@accounts/password - npm Package Compare versions

Comparing version 1.0.0-alpha-20231126181819-d6faf8d5 to 1.0.0-alpha-20231127162849-b5b29d3d

lib/accounts-password.d.ts

@@ -81,3 +81,3 @@ import { type User, type TokenRecord, type DatabaseInterface, type AuthenticationService, type ConnectionInformations, type LoginResult, type CreateUserServicePassword, type LoginUserPasswordService, type DatabaseInterfaceSessions, type DatabaseInterfaceUser } from '@accounts/types';
      */
-    validatePassword?: <T extends User>(password?: string, user?: T) => Promise<boolean>;
+    validatePassword?: (password?: string) => boolean;
     /**
@@ -113,3 +113,3 @@ * Function that check if the username is a valid username.
     validateEmail(email?: string): boolean;
-    validatePassword(password?: string): Promise<boolean>;
+    validatePassword(password?: string): boolean;
     validateUsername(username?: string): boolean;
@@ -116,0 +116,0 @@ validateNewUser(user: CreateUserServicePassword): Promise<CreateUserServicePassword> | CreateUserServicePassword;

lib/accounts-password.js

@@ -29,3 +29,3 @@ "use strict";
     },
-    async validatePassword(password) {
+    validatePassword(password) {
         return (0, validation_1.isString)(password) && password !== '';
@@ -180,2 +180,5 @@ },
         }
+        if (!this.options.validatePassword(newPassword)) {
+            throw new server_1.AccountsJsError(this.options.errors.invalidNewPassword, errors_1.ResetPasswordErrors.InvalidNewPassword);
+        }
         const user = await this.db.findUserByResetPasswordToken(token);
@@ -185,5 +188,2 @@ if (!user) {
         }
-        if (!(await this.options.validatePassword(newPassword, user))) {
-            throw new server_1.AccountsJsError(this.options.errors.invalidNewPassword, errors_1.ResetPasswordErrors.InvalidNewPassword);
-        }
         const resetTokens = (0, utils_1.getUserResetTokens)(user);
@@ -247,6 +247,6 @@ const resetTokenRecord = resetTokens.find((t) => t.token === token);
     async changePassword(userId, oldPassword, newPassword) {
-        const user = await this.passwordAuthenticator({ id: userId }, oldPassword);
-        if (!(await this.options.validatePassword(newPassword, user))) {
+        if (!this.options.validatePassword(newPassword)) {
             throw new server_1.AccountsJsError(this.options.errors.invalidPassword, errors_1.ChangePasswordErrors.InvalidPassword);
         }
+        const user = await this.passwordAuthenticator({ id: userId }, oldPassword);
         const password = await this.options.hashPassword(newPassword);
@@ -363,3 +363,3 @@ await this.db.setPassword(userId, password);
         if (user.password) {
-            if (!(await this.options.validatePassword(user.password))) {
+            if (!this.options.validatePassword(user.password)) {
                 throw new server_1.AccountsJsError(this.options.errors.invalidPassword, errors_1.CreateUserErrors.InvalidPassword);
@@ -366,0 +366,0 @@ }

package.json

 {
   "name": "@accounts/password",
-  "version": "1.0.0-alpha-20231126181819-d6faf8d5",
+  "version": "1.0.0-alpha-20231127162849-b5b29d3d",
   "license": "MIT",
@@ -25,3 +25,3 @@ "main": "lib/index.js",
   "peerDependencies": {
-    "@accounts/server": "^0.33.0",
+    "@accounts/server": "1.0.0-alpha-20231127162849-b5b29d3d",
     "graphql": "^14.0.0 || ^15.0.0 || ^16.0.0",
@@ -31,3 +31,3 @@ "graphql-modules": "^3.0.0"
   "dependencies": {
-    "@accounts/two-factor": "^0.32.4",
+    "@accounts/two-factor": "1.0.0-alpha-20231127162849-b5b29d3d",
     "bcryptjs": "2.4.3",
@@ -38,4 +38,4 @@ "express-validator": "^7.0.1",
   "devDependencies": {
-    "@accounts/server": "^0.33.1",
-    "@accounts/types": "^0.33.1",
+    "@accounts/server": "1.0.0-alpha-20231127162849-b5b29d3d",
+    "@accounts/types": "1.0.0-alpha-20231127162849-b5b29d3d",
     "@types/bcryptjs": "2.4.6",
@@ -42,0 +42,0 @@ "@types/express": "^4.17.21",

src/accounts-password.ts

@@ -130,3 +130,3 @@ import {
    */
-  validatePassword?: <T extends User>(password?: string, user?: T) => Promise<boolean>;
+  validatePassword?: (password?: string) => boolean;
   /**
@@ -168,3 +168,3 @@ * Function that check if the username is a valid username.
   },
-  async validatePassword(password?: string): Promise<boolean> {
+  validatePassword(password?: string): boolean {
     return isString(password) && password !== '';
@@ -370,2 +370,8 @@ },
     }
+    if (!this.options.validatePassword(newPassword)) {
+      throw new AccountsJsError(
+        this.options.errors.invalidNewPassword,
+        ResetPasswordErrors.InvalidNewPassword
+      );
+    }
 
@@ -380,9 +386,2 @@ const user = await this.db.findUserByResetPasswordToken(token);
 
-    if (!(await this.options.validatePassword(newPassword, user))) {
-      throw new AccountsJsError(
-        this.options.errors.invalidNewPassword,
-        ResetPasswordErrors.InvalidNewPassword
-      );
-    }
-
     const resetTokens = getUserResetTokens(user);
@@ -479,5 +478,3 @@ const resetTokenRecord = resetTokens.find((t) => t.token === token);
   ): Promise<void> {
-    const user = await this.passwordAuthenticator({ id: userId }, oldPassword);
-
-    if (!(await this.options.validatePassword(newPassword, user))) {
+    if (!this.options.validatePassword(newPassword)) {
       throw new AccountsJsError(
@@ -489,2 +486,4 @@ this.options.errors.invalidPassword,
 
+    const user = await this.passwordAuthenticator({ id: userId }, oldPassword);
+
     const password = await this.options.hashPassword(newPassword);
@@ -686,3 +685,3 @@ await this.db.setPassword(userId, password);
     if (user.password) {
-      if (!(await this.options.validatePassword(user.password))) {
+      if (!this.options.validatePassword(user.password)) {
         throw new AccountsJsError(
@@ -689,0 +688,0 @@ this.options.errors.invalidPassword,

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Worsened metrics

Total package byte prevSize

128506

decreased by-0.11%

Dependency changes

• + Added@accounts/server@1.0.0-alpha-20231127162849-b5b29d3d(transitive)

• + Added@accounts/two-factor@1.0.0-alpha-20231127162849-b5b29d3d(transitive)

• + Added@levminer/speakeasy@1.4.2(transitive)

• + Addedemittery@0.13.1(transitive)

• + Addedjsonwebtoken@9.0.2(transitive)

• + Addedjwt-decode@4.0.0(transitive)

• + Addedsemver@7.6.3(transitive)

• - Removed@accounts/server@0.33.1(transitive)

• - Removed@accounts/two-factor@0.32.4(transitive)

• - Removed@accounts/types@0.33.2(transitive)

• - Removed@levminer/speakeasy@1.3.3(transitive)

• - Removed@types/jsonwebtoken@8.3.9(transitive)

• - Removed@types/node@22.9.3(transitive)

• - Removedbase32.js@0.1.0(transitive)

• - Removedemittery@0.8.1(transitive)

• - Removedjsonwebtoken@8.5.1(transitive)

• - Removedjwt-decode@3.1.2(transitive)

• - Removedsemver@5.7.2(transitive)

• - Removedtslib@2.3.02.3.1(transitive)

• - Removedundici-types@6.19.8(transitive)

• Updated@accounts/two-factor@1.0.0-alpha-20231127162849-b5b29d3d