feathers-authentication-management
Version:
Adds sign up verification, forgotten password reset, and other capabilities to local feathers-authentication
107 lines (91 loc) • 3.05 kB
JavaScript
const errors = require('@feathersjs/errors');
const makeDebug = require('debug');
const ensureObjPropsValid = require('./helpers/ensure-obj-props-valid');
const ensureValuesAreStrings = require('./helpers/ensure-values-are-strings');
const getUserData = require('./helpers/get-user-data');
const hashPassword = require('./helpers/hash-password');
const notifier = require('./helpers/notifier');
const debug = makeDebug('authLocalMgnt:verifySignupSetPassword');
module.exports = {
verifySignupSetPasswordWithLongToken,
verifySignupSetPasswordWithShortToken
};
async function verifySignupSetPasswordWithLongToken (
options,
verifyToken,
password,
field,
notifierOptions = {}
) {
ensureValuesAreStrings(verifyToken, password);
const result = await verifySignupSetPassword(
options,
{ verifyToken },
{ verifyToken },
password,
field,
notifierOptions
);
return result;
}
async function verifySignupSetPasswordWithShortToken (
options,
verifyShortToken,
identifyUser,
password,
field,
notifierOptions = {}
) {
ensureValuesAreStrings(verifyShortToken, password);
ensureObjPropsValid(identifyUser, options.identifyUserProps);
const result = await verifySignupSetPassword(
options,
identifyUser,
{
verifyShortToken
},
password,
field,
notifierOptions
);
return result;
}
async function verifySignupSetPassword (options, query, tokens, password, field, notifierOptions = {}) {
debug('verifySignupSetPassword', query, tokens, password);
const usersService = options.app.service(options.service);
const usersServiceIdName = usersService.id;
const users = await usersService.find({ query });
const user1 = getUserData(users, [
'isNotVerifiedOrHasVerifyChanges',
'verifyNotExpired'
]);
if (!Object.keys(tokens).every((key) => tokens[key] === user1[key])) {
await eraseVerifyPropsSetPassword(user1, user1.isVerified, {}, password, field);
throw new errors.BadRequest(
'Invalid token. Get for a new one. (authLocalMgnt)',
{ errors: { $className: 'badParam' } }
);
}
const user2 = await eraseVerifyPropsSetPassword(
user1,
user1.verifyExpires > Date.now(),
user1.verifyChanges || {},
password,
field
);
const user3 = await notifier(options.notifier, 'verifySignupSetPassword', user2, notifierOptions);
return options.sanitizeUserForClient(user3);
async function eraseVerifyPropsSetPassword (user, isVerified, verifyChanges, password, field) {
const hashedPassword = await hashPassword(options.app, password, field);
const patchToUser = Object.assign({}, verifyChanges || {}, {
isVerified,
verifyToken: null,
verifyShortToken: null,
verifyExpires: null,
verifyChanges: {},
password: hashedPassword
});
const result = await usersService.patch(user[usersServiceIdName], patchToUser, {});
return result;
}
}