UNPKG

lbx-jwt

Version:

Provides JWT authentication for loopback applications. Includes storing roles inside tokens and handling refreshing. Built-in reuse detection.

47 lines (46 loc) 2.86 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
import { UserService } from '@loopback/authentication'; import { juggler } from '@loopback/repository'; import { BaseBiometricCredentialsService } from './base-biometric-credentials.service'; import { BaseMailService } from './mail/base-mail.service'; import { AuthenticationResponse } from '../controllers/auth/biometric/authentication-response.model'; import { LoginCredentials } from '../controllers/auth/login-credentials.model'; import { RequestResetPasswordGrant } from '../controllers/auth/request-reset-password-grant.model'; import { BaseUser } from '../models'; import { BaseUserProfile } from '../models/base-user-profile.model'; import { BaseUserRepository, BiometricCredentialsRepository } from '../repositories'; import { PasswordResetTokenRepository } from '../repositories/password-reset-token.repository'; /** * The base user service used for authentication and authorization. */ export declare class BaseUserService<RoleType extends string> implements UserService<BaseUser<RoleType>, LoginCredentials | AuthenticationResponse> { private readonly userRepository; private readonly passwordResetTokenRepository; private readonly passwordResetTokenExpiresInMs; private readonly dataSource; private readonly mailService; private readonly biometricCredentialsService; private readonly biometricCredentialsRepository; private readonly INVALID_CREDENTIALS_ERROR_MESSAGE; constructor(userRepository: BaseUserRepository<RoleType>, passwordResetTokenRepository: PasswordResetTokenRepository<RoleType>, passwordResetTokenExpiresInMs: number, dataSource: juggler.DataSource, mailService: BaseMailService<RoleType>, biometricCredentialsService: BaseBiometricCredentialsService, biometricCredentialsRepository: BiometricCredentialsRepository); verifyCredentials(credentials: LoginCredentials | AuthenticationResponse): Promise<BaseUser<RoleType>>; private isEmailPasswordCredentials; /** * Verify the identity of a user with email and password. * @param credentials - Email and password. * @returns The identified user. */ protected verifyEmailPasswordCredentials(credentials: LoginCredentials): Promise<BaseUser<RoleType>>; /** * Verify the identity of a user with a biometric credential. * @param credentials - The biometric credentials. * @returns The identified user. */ protected verifyBiometricCredentials(credentials: AuthenticationResponse): Promise<BaseUser<RoleType>>; convertToUserProfile(user: BaseUser<RoleType>): BaseUserProfile<RoleType>; /** * Requests the reset of the password. * @param requestResetPassword - Contains the email of the user which password should be reset. */ requestResetPassword(requestResetPassword: RequestResetPasswordGrant): Promise<void>; private activeResetLinkAlreadyExists; }