@accounts/password - npm Package Compare versions

Comparing version 0.1.0-beta.6 to 0.1.0-beta.7

lib/accounts-password.d.ts

		@@ -28,16 +28,91 @@ import { CreateUser, User, DatabaseInterface, AuthenticationService } from '@accounts/types';
		authenticate(params: PasswordLoginType): Promise<User>;
		/**
		* @description Find a user by one of his emails.
		* @param {string} email - User email.
		* @returns {Promise<Object>} - Return a user or null if not found.
		*/
		findUserByEmail(email: string): Promise<User \| null>;
		/**
		* @description Find a user by his username.
		* @param {string} username - User username.
		* @returns {Promise<Object>} - Return a user or null if not found.
		*/
		findUserByUsername(username: string): Promise<User \| null>;
		/**
		* @description Add an email address for a user.
		* Use this instead of directly updating the database.
		* @param {string} userId - User id.
		* @param {string} newEmail - A new email address for the user.
		* @param {boolean} [verified] - Whether the new email address should be marked as verified.
		* Defaults to false.
		* @returns {Promise<void>} - Return a Promise.
		*/
		addEmail(userId: string, newEmail: string, verified: boolean): Promise<void>;
		/**
		* @description Remove an email address for a user.
		* Use this instead of directly updating the database.
		* @param {string} userId - User id.
		* @param {string} email - The email address to remove.
		* @returns {Promise<void>} - Return a Promise.
		*/
		removeEmail(userId: string, email: string): Promise<void>;
		/**
		* @description Marks the user's email address as verified.
		* @param {string} token - The token retrieved from the verification URL.
		* @returns {Promise<void>} - Return a Promise.
		*/
		verifyEmail(token: string): Promise<void>;
		/**
		* @description Reset the password for a user using a token received in email.
		* @param {string} token - The token retrieved from the reset password URL.
		* @param {string} newPassword - A new password for the user.
		* @returns {Promise<void>} - Return a Promise.
		*/
		resetPassword(token: string, newPassword: PasswordType): Promise<void>;
		/**
		* @description Change the password for a user.
		* @param {string} userId - User id.
		* @param {string} newPassword - A new password for the user.
		* @returns {Promise<void>} - Return a Promise.
		*/
		setPassword(userId: string, newPassword: string): Promise<void>;
		/**
		* @description Send an email with a link the user can use verify their email address.
		* @param {string} [address] - Which address of the user's to send the email to.
		* This address must be in the user's emails list.
		* Defaults to the first unverified email in the list.
		* @returns {Promise<void>} - Return a Promise.
		*/
		sendVerificationEmail(address: string): Promise<void>;
		/**
		* @description Send an email with a link the user can use to reset their password.
		* @param {string} [address] - Which address of the user's to send the email to.
		* This address must be in the user's emails list.
		* Defaults to the first email in the list.
		* @returns {Promise<void>} - Return a Promise.
		*/
		sendResetPasswordEmail(address: string): Promise<void>;
		/**
		* @description Send an email with a link the user can use to set their initial password.
		* @param {string} [address] - Which address of the user's to send the email to.
		* This address must be in the user's emails list.
		* Defaults to the first email in the list.
		* @returns {Promise<void>} - Return a Promise.
		*/
		sendEnrollmentEmail(address: string): Promise<void>;
		/**
		* @description Create a new user.
		* @param user - The user object.
		* @returns Return the id of user created.
		*/
		createUser(user: PasswordCreateUserType): Promise<string>;
		private passwordAuthenticator(user, password);
		private hashAndBcryptPassword(password);
		/**
		* Given a username, user and/or email figure out the username and/or email.
		*
		* @param user An object containing at least `username`, `user` and/or `email`.
		* @returns An object containing `id`, `username` and `email`.
		*/
		private toUsernameAndEmail({user, username, email, id});
		}

176

lib/accounts-password.js

		@@ -69,3 +69,3 @@ "use strict";
		};
		var AccountsPassword = (function () {
		var AccountsPassword = /** @class */ (function () {
		function AccountsPassword(options) {
		@@ -94,11 +94,11 @@ if (options === void 0) { options = {}; }
		}
		return [4, this.passwordAuthenticator(user, password)];
		return [4 /yield/, this.passwordAuthenticator(user, password)];
		case 1:
		foundUser = _a.sent();
		if (!this.twoFactor.getUserService(foundUser)) return [3, 3];
		return [4, this.twoFactor.authenticate(foundUser, code)];
		if (!this.twoFactor.getUserService(foundUser)) return [3 /break/, 3];
		return [4 /yield/, this.twoFactor.authenticate(foundUser, code)];
		case 2:
		_a.sent();
		_a.label = 3;
		case 3: return [2, foundUser];
		case 3: return [2 /return/, foundUser];
		}
		@@ -108,14 +108,46 @@ });
		};
		/**
		* @description Find a user by one of his emails.
		* @param {string} email - User email.
		* @returns {Promise<Object>} - Return a user or null if not found.
		*/
		AccountsPassword.prototype.findUserByEmail = function (email) {
		return this.db.findUserByEmail(email);
		};
		/**
		* @description Find a user by his username.
		* @param {string} username - User username.
		* @returns {Promise<Object>} - Return a user or null if not found.
		*/
		AccountsPassword.prototype.findUserByUsername = function (username) {
		return this.db.findUserByUsername(username);
		};
		/**
		* @description Add an email address for a user.
		* Use this instead of directly updating the database.
		* @param {string} userId - User id.
		* @param {string} newEmail - A new email address for the user.
		* @param {boolean} [verified] - Whether the new email address should be marked as verified.
		* Defaults to false.
		* @returns {Promise<void>} - Return a Promise.
		*/
		AccountsPassword.prototype.addEmail = function (userId, newEmail, verified) {
		// TODO use this.options.verifyEmail before
		return this.db.addEmail(userId, newEmail, verified);
		};
		/**
		* @description Remove an email address for a user.
		* Use this instead of directly updating the database.
		* @param {string} userId - User id.
		* @param {string} email - The email address to remove.
		* @returns {Promise<void>} - Return a Promise.
		*/
		AccountsPassword.prototype.removeEmail = function (userId, email) {
		return this.db.removeEmail(userId, email);
		};
		/**
		* @description Marks the user's email address as verified.
		* @param {string} token - The token retrieved from the verification URL.
		* @returns {Promise<void>} - Return a Promise.
		*/
		AccountsPassword.prototype.verifyEmail = function (token) {
		@@ -126,3 +158,3 @@ return __awaiter(this, void 0, void 0, function () {
		switch (_a.label) {
		case 0: return [4, this.db.findUserByEmailVerificationToken(token)];
		case 0: return [4 /yield/, this.db.findUserByEmailVerificationToken(token)];
		case 1:
		@@ -142,6 +174,6 @@ user = _a.sent();
		}
		return [4, this.db.verifyEmail(user.id, emailRecord.address)];
		return [4 /yield/, this.db.verifyEmail(user.id, emailRecord.address)];
		case 2:
		_a.sent();
		return [2];
		return [2 /return/];
		}
		@@ -151,2 +183,8 @@ });
		};
		/**
		* @description Reset the password for a user using a token received in email.
		* @param {string} token - The token retrieved from the reset password URL.
		* @param {string} newPassword - A new password for the user.
		* @returns {Promise<void>} - Return a Promise.
		*/
		AccountsPassword.prototype.resetPassword = function (token, newPassword) {
		@@ -157,3 +195,3 @@ return __awaiter(this, void 0, void 0, function () {
		switch (_a.label) {
		case 0: return [4, this.db.findUserByResetPasswordToken(token)];
		case 0: return [4 /yield/, this.db.findUserByResetPasswordToken(token)];
		case 1:
		@@ -173,10 +211,13 @@ user = _a.sent();
		}
		return [4, this.hashAndBcryptPassword(newPassword)];
		return [4 /yield/, this.hashAndBcryptPassword(newPassword)];
		case 2:
		password = _a.sent();
		return [4, this.db.setResetPassword(user.id, resetTokenRecord.address, password, token)];
		// Change the user password and remove the old token
		return [4 /yield/, this.db.setResetPassword(user.id, resetTokenRecord.address, password, token)];
		case 3:
		// Change the user password and remove the old token
		_a.sent();
		// Changing the password should invalidate existing sessions
		this.db.invalidateAllSessions(user.id);
		return [2];
		return [2 /return/];
		}
		@@ -186,2 +227,8 @@ });
		};
		/**
		* @description Change the password for a user.
		* @param {string} userId - User id.
		* @param {string} newPassword - A new password for the user.
		* @returns {Promise<void>} - Return a Promise.
		*/
		AccountsPassword.prototype.setPassword = function (userId, newPassword) {
		@@ -192,6 +239,6 @@ return __awaiter(this, void 0, void 0, function () {
		switch (_a.label) {
		case 0: return [4, encryption_1.bcryptPassword(newPassword)];
		case 0: return [4 /yield/, encryption_1.bcryptPassword(newPassword)];
		case 1:
		password = _a.sent();
		return [2, this.db.setPassword(userId, password)];
		return [2 /return/, this.db.setPassword(userId, password)];
		}
		@@ -201,2 +248,9 @@ });
		};
		/**
		* @description Send an email with a link the user can use verify their email address.
		* @param {string} [address] - Which address of the user's to send the email to.
		* This address must be in the user's emails list.
		* Defaults to the first unverified email in the list.
		* @returns {Promise<void>} - Return a Promise.
		*/
		AccountsPassword.prototype.sendVerificationEmail = function (address) {
		@@ -211,3 +265,3 @@ return __awaiter(this, void 0, void 0, function () {
		}
		return [4, this.db.findUserByEmail(address)];
		return [4 /yield/, this.db.findUserByEmail(address)];
		case 1:
		@@ -223,10 +277,10 @@ user = _a.sent();
		token = server_1.generateRandomToken();
		return [4, this.db.addEmailVerificationToken(user.id, address, token)];
		return [4 /yield/, this.db.addEmailVerificationToken(user.id, address, token)];
		case 2:
		_a.sent();
		resetPasswordMail = this.server.prepareMail(address, token, this.server.sanitizeUser(user), 'verify-email', this.server.options.emailTemplates.verifyEmail, this.server.options.emailTemplates.from);
		return [4, this.server.options.sendMail(resetPasswordMail)];
		return [4 /yield/, this.server.options.sendMail(resetPasswordMail)];
		case 3:
		_a.sent();
		return [2];
		return [2 /return/];
		}
		@@ -236,2 +290,9 @@ });
		};
		/**
		* @description Send an email with a link the user can use to reset their password.
		* @param {string} [address] - Which address of the user's to send the email to.
		* This address must be in the user's emails list.
		* Defaults to the first email in the list.
		* @returns {Promise<void>} - Return a Promise.
		*/
		AccountsPassword.prototype.sendResetPasswordEmail = function (address) {
		@@ -246,3 +307,3 @@ return __awaiter(this, void 0, void 0, function () {
		}
		return [4, this.db.findUserByEmail(address)];
		return [4 /yield/, this.db.findUserByEmail(address)];
		case 1:
		@@ -255,10 +316,10 @@ user = _a.sent();
		token = server_1.generateRandomToken();
		return [4, this.db.addResetPasswordToken(user.id, address, token)];
		return [4 /yield/, this.db.addResetPasswordToken(user.id, address, token)];
		case 2:
		_a.sent();
		resetPasswordMail = this.server.prepareMail(address, token, this.server.sanitizeUser(user), 'reset-password', this.server.options.emailTemplates.resetPassword, this.server.options.emailTemplates.from);
		return [4, this.server.options.sendMail(resetPasswordMail)];
		return [4 /yield/, this.server.options.sendMail(resetPasswordMail)];
		case 3:
		_a.sent();
		return [2];
		return [2 /return/];
		}
		@@ -268,2 +329,9 @@ });
		};
		/**
		* @description Send an email with a link the user can use to set their initial password.
		* @param {string} [address] - Which address of the user's to send the email to.
		* This address must be in the user's emails list.
		* Defaults to the first email in the list.
		* @returns {Promise<void>} - Return a Promise.
		*/
		AccountsPassword.prototype.sendEnrollmentEmail = function (address) {
		@@ -274,3 +342,3 @@ return __awaiter(this, void 0, void 0, function () {
		switch (_a.label) {
		case 0: return [4, this.db.findUserByEmail(address)];
		case 0: return [4 /yield/, this.db.findUserByEmail(address)];
		case 1:
		@@ -283,10 +351,10 @@ user = _a.sent();
		token = server_1.generateRandomToken();
		return [4, this.db.addResetPasswordToken(user.id, address, token, 'enroll')];
		return [4 /yield/, this.db.addResetPasswordToken(user.id, address, token, 'enroll')];
		case 2:
		_a.sent();
		enrollmentMail = this.server.prepareMail(address, token, this.server.sanitizeUser(user), 'enroll-account', this.server.options.emailTemplates.enrollAccount, this.server.options.emailTemplates.from);
		return [4, this.server.options.sendMail(enrollmentMail)];
		return [4 /yield/, this.server.options.sendMail(enrollmentMail)];
		case 3:
		_a.sent();
		return [2];
		return [2 /return/];
		}
		@@ -296,2 +364,7 @@ });
		};
		/**
		* @description Create a new user.
		* @param user - The user object.
		* @returns Return the id of user created.
		*/
		AccountsPassword.prototype.createUser = function (user) {
		@@ -307,4 +380,4 @@ return __awaiter(this, void 0, void 0, function () {
		_a = user.username;
		if (!_a) return [3, 2];
		return [4, this.db.findUserByUsername(user.username)];
		if (!_a) return [3 /break/, 2];
		return [4 /yield/, this.db.findUserByUsername(user.username)];
		case 1:
		@@ -318,4 +391,4 @@ _a = (_d.sent());
		_b = user.email;
		if (!_b) return [3, 4];
		return [4, this.db.findUserByEmail(user.email)];
		if (!_b) return [3 /break/, 4];
		return [4 /yield/, this.db.findUserByEmail(user.email)];
		case 3:
		@@ -328,7 +401,7 @@ _b = (_d.sent());
		}
		if (!user.password) return [3, 6];
		if (!user.password) return [3 /break/, 6];
		if (!this.options.validatePassword(user.password)) {
		throw new Error('Invalid password');
		}
		return [4, this.hashAndBcryptPassword(user.password)];
		return [4 /yield/, this.hashAndBcryptPassword(user.password)];
		case 5:
		@@ -346,4 +419,4 @@ password = _d.sent();
		_c = lodash_1.isFunction(validateNewUser);
		if (!_c) return [3, 8];
		return [4, validateNewUser(proposedUserObject)];
		if (!_c) return [3 /break/, 8];
		return [4 /yield/, validateNewUser(proposedUserObject)];
		case 7:
		@@ -356,3 +429,3 @@ _c = !(_d.sent());
		}
		return [2, this.db.createUser(proposedUserObject)];
		return [2 /return/, this.db.createUser(proposedUserObject)];
		}
		@@ -371,17 +444,20 @@ });
		: this.toUsernameAndEmail(__assign({}, user)), username = _a.username, email = _a.email, id = _a.id;
		if (!id) return [3, 2];
		return [4, this.db.findUserById(id)];
		if (!id) return [3 /break/, 2];
		return [4 /yield/, this.db.findUserById(id)];
		case 1:
		// this._validateLoginWithField('id', user);
		foundUser = _b.sent();
		return [3, 6];
		return [3 /break/, 6];
		case 2:
		if (!username) return [3, 4];
		return [4, this.db.findUserByUsername(username)];
		if (!username) return [3 /break/, 4];
		return [4 /yield/, this.db.findUserByUsername(username)];
		case 3:
		// this._validateLoginWithField('username', user);
		foundUser = _b.sent();
		return [3, 6];
		return [3 /break/, 6];
		case 4:
		if (!email) return [3, 6];
		return [4, this.db.findUserByEmail(email)];
		if (!email) return [3 /break/, 6];
		return [4 /yield/, this.db.findUserByEmail(email)];
		case 5:
		// this._validateLoginWithField('email', user);
		foundUser = _b.sent();
		@@ -393,3 +469,3 @@ _b.label = 6;
		}
		return [4, this.db.findPasswordHash(foundUser.id)];
		return [4 /yield/, this.db.findPasswordHash(foundUser.id)];
		case 7:
		@@ -402,3 +478,3 @@ hash = _b.sent();
		pass = hashAlgorithm ? encryption_1.hashPassword(password, hashAlgorithm) : password;
		return [4, encryption_1.verifyPassword(pass, hash)];
		return [4 /yield/, encryption_1.verifyPassword(pass, hash)];
		case 8:
		@@ -409,3 +485,3 @@ isPasswordValid = _b.sent();
		}
		return [2, foundUser];
		return [2 /return/, foundUser];
		}
		@@ -421,6 +497,12 @@ });
		hashedPassword = hashAlgorithm ? encryption_1.hashPassword(password, hashAlgorithm) : password;
		return [2, encryption_1.bcryptPassword(hashedPassword)];
		return [2 /return/, encryption_1.bcryptPassword(hashedPassword)];
		});
		});
		};
		/**
		* Given a username, user and/or email figure out the username and/or email.
		*
		* @param user An object containing at least `username`, `user` and/or `email`.
		* @returns An object containing `id`, `username` and `email`.
		*/
		AccountsPassword.prototype.toUsernameAndEmail = function (_a) {
		@@ -427,0 +509,0 @@ var user = _a.user, username = _a.username, email = _a.email, id = _a.id;

lib/utils/encryption.js

		@@ -45,9 +45,9 @@ "use strict";
		switch (_a.label) {
		case 0: return [4, bcrypt.genSalt(10)];
		case 0: return [4 /yield/, bcrypt.genSalt(10)];
		case 1:
		salt = _a.sent();
		return [4, bcrypt.hash(password, salt)];
		return [4 /yield/, bcrypt.hash(password, salt)];
		case 2:
		hash = _a.sent();
		return [2, hash];
		return [2 /return/, hash];
		}
		@@ -65,4 +65,4 @@ });
		exports.verifyPassword = function (password, hash) { return __awaiter(_this, void 0, void 0, function () { return __generator(this, function (_a) {
		return [2, bcrypt.compare(password, hash)];
		return [2 /return/, bcrypt.compare(password, hash)];
		}); }); };
		//# sourceMappingURL=encryption.js.map

package.json

		{
		"name": "@accounts/password",
		"version": "0.1.0-beta.6",
		"version": "0.1.0-beta.7",
		"license": "MIT",
		@@ -28,3 +28,3 @@ "main": "lib/index.js",
		"dependencies": {
		"@accounts/two-factor": "^0.1.0-beta.6",
		"@accounts/two-factor": "^0.1.0-beta.7",
		"bcryptjs": "^2.4.3",
		@@ -34,5 +34,5 @@ "lodash": "^4.17.4"
		"devDependencies": {
		"@accounts/common": "^0.1.0-beta.6",
		"@accounts/server": "^0.1.0-beta.6",
		"@accounts/types": "^0.1.0-beta.6",
		"@accounts/common": "^0.1.0-beta.7",
		"@accounts/server": "^0.1.0-beta.7",
		"@accounts/types": "^0.1.0-beta.7",
		"@types/bcryptjs": "2.4.1",
		@@ -39,0 +39,0 @@ "@types/lodash": "4.14.105",

lib/accounts-password.js.map

Sorry, the diff of this file is not supported yet

lib/utils/encryption.js.map

Sorry, the diff of this file is not supported yet

@accounts/password - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Dependency changes