getCurrentUser = getCurrentUser;
async function getBearerToken() {
const user = await getCurrentUser();
if (!user) {
return undefined;
}
const session = await new Promise((resolve, reject) => {
user.getSession((err, val) => {
if (err) {
reject(err);
}
else {
resolve(val);
}
});
});
const jwt = session.getAccessToken().getJwtToken();
return jwt;
}
exports.getBearerToken = getBearerToken;
function instantiateUser(email) {
const cognitoUser = new amazon_cognito_identity_js_1.CognitoUser({
Username: email,
Pool: cognitoUserPool,
Storage: credentials_store_1.credentialsStore,
});
cognitoUser.setAuthenticationFlowType('USER_PASSWORD_AUTH');
return cognitoUser;
}
exports.instantiateUser = instantiateUser;
async function authenticateUser(email, password) {
const authenticationDetails = new amazon_cognito_identity_js_1.AuthenticationDetails({
Username: email,
Password: password,
});
const cognitoUser = instantiateUser(email);
await new Promise((resolve, reject) => {
cognitoUser.authenticateUser(authenticationDetails, {
onSuccess(_, userConfirmationNecessary) {
if (userConfirmationNecessary) {
reject(new alwayscli_1.TerseError('Account not confirmed. Please check your inbox and follow instructions to confirm your account'));
}
else {
resolve();
}
},
onFailure(err) {
switch (err.code) {
case 'PasswordResetRequiredException': {
reject(new alwayscli_1.TerseError(`Password reset required. Please visit the following URL in a web browser:\n\n ${chalk_1.default.bold(cli_config_1.webAuthUrl)}`));
break;
}
case 'NotAuthorizedException': {
reject(new alwayscli_1.TerseError(`Incorrect password for ${chalk_1.default.bold(email)}. Please try again or visit the following URL to reset your password:\n\n ${chalk_1.default.bold(cli_config_1.webAuthUrl)}`));
break;
}
case 'UserNotFoundException': {
reject(new alwayscli_1.TerseError(`User not found for email ${chalk_1.default.bold(email)}`));
break;
}
default: {
reject(err);
}
}
},
newPasswordRequired() {
throw new alwayscli_1.TerseError(`First-time login must be done on the web. Please complete the authentication process first in a web browser by visiting the following URL:\n\n ${cli_config_1.webAuthUrl}\n\n`);
},
mfaRequired() {
reject(new alwayscli_1.TerseError('Multi-factor authentication (MFA) is not yet supported'));
},
totpRequired() {
reject(new alwayscli_1.TerseError('Time-based one-time password (TOTP) is not yet supported'));
},
mfaSetup() {
reject(new alwayscli_1.TerseError('Multi-factor authentication (MFA) setup is not yet supported'));
},
selectMFAType() {
reject(new alwayscli_1.TerseError('Multi-factor authentication (MFA) selection is not yet supported'));
},
customChallenge() {
reject(new alwayscli_1.TerseError('Custom authentication challenges are not yet supported'));
},
});
});
return cognitoUser;
}
exports.authenticateUser = authenticateUser;
//# sourceMappingURL=cognito-auth.js.map