Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@orbiting/backend-modules-auth

Package Overview
Dependencies
Maintainers
6
Versions
42
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@orbiting/backend-modules-auth - npm Package Compare versions

Comparing version 2.5.4 to 3.0.0

19

CHANGELOG.md

@@ -1,6 +0,21 @@

<a name="2.5.4"></a>
## 2.5.4 (2018-01-13)
<a name="3.0.0"></a>
# 3.0.0 (2018-01-13)
<a name="3.0.0"></a>
# 3.0.0 (2018-01-13)
### Features
* **auth:** remove confirm token http endpoint, signInHooks from GraphQL context ([a4dfe54](https://github.com/orbiting/backend-modules/commit/a4dfe54))
### BREAKING CHANGES
* **auth:** no more token confirmation via http, GraphQL authorizeSession only
<a name="2.5.4"></a>

@@ -7,0 +22,0 @@ ## 2.5.4 (2018-01-13)

72

express/auth.js

@@ -34,4 +34,2 @@ const session = require('express-session')

dev = false,
// hooks are called upon successful signIn
signInHooks = []
} = {}) => {

@@ -74,72 +72,2 @@ if (server === null) {

// authenticate a token sent by email
server.get('/auth/email/signin/:token?', async (req, res) => {
const {
token,
email: emailFromQuery,
context
} = req.query
if (!token) {
debug('no token: %O', { req: req._log(), emailFromQuery, context })
return res.redirect(
`${FRONTEND_BASE_URL}/mitteilung?` +
querystring.stringify({
type: 'invalid-token',
email: emailFromQuery,
context
})
)
}
try {
const user = await authorizeSession({
pgdb, token, emailFromQuery, signInHooks
})
const { email } = user
return res.redirect(
`${FRONTEND_BASE_URL}/mitteilung?` +
querystring.stringify({
type: 'email-confirmed',
email,
context
})
)
} catch (e) {
if (e instanceof QueryEmailMismatchError) {
const { email } = e.meta
debug("session.email and query.email don't match: %O", { req: req._log(), context, ...e.meta })
return res.redirect(
`${FRONTEND_BASE_URL}/mitteilung?` +
querystring.stringify({
type: 'invalid-token',
email,
context
})
)
}
if (e instanceof NoSessionError) {
debug('no session: %O', { req: req._log(), context, ...e.meta })
return res.redirect(
`${FRONTEND_BASE_URL}/mitteilung?` +
querystring.stringify({
type: 'invalid-token',
email: emailFromQuery,
context
})
)
}
const util = require('util')
console.error('auth: exception', util.inspect({ req: req._log(), emailFromQuery, context, e }, {depth: null}))
return res.redirect(
`${FRONTEND_BASE_URL}/mitteilung?` +
querystring.stringify({
type: 'unavailable',
emailFromQuery,
context
})
)
}
})
// Tell Passport how to seralize/deseralize user accounts

@@ -146,0 +74,0 @@ passport.serializeUser(function (user, next) {

5

graphql/resolvers/_mutations/authorizeSession.js

@@ -5,3 +5,3 @@ const { QueryEmailMismatchError, NoSessionError } = require('../../../lib/errors')

module.exports = async (_, args, { pgdb, req }) => {
module.exports = async (_, args, { pgdb, req, signInHooks }) => {
const {

@@ -15,3 +15,4 @@ email,

token,
emailFromQuery: email
emailFromQuery: email,
signInHooks
})

@@ -18,0 +19,0 @@ return !!user

2

package.json
{
"name": "@orbiting/backend-modules-auth",
"version": "2.5.4",
"version": "3.0.0",
"description": "auth migrations, seeds, middleware, graphql schema and resolvers",

@@ -5,0 +5,0 @@ "main": "index.js",

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc