Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →

@accounts/password

Package Overview

Dependencies

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

@accounts/password - npm Package Compare versions

Comparing version 0.6.1 to 0.7.0

__tests__/accounts-password.ts

		@@ -10,2 +10,3 @@ import { set } from 'lodash';
		}),
		loginWithUser: jest.fn(),
		};
		@@ -21,3 +22,3 @@ const password = new AccountsPassword({});
		it('should have default options', async () => {
		expect(password.options.passwordEnrollTokenExpiration).toBe(2592000000);
		expect((password as any).options.passwordEnrollTokenExpiration).toBe(2592000000);
		});
		@@ -50,3 +51,3 @@ });
		const tmpAccountsPassword = new AccountsPassword({});
		tmpAccountsPassword.passwordAuthenticator = jest.fn(() => Promise.resolve(user));
		(tmpAccountsPassword as any).passwordAuthenticator = jest.fn(() => Promise.resolve(user));
		const ret = await tmpAccountsPassword.authenticate({
		@@ -221,2 +222,6 @@ user: 'toto',
		describe('resetPassword', () => {
		const connectionInfo = {
		userAgent: 'user-agent-test',
		ip: 'ip-test',
		};
		const token = 'token';
		@@ -240,3 +245,3 @@ const newPassword = 'newPassword';
		try {
		await password.resetPassword('', '');
		await password.resetPassword('', '', connectionInfo);
		throw new Error();
		@@ -250,3 +255,3 @@ } catch (err) {
		try {
		await password.resetPassword(token, '');
		await password.resetPassword(token, '', connectionInfo);
		throw new Error();
		@@ -262,3 +267,3 @@ } catch (err) {
		try {
		await password.resetPassword(token, newPassword);
		await password.resetPassword(token, newPassword, connectionInfo);
		throw new Error();
		@@ -275,3 +280,3 @@ } catch (err) {
		try {
		await password.resetPassword(token, newPassword);
		await password.resetPassword(token, newPassword, connectionInfo);
		throw new Error();
		@@ -288,3 +293,3 @@ } catch (err) {
		try {
		await password.resetPassword(token, newPassword);
		await password.resetPassword(token, newPassword, connectionInfo);
		throw new Error();
		@@ -308,3 +313,3 @@ } catch (err) {
		} as any);
		await password.resetPassword(token, newPassword);
		await password.resetPassword(token, newPassword, connectionInfo);
		expect(setResetPassword.mock.calls.length).toBe(1);
		@@ -325,7 +330,41 @@ expect(verifyEmail.mock.calls.length).toBe(1);
		} as any);
		password.server = { isTokenExpired } as any;
		await password.resetPassword(token, newPassword);
		password.server = { isTokenExpired, loginWithUser: jest.fn() } as any;
		const loginResult = await password.resetPassword(token, newPassword, connectionInfo);
		expect(loginResult).toBeNull();
		expect(setResetPassword.mock.calls.length).toBe(1);
		expect(invalidateAllSessions.mock.calls[0]).toMatchSnapshot();
		});

		it('reset password and return tokens', async () => {
		const tmpAccountsPassword = new AccountsPassword({
		returnTokensAfterResetPassword: true,
		});

		const findUserByResetPasswordToken = jest.fn(() => Promise.resolve(validUser));
		const isTokenExpired = jest.fn(() => false);
		const exampleLoginResult = {
		sessionId: 'sessionIdValue',
		tokens: {
		refreshToken: 'refreshTokenValue',
		accessToken: 'accessTokenValue',
		},
		};
		const loginWithUser = jest.fn(() => Promise.resolve(exampleLoginResult));
		const setResetPassword = jest.fn(() => Promise.resolve());
		const invalidateAllSessions = jest.fn(() => Promise.resolve());
		tmpAccountsPassword.setStore({
		findUserByResetPasswordToken,
		setResetPassword,
		invalidateAllSessions,
		} as any);
		tmpAccountsPassword.server = { isTokenExpired, loginWithUser } as any;
		const loginResult = await tmpAccountsPassword.resetPassword(
		token,
		newPassword,
		connectionInfo
		);
		expect(loginResult).toEqual(exampleLoginResult);
		expect(setResetPassword.mock.calls.length).toBe(1);
		expect(invalidateAllSessions.mock.calls[0]).toMatchSnapshot();
		});
		});
		@@ -351,3 +390,3 @@
		const passwordAuthenticator = jest
		.spyOn(password, 'passwordAuthenticator')
		.spyOn(password, 'passwordAuthenticator' as any)
		.mockImplementation(() => Promise.resolve({}));
		@@ -359,3 +398,3 @@ await password.changePassword(userId, 'old-password', 'new-password');
		expect(setPassword.mock.calls[0][1]).toBeTruthy();
		password.passwordAuthenticator.mockRestore();
		(password as any).passwordAuthenticator.mockRestore();
		});
		@@ -370,3 +409,2 @@ });
		};
		const invalidUser = {};

		@@ -373,0 +411,0 @@ it('throws if email is empty', async () => {

lib/accounts-password.d.ts

		@@ -1,2 +0,2 @@
		import { User, TokenRecord, DatabaseInterface, AuthenticationService, HashAlgorithm } from '@accounts/types';
		import { User, TokenRecord, DatabaseInterface, AuthenticationService, HashAlgorithm, ConnectionInformations, LoginResult } from '@accounts/types';
		import { TwoFactor, AccountsTwoFactorOptions } from '@accounts/two-factor';
		@@ -25,2 +25,3 @@ import { AccountsServer } from '@accounts/server';
		errors?: ErrorMessages;
		returnTokensAfterResetPassword?: boolean;
		validateNewUser?: (user: PasswordCreateUserType) => Promise<PasswordCreateUserType> \| PasswordCreateUserType;
		@@ -81,5 +82,5 @@ validateEmail?(email?: string): boolean;
		* @param {string} newPassword - A new password for the user.
		* @returns {Promise<void>} - Return a Promise.
		* @returns {Promise<LoginResult>} - Session tokens and user object.
		*/
		resetPassword(token: string, newPassword: PasswordType): Promise<void>;
		resetPassword(token: string, newPassword: PasswordType, infos: ConnectionInformations): Promise<LoginResult \| null>;
		/**
		@@ -86,0 +87,0 @@ * @description Change the password for a user.

lib/accounts-password.js

		@@ -62,2 +62,3 @@ "use strict";
		passwordEnrollTokenExpiration: 2592000000,
		returnTokensAfterResetPassword: false,
		validateEmail: function (email) {
		@@ -196,5 +197,5 @@ return !lodash_1.isEmpty(lodash_1.trim(email)) && utils_1.isEmail(email);
		* @param {string} newPassword - A new password for the user.
		* @returns {Promise<void>} - Return a Promise.
		* @returns {Promise<LoginResult>} - Session tokens and user object.
		*/
		AccountsPassword.prototype.resetPassword = function (token, newPassword) {
		AccountsPassword.prototype.resetPassword = function (token, newPassword, infos) {
		return __awaiter(this, void 0, void 0, function () {
		@@ -242,5 +243,14 @@ var user, resetTokens, resetTokenRecord, emails, password;
		_a.label = 5;
		case 5:
		case 5:
		// Changing the password should invalidate existing sessions
		return [4 /yield/, this.db.invalidateAllSessions(user.id)];
		case 6:
		// Changing the password should invalidate existing sessions
		this.db.invalidateAllSessions(user.id);
		_a.sent();
		if (this.options.returnTokensAfterResetPassword) {
		return [2 /return/, this.server.loginWithUser(user, infos)];
		}
		else {
		return [2 /return/, null];
		}
		return [2 /return/];
		@@ -247,0 +257,0 @@ }

package.json

		{
		"name": "@accounts/password",
		"version": "0.6.1",
		"version": "0.7.0",
		"license": "MIT",
		@@ -27,3 +27,3 @@ "main": "lib/index.js",
		"dependencies": {
		"@accounts/two-factor": "^0.6.1",
		"@accounts/two-factor": "^0.7.0",
		"bcryptjs": "^2.4.3",
		@@ -33,8 +33,8 @@ "lodash": "^4.17.11"
		"devDependencies": {
		"@accounts/server": "^0.6.1",
		"@accounts/types": "^0.6.1",
		"@accounts/server": "^0.7.0",
		"@accounts/types": "^0.7.0",
		"@types/bcryptjs": "2.4.2",
		"@types/jest": "23.3.9",
		"@types/lodash": "4.14.118",
		"@types/node": "10.12.0",
		"@types/node": "10.12.9",
		"jest": "23.6.0",
		@@ -41,0 +41,0 @@ "rimraf": "2.6.2"

src/accounts-password.ts

		@@ -10,2 +10,4 @@ import { trim, isEmpty, pick, isString, isPlainObject, find, includes, defer } from 'lodash';
		HashAlgorithm,
		ConnectionInformations,
		LoginResult,
		} from '@accounts/types';
		@@ -45,2 +47,3 @@ import { TwoFactor, AccountsTwoFactorOptions, getUserTwoFactorService } from '@accounts/two-factor';
		errors?: ErrorMessages;
		returnTokensAfterResetPassword?: boolean;
		validateNewUser?: (
		@@ -62,2 +65,3 @@ user: PasswordCreateUserType
		passwordEnrollTokenExpiration: 2592000000,
		returnTokensAfterResetPassword: false,
		validateEmail(email?: string): boolean {
		@@ -191,5 +195,9 @@ return !isEmpty(trim(email)) && isEmail(email);
		* @param {string} newPassword - A new password for the user.
		* @returns {Promise<void>} - Return a Promise.
		* @returns {Promise<LoginResult>} - Session tokens and user object.
		*/
		public async resetPassword(token: string, newPassword: PasswordType): Promise<void> {
		public async resetPassword(
		token: string,
		newPassword: PasswordType,
		infos: ConnectionInformations
		): Promise<LoginResult \| null> {
		if (!token \|\| !isString(token)) {
		@@ -237,3 +245,9 @@ throw new Error(this.options.errors.invalidToken);
		// Changing the password should invalidate existing sessions
		this.db.invalidateAllSessions(user.id);
		await this.db.invalidateAllSessions(user.id);

		if (this.options.returnTokensAfterResetPassword) {
		return this.server.loginWithUser(user, infos);
		} else {
		return null;
		}
		}
		@@ -240,0 +254,0 @@

coverage/clover.xml

coverage/coverage-final.json

coverage/lcov-report/base.css

coverage/lcov-report/block-navigation.js

coverage/lcov-report/index.html

coverage/lcov-report/prettify.css

coverage/lcov-report/prettify.js

coverage/lcov-report/sort-arrow-sprite.png

coverage/lcov-report/sorter.js

coverage/lcov-report/src/accounts-password.ts.html

coverage/lcov-report/src/errors.ts.html

coverage/lcov-report/src/index.html

coverage/lcov-report/src/index.ts.html

coverage/lcov-report/src/types/index.html

coverage/lcov-report/src/types/index.ts.html

coverage/lcov-report/src/utils/encryption.ts.html

coverage/lcov-report/src/utils/index.html

coverage/lcov-report/src/utils/index.ts.html

coverage/lcov-report/src/utils/is-email.ts.html

coverage/lcov-report/src/utils/user.ts.html

coverage/lcov.info

__tests__/__snapshots__/accounts-password.ts.snap

Sorry, the diff of this file is not supported yet

lib/accounts-password.js.map

Sorry, the diff of this file is not supported yet

@accounts/password - npm Package Compare versions

New alerts

Fixed alerts

Worsened metrics

Dependency changes