UNPKG

will-lib

Version:
1,140 lines (1,139 loc) 46.9 kB
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.PasswordLibrary = void 0; const uuid_1 = require("uuid"); const will_sql_1 = require("will-sql"); const will_util_1 = require("will-util"); const EnvironmentVariable_1 = require("./EnvironmentVariable"); const bcrypt = require('bcrypt'); class PasswordLibrary { static parseInt(value) { if (!value) return 0; try { return parseInt(value); } catch (ex) { } return 0; } static randomPassword() { let now = new Date(); let time = now.getTime().toString(16); time = time.substring(time.length - 4); let l = Math.floor(Math.random() * 100000) + 1000; let code = l.toString(16); code = code.substring(0, 4); return time + code; } static getAlphabets(text) { if (!text || text.trim().length == 0) return 0; let count = 0; for (let i = 0, isz = text.length; i < isz; i++) { if (this.isLetter(text.charAt(i))) { count++; } } return count; } static getDigits(text) { if (!text || text.trim().length == 0) return 0; return (text.match(/\d/g) || []).length; } static isDigit(c) { return c >= '0' && c <= '9'; } static isLetter(c) { return /[a-zA-Z]/.test(c); } static isLowerCase(c) { return c == c.toLowerCase(); } static isUpperCase(c) { return c == c.toUpperCase(); } static indexOfAlphabets(text) { if (!text || text.trim().length == 0) return -1; for (let i = 0, isz = text.length; i < isz; i++) { if (this.isLetter(text.charAt(i))) { return i; } } return -1; } static createNewPassword() { let text = this.randomPassword(); let digits = this.getDigits(text); let letters = this.getAlphabets(text); while (digits == 0 || letters <= 1) { text = this.randomPassword(); digits = this.getDigits(text); letters = this.getAlphabets(text); } let idx = this.indexOfAlphabets(text); if (idx >= 0) { let ch = text.charAt(idx); ch = ch.toUpperCase(); return text.substring(0, idx) + ch + text.substring(idx + 1); } return text; } static checkNumberOnly(text) { if (!text || text.trim().length == 0) return false; return /^[0-9]*$/.test(text); } getPolicy(key) { return this.ht?.get(key); } createPassword() { let pass = "password"; let initpwd = EnvironmentVariable_1.INITIAL_PASSWORD; if (initpwd != null && initpwd.trim().length > 0) { pass = initpwd; } let dynapwd = EnvironmentVariable_1.DYNAMIC_INITIAL_PASSWORD; if (!(dynapwd != null && "false" == dynapwd)) { pass = PasswordLibrary.createNewPassword(); } return pass; } encrypt(pwd, salt) { if (!pwd || pwd.trim().length == 0) return ""; if (!salt || salt.trim().length == 0) { salt = bcrypt.genSaltSync(10); } return bcrypt.hashSync(pwd, salt); } encryptPassword(pwd) { return this.encrypt(pwd); } checkAlphainpwd(pwd) { if (!pwd || pwd.trim().length == 0) return false; let val = this.getPolicy("alphainpwd"); let num = PasswordLibrary.parseInt(val); if (num == 0) return false; let count = 0; for (let i = 0, isz = pwd.length; i < isz; i++) { if (PasswordLibrary.isLetter(pwd.charAt(i))) { count++; } } if (count < num) return true; return false; } checkDigitinpwd(pwd) { if (!pwd || pwd.trim().length == 0) return false; let val = this.getPolicy("digitinpwd"); let num = PasswordLibrary.parseInt(val); if (num == 0) return false; let count = 0; for (let i = 0, isz = pwd.length; i < isz; i++) { if (PasswordLibrary.isDigit(pwd.charAt(i))) { count++; } } if (count < num) return true; return false; } checkLowerinpwd(pwd) { if (!pwd || pwd.trim().length == 0) return false; let val = this.getPolicy("lowerinpwd"); let num = PasswordLibrary.parseInt(val); if (num == 0) return false; let count = 0; for (let i = 0, isz = pwd.length; i < isz; i++) { if (PasswordLibrary.isLowerCase(pwd.charAt(i))) { count++; } } if (count < num) return true; return false; } checkUpperinpwd(pwd) { if (!pwd || pwd.trim().length == 0) return false; let val = this.getPolicy("upperinpwd"); let num = PasswordLibrary.parseInt(val); if (num == 0) return false; let count = 0; for (let i = 0, isz = pwd.length; i < isz; i++) { if (PasswordLibrary.isUpperCase(pwd.charAt(i))) { count++; } } if (count < num) return true; return false; } passwordValidation(pwd) { if (!pwd || pwd.trim().length == 0) return false; let pattern = "(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%^&+=])(?=\\S+$).{8,}"; let found = pwd.match(pattern); if (found && found.length > 0) return true; return false; } checkMatchPattern(pwd) { let val = this.getPolicy("upperinpwd"); let num = PasswordLibrary.parseInt(val); if (num == 0) return true; return this.passwordValidation(pwd); } checkMaxarrangechar(pwd) { if (!pwd || pwd.trim().length == 0) return false; let val = this.getPolicy("maxarrangechar"); let num = PasswordLibrary.parseInt(val); if (num == 0) return false; let max = 1; let guess = 0; for (let i = 0, isz = pwd.length; i < isz; i++) { let c = pwd.charCodeAt(i); if (c == guess) { max++; guess = c + 1; if (max > num) { return true; } } else { guess = c + 1; max = 1; } } max = 1; guess = 0; for (let i = 0, isz = pwd.length; i < isz; i++) { let c = pwd.charCodeAt(i); if (c == guess) { max++; guess = c - 1; if (max > num) { return true; } } else { guess = c - 1; max = 1; } } return false; } checkMaxpwdlength(pwd) { if (!pwd || pwd.trim().length == 0) return false; let val = this.getPolicy("maxpwdlength"); let num = PasswordLibrary.parseInt(val); if (num == 0) return false; let pwdlen = pwd.length; if (pwdlen > num) return true; return false; } checkMaxsamechar(pwd) { if (!pwd || pwd.trim().length == 0) return false; let val = this.getPolicy("maxsamechar"); let num = PasswordLibrary.parseInt(val); if (num == 0) return false; for (let i = 0, isz = pwd.length; i < isz; i++) { let c = pwd.charAt(i); let same = 0; for (let j = 0, jsz = pwd.length; j < jsz; j++) { if (c == pwd.charAt(j)) { same++; } } if (same > num) return true; } return false; } checkMindiffchar(pwd) { if (!pwd || pwd.trim().length == 0) return false; let val = this.getPolicy("mindiffchar"); let num = PasswordLibrary.parseInt(val); if (num == 0) return false; let v = new Array(); for (let i = 0, isz = pwd.length; i < isz; i++) { let c = pwd.charAt(i); let notfound = true; for (let j = 0, jsz = v.length; j < jsz && notfound; j++) { let ch = v[j]; if (c == ch) { notfound = false; } } if (notfound) { v.push(c); } } let diff = v.length; if (diff >= num) return false; return true; } checkMinpwdlength(pwd) { if (!pwd || pwd.trim().length == 0) return false; let val = this.getPolicy("minpwdlength"); let num = PasswordLibrary.parseInt(val); if (num == 0) return false; let pwdlen = pwd.length; if (pwdlen < num) return true; return false; } checkOtherinpwd(pwd) { if (!pwd || pwd.trim().length == 0) return false; let val = this.getPolicy("otherinpwd"); let num = PasswordLibrary.parseInt(val); if (num == 0) return false; let other = 0; for (let i = 0, isz = pwd.length; i < isz; i++) { let c = pwd.charAt(i); if (!(PasswordLibrary.isLetter(c) || PasswordLibrary.isDigit(c))) { other++; } } if (other < num) return true; return false; } getHashtable() { return this.ht; } comparePassword(pwd, storedpwd) { return bcrypt.compareSync(pwd, storedpwd); } async checkMatchNumber(conn, pwd) { if (!pwd || pwd.trim().length == 0) return Promise.resolve(false); let val = this.getPolicy("otherinpwd"); let num = PasswordLibrary.parseInt(val); if (num == 0) return Promise.resolve(false); let result = false; let sql = new will_sql_1.KnSQL("select reservenum from tnpwd"); try { let rs = await sql.executeQuery(conn); if (rs.rows && rs.rows.length > 0) { for (let i = 0, isz = rs.rows.length; i < isz; i++) { let row = rs.rows[i]; let found = pwd.includes(row.reservenum); if (found) { result = true; } } } } catch (err) { console.error("error", err); } return Promise.resolve(result); } async verifyPassword(conn, site, userid, pwd) { if (!userid || userid.trim().length == 0) return Promise.resolve(false); if (!pwd || pwd.trim().length == 0) return Promise.resolve(false); let result = false; let sql = new will_sql_1.KnSQL("select userpassword from tuser where userid = ?userid "); sql.set("userid", userid); try { let rs = await sql.executeQuery(conn); if (rs.rows && rs.rows.length > 0) { for (let i = 0, isz = rs.rows.length; i < isz; i++) { let row = rs.rows[i]; let dbpwd = row.userpassword; if (dbpwd && dbpwd.trim().length > 0) { if (dbpwd == pwd || this.comparePassword(pwd, dbpwd)) { result = true; } } else { result = true; } } } } catch (err) { console.error("error", err); } return Promise.resolve(result); } async checkUser(conn, site, userid) { if (!userid || userid.trim().length == 0) return Promise.resolve(false); let result = false; let sql = new will_sql_1.KnSQL("select userid from tuser where userid = ?userid "); sql.set("userid", userid); try { let rs = await sql.executeQuery(conn); if (rs.rows && rs.rows.length > 0) { result = true; } } catch (err) { console.error("error", err); } return Promise.resolve(result); } async checkNotchgpwduntilday(conn, userid) { if (!userid || userid.trim().length == 0) return Promise.resolve(false); let val = this.getPolicy("notchgpwduntilday"); let num = PasswordLibrary.parseInt(val); if (num == 0) return Promise.resolve(false); let result = false; let systemdate = null; let sql = new will_sql_1.KnSQL("select max(systemdate) systemdate from tupwd where userid = ?userid "); sql.set("userid", userid); try { let rs = await sql.executeQuery(conn); if (rs.rows && rs.rows.length > 0) { let row = rs.rows[0]; systemdate = row.systemdate; } } catch (err) { console.error("error", err); } if (systemdate == null) { return Promise.resolve(false); } if (this.logondate == null) { this.logondate = new Date(); } let chgdate = will_util_1.Utilities.addDays(num, systemdate); if (will_util_1.Utilities.compareDate(chgdate, this.logondate) < 0) { return Promise.resolve(true); } return Promise.resolve(result); } async checkPersonalInfo(conn, userid, pwd) { if (!userid || userid.trim().length == 0) return Promise.resolve(false); if (!pwd || pwd.trim().length == 0) return Promise.resolve(false); let val = this.getPolicy("notchgpwduntilday"); let num = PasswordLibrary.parseInt(val); if (num == 0) return Promise.resolve(false); let result = false; let sql = new will_sql_1.KnSQL("select * from tcpwd where userid = ?userid "); sql.set("userid", userid); try { let rs = await sql.executeQuery(conn); if (rs.rows && rs.rows.length > 0) { for (let i = 0, isz = rs.rows.length; i < isz; i++) { let row = rs.rows[i]; let contents = row.contents; if (contents && contents.trim().length > 0) { if (will_util_1.Utilities.compareString(pwd, contents) == 0) { result = true; } if (pwd.includes(contents)) { result = true; } } } } } catch (err) { console.error("error", err); } return Promise.resolve(result); } async checkReserveword(conn, pwd) { if (!pwd || pwd.trim().length == 0) return Promise.resolve(false); let val = this.getPolicy("checkreservepwd"); let num = PasswordLibrary.parseInt(val); if (num == 0) return Promise.resolve(false); let result = false; let sql = new will_sql_1.KnSQL("select * from trpwd where reservepwd = ?reservepwd "); sql.set("reservepwd", pwd); try { let rs = await sql.executeQuery(conn); if (rs.rows && rs.rows.length > 0) { result = true; } } catch (err) { console.error("error", err); } return Promise.resolve(result); } async checkTimenotusedoldpwd(conn, userid, pwd) { if (!userid || userid.trim().length == 0) return Promise.resolve(false); if (!pwd || pwd.trim().length == 0) return Promise.resolve(false); let val = this.getPolicy("timenotusedoldpwd"); let num = PasswordLibrary.parseInt(val); if (num == 0) return Promise.resolve(false); let result = false; let duplicate = false; let time = 0; let encpwd = this.encryptPassword(pwd); let sql = new will_sql_1.KnSQL("select * from tupwd where userid = ?userid order by serverdatetime desc "); sql.set("userid", userid); try { let rs = await sql.executeQuery(conn); if (rs.rows && rs.rows.length > 0) { for (let i = 0, isz = rs.rows.length; i < isz; i++) { let row = rs.rows[i]; let dbpwd = row.userpassword; if (dbpwd && dbpwd.trim().length > 0) { if (encpwd = dbpwd) { duplicate = true; } else { time++; } } } } } catch (err) { console.error("error", err); } if (duplicate && (time < num)) { result = true; } return Promise.resolve(result); } async getUserPolicy(conn, userid) { if (!userid || userid.trim().length == 0) return Promise.resolve(false); let result = false; this.ht = new Map(); let sql = new will_sql_1.KnSQL("select * from tppwd where userid = ?userid "); sql.set("userid", userid); try { let rs = await sql.executeQuery(conn); if (rs.rows && rs.rows.length > 0) { result = true; for (let i = 0, isz = rs.rows.length; i < isz; i++) { let row = rs.rows[i]; this.ht?.set("checkreservepwd", "" + row.checkreservepwd); this.ht?.set("checkpersonal", "" + row.checkpersonal); this.ht?.set("checkmatchpattern", "" + row.checkmatchpattern); this.ht?.set("checkmatchnumber", "" + row.checkmatchnumber); this.ht?.set("timenotusedoldpwd", "" + row.timenotusedoldpwd); this.ht?.set("notchgpwduntilday", "" + row.notchgpwduntilday); this.ht?.set("minpwdlength", "" + row.minpwdlength); this.ht?.set("maxpwdlength", "" + row.maxpwdlength); this.ht?.set("alphainpwd", "" + row.alphainpwd); this.ht?.set("digitinpwd", "" + row.digitinpwd); this.ht?.set("otherinpwd", "" + row.otherinpwd); this.ht?.set("maxsamechar", "" + row.maxsamechar); this.ht?.set("mindiffchar", "" + row.mindiffchar); this.ht?.set("maxarrangechar", "" + row.maxarrangechar); this.ht?.set("pwdexpireday", "" + row.pwdexpireday); this.ht?.set("upperinpwd", "" + row.upperinpwd); this.ht?.set("lowerinpwd", "" + row.lowerinpwd); } } } catch (err) { console.error("error", err); } if (!result) { sql.clear(); sql.append("select * from tppwd where userid = 'DEFAULT' "); try { let rs = await sql.executeQuery(conn); if (rs.rows && rs.rows.length > 0) { result = true; for (let i = 0, isz = rs.rows.length; i < isz; i++) { let row = rs.rows[i]; this.ht?.set("checkreservepwd", "" + row.checkreservepwd); this.ht?.set("checkpersonal", "" + row.checkpersonal); this.ht?.set("checkmatchpattern", "" + row.checkmatchpattern); this.ht?.set("checkmatchnumber", "" + row.checkmatchnumber); this.ht?.set("timenotusedoldpwd", "" + row.timenotusedoldpwd); this.ht?.set("notchgpwduntilday", "" + row.notchgpwduntilday); this.ht?.set("minpwdlength", "" + row.minpwdlength); this.ht?.set("maxpwdlength", "" + row.maxpwdlength); this.ht?.set("alphainpwd", "" + row.alphainpwd); this.ht?.set("digitinpwd", "" + row.digitinpwd); this.ht?.set("otherinpwd", "" + row.otherinpwd); this.ht?.set("maxsamechar", "" + row.maxsamechar); this.ht?.set("mindiffchar", "" + row.mindiffchar); this.ht?.set("maxarrangechar", "" + row.maxarrangechar); this.ht?.set("pwdexpireday", "" + row.pwdexpireday); this.ht?.set("upperinpwd", "" + row.upperinpwd); this.ht?.set("lowerinpwd", "" + row.lowerinpwd); } } } catch (err) { console.error("error", err); } } return Promise.resolve(result); } async getUserExpireDate(conn, userid, expiredate) { if (this.ht == null || this.ht.size == 0) { await this.getUserPolicy(conn, userid); } let systemdate = expiredate; if (!systemdate) { systemdate = new Date(); } let val = this.getPolicy("pwdexpireday"); let num = PasswordLibrary.parseInt(val); if (num == 0) num = 120; let result = will_util_1.Utilities.addDays(num, systemdate); return Promise.resolve(result); } async getUserTemporaryExpireDate(conn, userid, site) { if (!site || site.trim().length == 0) { let sql = new will_sql_1.KnSQL("select site from tuser where userid = ?userid "); sql.set("userid", userid); try { let rs = await sql.executeQuery(conn); if (rs.rows && rs.rows.length > 0) { site = rs.rows[0].site; } } catch (ex) { console.error("error", ex); } } let days = 0; if (site && site.trim().length > 0) { let colvalue = ""; let sql = new will_sql_1.KnSQL("select colvalue from tconfig where category='TEMPORARY_EXPIRE_DAY' and colname=?colname "); sql.set("colname", site); try { let rs = await sql.executeQuery(conn); if (rs.rows && rs.rows.length > 0) { colvalue = rs.rows[0].colvalue; } } catch (ex) { console.error("error", ex); } days = PasswordLibrary.parseInt(colvalue); } if (days == 0) days = 1; let result = will_util_1.Utilities.addDays(days, new Date()); return Promise.resolve(result); } async insertHistory(conn, userid, pwd, serverdate, systemdate, editor) { if (!userid || userid.trim().length == 0) return Promise.resolve(false); if (!serverdate) serverdate = new Date(); if (!systemdate) systemdate = new Date(); let sql = new will_sql_1.KnSQL("insert into tupwd (serverdatetime,systemdate,userid,userpassword,edituserid) "); sql.append("values(?serverdatetime,?systemdate,?userid,?userpassword,?edituserid) "); sql.set("serverdatetime", serverdate); sql.set("systemdate", systemdate); sql.set("userid", userid); sql.set("userpassword", pwd); sql.set("edituserid", editor); await sql.executeUpdate(conn); return Promise.resolve(true); } async moveTemporaryPassword(conn, userid, moveflag = false) { if (!userid || userid.trim().length == 0) return Promise.resolve(0); let hisid = (0, uuid_1.v4)(); let hisno = new Date().getTime(); let sql = new will_sql_1.KnSQL("insert into tuserpwdhistory "); sql.append("select *,'" + hisid + "'," + hisno + ",'" + (moveflag ? "1" : "0") + "' from tuserpwd "); sql.append("where userid = ?userid "); sql.set("userid", userid); await sql.executeUpdate(conn); let result = 0; sql.clear(); sql.append("delete from tuserpwd where userid = ?userid "); sql.set("userid", userid); let rs = await sql.executeUpdate(conn); if (rs.rows) { result = rs.rows.affectedRows; } return Promise.resolve(result); } async moveTemporaryPasswordExpired(conn, userid, expiredate) { if (!userid || userid.trim().length == 0) return Promise.resolve(0); if (!expiredate) expiredate = new Date(); let hisid = (0, uuid_1.v4)(); let hisno = new Date().getTime(); let sql = new will_sql_1.KnSQL("insert into tuserpwdhistory "); sql.append("select *,'" + hisid + "'," + hisno + ",'0' from tuserpwd "); sql.append("where userid = ?userid and expiredate <= ?expiredate "); sql.set("userid", userid); sql.set("expiredate", expiredate); await sql.executeUpdate(conn); let result = 0; sql.clear(); sql.append("delete from tuserpwd where userid = ?userid and expiredate <= ?expiredate "); sql.set("userid", userid); sql.set("expiredate", expiredate); let rs = await sql.executeUpdate(conn); if (rs.rows) { result = rs.rows.affectedRows; } return Promise.resolve(result); } async updatePassword(conn, site, userid, pwd, expiredate, history = true, changeflag = "1", status) { if (!userid || userid.trim().length == 0) return Promise.resolve(false); if (!pwd || pwd.trim().length == 0) return Promise.resolve(false); let systemdate = expiredate; if (!systemdate) systemdate = new Date(); let expdate = await this.getUserExpireDate(conn, userid, expiredate); let encpwd = this.encryptPassword(pwd); let now = new Date(); let sql = new will_sql_1.KnSQL("update tuser set userpassword = ?userpassword, "); sql.append("passwordexpiredate = ?passwordexpiredate, "); sql.append("passwordchangedate = ?passwordchangedate, "); sql.append("passwordchangetime = ?passwordchangetime, "); if (status && status.trim().length > 0) { sql.append("status = ?status, "); sql.set("status", status); } sql.append("changeflag = ?changeflag "); sql.append("where userid = ?userid "); sql.set("userpassword", encpwd); sql.set("passwordexpiredate", expdate); sql.set("passwordchangedate", now); sql.set("passwordchangetime", now); sql.set("changeflag", changeflag); sql.set("userid", userid); await sql.executeUpdate(conn); if (!history) return Promise.resolve(true); return await this.insertHistory(conn, userid, encpwd, new Date(), systemdate, userid); } async updatePasswordFromTemporary(conn, trxid, userid, changeflag = "1", history = true) { if (!trxid || trxid.trim().length == 0) return Promise.resolve(0); if (!userid || userid.trim().length == 0) return Promise.resolve(0); let result = 0; let encpwd = null; let expdate = null; let chgdate = null; let chgtime = null; let sql = new will_sql_1.KnSQL("select * from tuserpwd where trxid = ?trxid "); sql.set("trxid", trxid); let rs = await sql.executeQuery(conn); if (rs.rows && rs.rows.length > 0) { result++; let row = rs.rows[0]; encpwd = row.userpassword; expdate = row.passwordexpiredate; chgdate = row.passwordchangedate; chgtime = row.passwordchangetime; } if (result > 0) { sql.clear(); sql.append("update tuser set userpassword = ?userpassword, passwordexpiredate = ?passwordexpiredate, "); sql.append("passwordchangedate = ?passwordchangedate, passwordchangetime = ?passwordchangetime, changeflag = ?changeflag "); sql.append("where userid = ?userid "); sql.set("userpassword", encpwd); sql.set("passwordexpiredate", expdate); sql.set("passwordchangedate", chgdate); sql.set("passwordchangetime", chgtime); sql.set("changeflag", changeflag); sql.set("userid", userid); await sql.executeUpdate(conn); } if (history) { await this.moveTemporaryPassword(conn, userid, true); } return Promise.resolve(result); } async updateTemporaryPassword(conn, userid, pwd, site, expiredate) { if (!userid || userid.trim().length == 0) return Promise.resolve(0); if (!pwd || pwd.trim().length == 0) return Promise.resolve(0); let result = 0; let systemdate = expiredate; if (!systemdate) systemdate = new Date(); let pwdexpdate = await this.getUserExpireDate(conn, userid, expiredate); let tmpexpdate = await this.getUserTemporaryExpireDate(conn, userid, site); let encpwd = this.encryptPassword(pwd); let sql = new will_sql_1.KnSQL("update tuserpwd set expireflag = '1' where userid = ?userid "); sql.set("userid", userid); await sql.executeUpdate(conn); let now = new Date(); sql.clear(); sql.append("insert into tuserpwd(trxid,userid,userpassword,expiredate,transtime,passwordexpiredate,"); sql.append("passwordchangedate,passwordchangetime,expireflag,editdate,edittime) "); sql.append("values(?trxid,?userid,?userpassword,?expiredate,?transtime,?passwordexpiredate,"); sql.append("?passwordchangedate,?passwordchangetime,'0',?editdate,?edittime) "); sql.set("trxid", (0, uuid_1.v4)()); sql.set("userid", userid); sql.set("userpassword", encpwd); sql.set("expiredate", tmpexpdate); sql.set("transtime", now.getTime()); sql.set("passwordexpiredate", pwdexpdate); sql.set("passwordchangedate", now); sql.set("passwordchangetime", now); sql.set("editdate", now); sql.set("edittime", now); await sql.executeUpdate(conn); return Promise.resolve(result); } async checkPassword(conn, site, userid, oldpwd, logon) { let result = { result: false, msg: null, errno: 0, args: null }; try { let valid = await this.checkUser(conn, site, userid); if (!valid) { result.result = false; result.errno = -3001; result.msg = "Invalid user or password"; return Promise.resolve(result); } valid = await this.verifyPassword(conn, site, userid, oldpwd); if (!valid) { result.result = false; result.errno = -3002; result.msg = "Invalid user or password"; return Promise.resolve(result); } valid = await this.getUserPolicy(conn, userid); if (!valid) { result.result = false; result.errno = -3003; result.msg = "Password policy configurations not found. Please contact administrator."; return Promise.resolve(result); } result.result = true; } catch (ex) { result.result = false; result.errno = -3000; if (ex.errno) result.errno = ex.errno; if (typeof ex === "string") { result.msg = ex; } else { result.msg = ex.message; } } return Promise.resolve(result); } async changePassword(conn, site, userid, oldpwd, newpwd, logdate, changeflag = "1", history = true) { let result = { result: false, msg: null, errno: 0, args: null }; this.logondate = logdate; try { let valid = await this.checkUser(conn, site, userid); if (!valid) { result.result = false; result.errno = -3001; result.msg = "Invalid user or password"; return Promise.resolve(result); } valid = await this.verifyPassword(conn, site, userid, oldpwd); if (!valid) { result.result = false; result.errno = -3002; result.msg = "Invalid user or password"; return Promise.resolve(result); } valid = await this.getUserPolicy(conn, userid); if (!valid) { result.result = false; result.errno = -3003; result.msg = "Password policy configurations not found. Please contact administrator."; return Promise.resolve(result); } if (this.checkMinpwdlength(newpwd)) { result.args = this.getPolicy("minpwdlength"); if (!result.args) result.args = ""; result.result = false; result.errno = -3005; result.msg = "Password entry length at least " + result.args + " characters."; return Promise.resolve(result); } if (this.checkAlphainpwd(newpwd)) { result.args = this.getPolicy("alphainpwd"); if (!result.args) result.args = ""; result.result = false; result.errno = -3006; result.msg = "Password input character at least " + result.args + " characters."; return Promise.resolve(result); } if (this.checkOtherinpwd(newpwd)) { result.args = this.getPolicy("otherinpwd"); if (!result.args) result.args = ""; result.result = false; result.errno = -3007; result.msg = "Password input special character at least " + result.args + " characters."; return Promise.resolve(result); } if (this.checkMaxsamechar(newpwd)) { result.args = this.getPolicy("maxsamechar"); if (!result.args) result.args = ""; result.result = false; result.errno = -3008; result.msg = "Password input the same character not more than " + result.args + " characters."; return Promise.resolve(result); } if (this.checkMindiffchar(newpwd)) { result.args = this.getPolicy("mindiffchar"); if (!result.args) result.args = ""; result.result = false; result.errno = -3009; result.msg = "Password input different character at least " + result.args + " characters."; return Promise.resolve(result); } if (this.checkMaxarrangechar(newpwd)) { result.args = this.getPolicy("maxarrangechar"); if (!result.args) result.args = ""; result.result = false; result.errno = -3010; result.msg = "Password input sequential character at least " + result.args + " characters."; return Promise.resolve(result); } valid = await this.checkReserveword(conn, newpwd); if (valid) { result.result = false; result.errno = -3011; result.msg = "Password cannot be reserved words. Please change new password"; return Promise.resolve(result); } valid = await this.checkTimenotusedoldpwd(conn, userid, newpwd); if (valid) { result.args = this.getPolicy("timenotusedoldpwd"); if (!result.args) result.args = ""; result.result = false; result.errno = -3012; result.msg = "New Password cannot be the same as Old Password for " + result.args; return Promise.resolve(result); } if (!this.checkMatchPattern(newpwd)) { result.result = false; result.errno = -3013; result.msg = "Password mismatch error, it should compose of alphabet, digit ,upper, lower and special character."; return Promise.resolve(result); } if (this.checkMaxpwdlength(newpwd)) { result.args = this.getPolicy("maxpwdlength"); if (!result.args) result.args = ""; result.result = false; result.errno = -3014; result.msg = "Password entry length not over " + result.args + " characters."; return Promise.resolve(result); } if (this.checkDigitinpwd(newpwd)) { result.args = this.getPolicy("digitinpwd"); if (!result.args) result.args = ""; result.result = false; result.errno = -3015; result.msg = "Password input digit at least " + result.args + " digits."; return Promise.resolve(result); } valid = await this.checkPersonalInfo(conn, userid, newpwd); if (valid) { result.result = false; result.errno = -3016; result.msg = "Password cannot be personal informations. Please change new password"; return Promise.resolve(result); } if (this.checkUpperinpwd(newpwd)) { result.args = this.getPolicy("upperinpwd"); if (!result.args) result.args = ""; result.result = false; result.errno = -3017; result.msg = "Password input character at least " + result.args + " upper case characters."; return Promise.resolve(result); } if (this.checkLowerinpwd(newpwd)) { result.args = this.getPolicy("lowerinpwd"); if (!result.args) result.args = ""; result.result = false; result.errno = -3018; result.msg = "Password input character at least " + result.args + " lower case characters."; return Promise.resolve(result); } valid = await this.checkMatchNumber(conn, newpwd); if (valid) { result.result = false; result.errno = -3019; result.msg = "Password cannot contain reserved number. Please change new password"; return Promise.resolve(result); } if (PasswordLibrary.checkNumberOnly(newpwd)) { result.result = false; result.errno = -3020; result.msg = "Password cannot be number only. Please change new password"; return Promise.resolve(result); } await this.updatePassword(conn, site, userid, newpwd, this.logondate, history, changeflag); result.result = true; } catch (ex) { result.result = false; result.errno = -3000; if (ex.errno) result.errno = ex.errno; if (typeof ex === "string") { result.msg = ex; } else { result.msg = ex.message; } } return Promise.resolve(result); } async getUserTemporaryPassword(conn, userid) { let result = { trxid: undefined, userpassword: undefined, passwordexpiredate: undefined }; let now = new Date(); let sql = new will_sql_1.KnSQL("select trxid,userpassword,passwordexpiredate from tuserpwd "); sql.append("where userid = ?userid and expiredate >= ?expiredate and expireflag = '0' "); sql.set("userid", userid); sql.set("expiredate", now); let rs = await sql.executeQuery(conn); if (rs.rows && rs.rows.length > 0) { let row = rs.rows[0]; result.trxid = row.trxid; result.userpassword = row.userpassword; result.passwordexpiredate = row.passwordexpiredate; } return Promise.resolve(result); } async getPasswordPolicy(conn) { let policy = []; let sql = new will_sql_1.KnSQL("select * from tppwd where userid = 'DEFAULT' "); let rs = await sql.executeQuery(conn); if (rs.rows && rs.rows.length > 0) { let row = rs.rows[0]; policy.push({ text: "Password requirements : ", code: "requirements", args: [] }); policy.push({ text: "Your password is case sensitive.", code: "sensitive", args: [] }); let minflag = PasswordLibrary.parseInt(row.minpwdlength) > 0; let maxflag = PasswordLibrary.parseInt(row.maxpwdlength) > 0; if (minflag && maxflag) { policy.push({ text: "Your password MUST be between " + row.minpwdlength + " and " + row.maxpwdlength + " characters in length.", code: "minmaxcharacters", args: [row.minpwdlength, row.maxpwdlength] }); } else { if (minflag) { policy.push({ text: "Your password MUST have at least " + row.minpwdlength + " characters in length.", code: "mincharacters", args: [row.minpwdlength] }); } if (maxflag) { policy.push({ text: "Your password MUST have not over " + row.maxpwdlength + " characters in length.", code: "maxcharacters", args: [row.maxpwdlength] }); } } let valid = PasswordLibrary.parseInt(row.upperinpwd) > 0; if (valid) policy.push({ text: "Your password MUST have at least " + row.upperinpwd + " UPPERCASE character.", code: "uppercase", args: [row.upperinpwd] }); valid = PasswordLibrary.parseInt(row.lowerinpwd) > 0; if (valid) policy.push({ text: "Your password MUST have at least " + row.lowerinpwd + " LOWERCASE character.", code: "lowercase", args: [row.lowerinpwd] }); valid = PasswordLibrary.parseInt(row.alphainpwd) > 0; if (valid) policy.push({ text: "Your password MUST have at least " + row.alphainpwd + " alphabet.", code: "alphabet", args: [row.alphainpwd] }); valid = PasswordLibrary.parseInt(row.digitinpwd) > 0; if (valid) policy.push({ text: "Your password MUST have at least " + row.digitinpwd + " number.", code: "digit", args: [row.digitinpwd] }); valid = PasswordLibrary.parseInt(row.otherinpwd) > 0; if (valid) policy.push({ text: "Your password MUST have at least " + row.otherinpwd + " Special (Non-Alphanumeric) character (eg. ! @ # $ % ^ & *).", code: "special", args: [row.otherinpwd] }); } return Promise.resolve(policy); } async getUserTokenInfo(conn, useruuid) { let result = { useruuid: useruuid }; let sql = new will_sql_1.KnSQL("select * from tusertoken where useruuid = ?useruuid "); sql.set("useruuid", useruuid); let rs = await sql.executeQuery(conn); if (rs.rows && rs.rows.length > 0) { let row = rs.rows[0]; result.userid = row.userid; result.site = row.site; result.code = row.code; result.state = row.state; result.nonce = row.nonce; result.prime = row.prime; result.generator = row.generator; result.privatekey = row.privatekey; result.publickey = row.publickey; result.sharedkey = row.sharedkey; result.otherkey = row.otherkey; result.tokentype = row.tokentype; result.tokenstatus = row.tokenstatus; } return Promise.resolve(result); } async getUserTokenInfoByToken(conn, authtoken) { let result = { useruuid: "" }; let sql = new will_sql_1.KnSQL("select * from tusertoken where authtoken = ?authtoken "); sql.set("authtoken", authtoken); let rs = await sql.executeQuery(conn); if (rs.rows && rs.rows.length > 0) { let row = rs.rows[0]; result.useruuid = row.useruuid; result.userid = row.userid; result.site = row.site; result.code = row.code; result.state = row.state; result.nonce = row.nonce; result.prime = row.prime; result.generator = row.generator; result.privatekey = row.privatekey; result.publickey = row.publickey; result.sharedkey = row.sharedkey; result.otherkey = row.otherkey; result.tokentype = row.tokentype; result.tokenstatus = row.tokenstatus; } return Promise.resolve(result); } } exports.PasswordLibrary = PasswordLibrary;