verdaccio
Version:
A lightweight private npm proxy registry
75 lines (65 loc) • 2.15 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", {
value: true
});
exports.default = void 0;
var _lodash = _interopRequireDefault(require("lodash"));
var _constants = require("../../../lib/constants");
var _utils = require("../../../lib/utils");
var _authUtils = require("../../../lib/auth-utils");
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
/**
* @prettier
*
*/
function addUserAuthApi(route, auth, config) {
route.post('/login', function (req, res, next) {
const {
username,
password
} = req.body;
auth.authenticate(username, password, async (err, user) => {
if (err) {
const errorCode = err.message ? _constants.HTTP_STATUS.UNAUTHORIZED : _constants.HTTP_STATUS.INTERNAL_ERROR;
next(_utils.ErrorCode.getCode(errorCode, err.message));
} else {
req.remote_user = user;
const jWTSignOptions = (0, _authUtils.getSecurity)(config).web.sign;
next({
token: await auth.jwtEncrypt(user, jWTSignOptions),
username: req.remote_user.name
});
}
});
});
route.put('/reset_password', function (req, res, next) {
if (_lodash.default.isNil(req.remote_user.name)) {
res.status(_constants.HTTP_STATUS.UNAUTHORIZED);
return next({
// FUTURE: update to a more meaningful message
message: _constants.API_ERROR.MUST_BE_LOGGED
});
}
const {
password
} = req.body;
const {
name
} = req.remote_user;
if ((0, _authUtils.validatePassword)(password.new) === false) {
auth.changePassword(name, password.old, password.new, (err, isUpdated) => {
if (_lodash.default.isNil(err) && isUpdated) {
next({
ok: true
});
} else {
return next(_utils.ErrorCode.getInternalError(_constants.API_ERROR.INTERNAL_SERVER_ERROR));
}
});
} else {
return next(_utils.ErrorCode.getCode(_constants.HTTP_STATUS.BAD_REQUEST, _constants.APP_ERROR.PASSWORD_VALIDATION));
}
});
}
var _default = addUserAuthApi;
exports.default = _default;