firebase-admin - npm Package Compare versions

Comparing version 1.1.0 to 1.2.0

account.js

@@ -50,2 +50,48 @@
 
+FirebaseAccount.defaultAuthConfig = {
+  domains: [
+    'localhost',
+    '127.0.0.1',
+    'casetext-goldibex.firebaseapp.com'
+  ],
+  sessionLengthSeconds: 86400,
+  anonymous: {
+    'enabled': false
+  },
+  facebook: {
+    'enabled': false,
+    'key': '',
+    'secret': ''
+  },
+  github: {
+    'enabled': false,
+    'key': '',
+    'secret': ''
+  },
+  google: {
+    'enabled': false,
+    'key': '',
+    'secret': ''
+  },
+  password: {
+    'enabled': false,
+    'emails': {
+      'password-reset': {
+        'from': 'no-reply@example.com',
+        'fromname': '',
+        'replyto': '',
+        'subject': '',
+        'template': 'Hello!\n\n' +
+          'It looks like you\'ve forgotten your password.\n\n' +
+          'Use the following temporary password within the next 24 hours ' +
+          'to log in and update your account: %TOKEN%\n\nThanks!\n'
+      }
+    }
+  },
+  twitter: {
+    'enabled': false,
+    'key': '',
+    'secret': ''
+  }
+};
 
@@ -52,0 +98,0 @@ /**

instance.js

@@ -336,2 +336,230 @@
 
+
+/**
+ * Promises to obtain the current authentication configuration for the instance.
+ * @returns {external:Promise} A promise that resolves with the auth config
+ * and rejects with an Error if there's an error.
+ */
+FirebaseInstance.prototype.getAuthConfig = function() {
+
+  var deferred = Q.defer();
+
+  request.get({
+    url: 'https://' + this.name + '.firebaseio.com/.settings/authConfig.json',
+    qs: {
+      auth: this.personalToken,
+    },
+    json: true
+  }, function(err, response, body) {
+
+    if (err) {
+      deferred.reject(err);
+    } else if (response.statusCode > 299) {
+      deferred.reject(new Error(response.statusCode));
+    } else if (body && body.error) {
+      deferred.reject(new Error(body.error));
+    } else {
+
+      if (typeof body === 'string' && body.length === 0) {
+        deferred.resolve(null);
+      } else {
+        deferred.resolve(JSON.parse(body));
+      }
+
+    }
+
+  }.bind(this));
+
+  return deferred.promise;
+
+};
+
+FirebaseInstance.prototype.setAuthConfig = function(config) {
+
+    var deferred = Q.defer();
+
+    request.put({
+      url: 'https://' + this.name + '.firebaseio.com/.settings/authConfig.json',
+      qs: {
+        auth: this.personalToken,
+      },
+      json: true,
+      body: config
+    }, function(err, response, body) {
+      if (err) {
+        deferred.reject(err);
+      } else if (response.statusCode > 299) {
+        deferred.reject(new Error(response.statusCode));
+      } else if (body && body.error) {
+        deferred.reject(new Error(body.error));
+      } else {
+        deferred.resolve();
+      }
+    }.bind(this));
+
+    return deferred.promise;
+
+};
+
+
+FirebaseInstance.prototype._authMethodCallback = function(deferred, err, resp, body) {
+
+  if (err) {
+    deferred.reject(err);
+  } else if (resp.statusCode > 299) {
+    deferred.reject(new Error(resp.statusCode));
+  } else if (body && body.error) {
+
+    var error = new Error(body.error.message);
+    if (body.error.code) {
+      error.code = body.error.code;
+    }
+    deferred.reject(error);
+
+  } else if (body.status && body.status !== 'ok') {
+    deferred.reject(new Error(body.status));
+  } else {
+    deferred.resolve(body);
+  }
+
+};
+
+/**
+ * Promises to create a Firebase Simple Login password-type user.
+ * @param {String} email The email address of the new user.
+ * @param {String} password The password of the new user.
+ * @returns {external:Promise} A promise that resolves if the rules are changed
+ * successfully and rejects with an Error if there's an error.
+ */
+FirebaseInstance.prototype.createUser = function(email, password) {
+
+  var deferred = Q.defer();
+
+  var qs = {
+    email: email,
+    password: password,
+    firebase: this.name
+  };
+
+  request.get({
+    url: 'https://auth.firebase.com/auth/firebase/create',
+    qs: qs,
+    json: true
+  }, this._authMethodCallback.bind(this, deferred));
+
+  return deferred.promise;
+
+};
+
+
+/**
+ * Promises to remove a Simple Login user.
+ * @param {String} email The email address of the user to remove.
+ * @returns {external:Promise} A promise that resolves with the new user info
+ * if the user is removed successfully and rejects with an Error
+ * if there's an error.
+ */
+FirebaseInstance.prototype.removeUser = function(email) {
+
+  var deferred = Q.defer();
+
+  request.get({
+    url: 'https://auth.firebase.com/auth/firebase/remove',
+    qs: {
+      token: this.adminToken,
+      firebase: this.name,
+      email: email
+    },
+    json: true
+  }, this._authMethodCallback.bind(this, deferred));
+
+  return deferred.promise;
+
+};
+
+
+/**
+ * Promises to change a Simple Login user's password.
+ * @param {String} email The email address of the user to remove.
+ * @param {String} newPassword The new password.
+ * @returns {external:Promise} A promise that resolves with the new user info
+ * if the user's password is changed successfully and rejects with an Error
+ * if there's an error.
+ */
+FirebaseInstance.prototype.changeUserPassword = function(email, newPassword) {
+
+  var deferred = Q.defer();
+
+  request.get({
+    url: 'https://auth.firebase.com/auth/firebase/reset_password',
+    qs: {
+      token: this.adminToken,
+      firebase: this.name,
+      email: email,
+      newPassword: newPassword
+    },
+    json: true
+  }, this._authMethodCallback.bind(this, deferred));
+
+  return deferred.promise;
+
+};
+
+
+/**
+ * Promises to return a list of all Simple Login password users in the Firebase.
+ * @returns {external:Promise} A promise that resolves with a list of users
+ * and rejects with an Error if there's an error.
+ */
+FirebaseInstance.prototype.listUsers = function() {
+
+  var deferred = Q.defer();
+
+  request.get({
+    url: 'https://auth.firebase.com/auth/firebase/list',
+    qs: {
+      token: this.adminToken,
+      firebase: this.name
+    },
+    json: true
+  }, this._authMethodCallback.bind(this, deferred));
+
+  return deferred.promise
+  .then(function(body) {
+
+    if (!body.users) {
+      throw new Error('No user body');
+    }
+    return body.users;
+
+  });
+
+};
+
+
+/**
+ * Promises to send a password reset email to a Simple Login user.
+ * @param {String} email The email address of the  user to send a message to.
+ * @returns {external:Promise} A promise that resolves if the message is sent
+ * successfully and rejects with an Error if there's an error.
+ */
+FirebaseInstance.prototype.sendResetEmail = function(email) {
+
+  var deferred = Q.defer();
+
+  request.get({
+    url: 'https://auth.firebase.com/auth/firebase/reset_password',
+    qs: {
+      token: this.adminToken,
+      firebase: this.name,
+      email: email
+    },
+    json: true
+
+  }, this._authMethodCallback.bind(this, deferred));
+
+  return deferred.promise;
+
+};
+
 module.exports = FirebaseInstance;

package.json

 {
   "name": "firebase-admin",
-  "version": "1.1.0",
+  "version": "1.2.0",
   "description": "Programmatically instantiate and modify Firebase instances.",
@@ -31,15 +31,15 @@ "keywords": [
   "dependencies": {
-    "request": "^2.37.0",
+    "firebase": "^1.0.17",
+    "optometrist": "^0.1.3",
     "q": "^1.0.1",
-    "firebase": "^1.0.17",
-    "optometrist": "^0.1.3"
+    "request": "^2.37.0"
   },
   "devDependencies": {
-    "mocha": "^1.20.1",
     "chai": "^1.9.1",
     "chai-as-promised": "^4.1.1",
-    "prompt": "^0.2.13",
+    "ink-docstrap": "^0.4.12",
     "jsdoc": "^3.3.0-alpha9",
-    "ink-docstrap": "^0.4.12"
+    "mocha": "^1.20.1",
+    "lodash": "^2.4.1"
   }
 }

test/setup.js

@@ -8,11 +8,6 @@
 global.chai.use(require('chai-as-promised'));
-global.expect = chai.expect;
+global.expect = global.chai.expect;
 
-global.FirebaseAccount = require('../account');
 global.params = {};
 
-// get username and password for tests
-
-var prompt = require('prompt');
-
 if (process.env.FIREBASE_USER && process.env.FIREBASE_PASS) {
@@ -19,0 +14,0 @@ global.params.firebaseUser = process.env.FIREBASE_USER;

test/spec/account.js

@@ -8,2 +8,3 @@
   fbPass = process.env.FIREBASE_PASS,
+  FirebaseAccount = require('../../account.js'),
   account;
@@ -57,2 +58,22 @@
 
+  describe('defaultAuthConfig', function() {
+
+    it('has a sane default auth configuration cribbed from Firebase', function() {
+
+      expect(FirebaseAccount.defaultAuthConfig)
+      .to.include.keys([
+        'domains',
+        'sessionLengthSeconds',
+        'anonymous',
+        'facebook',
+        'twitter',
+        'github',
+        'google',
+        'password'
+      ]);
+
+    });
+
+  });
+
   describe('#createDatabase', function() {
@@ -59,0 +80,0 @@

test/spec/instance.js

 
 'use strict';
 
-var Q = require('q');
+var Q = require('q'),
+  _ = require('lodash');
 
 var fbUser = process.env.FIREBASE_USER,
   fbPass = process.env.FIREBASE_PASS,
+  FirebaseAccount = require('../../account.js'),
   account,
@@ -28,16 +30,14 @@ instance,
     });
+
   });
 
   beforeEach(function() {
-
     return Q.delay(500);
-
   });
 
   after(function() {
-
     return account.deleteDatabase(instance);
-
   });
 
+
   describe('#getAuthTokens', function() {
@@ -142,2 +142,120 @@
 
+  describe('authentication', function() {
+
+    describe('with a pristine Firebase', function() {
+
+      describe('#getAuthConfig', function() {
+
+        it('gets the default (null) authConfig object', function() {
+
+          return expect(instance.getAuthConfig())
+          .to.eventually.equal(null);
+
+        });
+
+      });
+
+      describe('#setAuthConfig', function() {
+
+        it('sets the authConfig to the supplied configuration object', function() {
+
+          var config = _.cloneDeep(FirebaseAccount.defaultAuthConfig);
+          config.password.enabled = true;
+          return expect(instance.setAuthConfig(config))
+          .to.be.resolved;
+
+        });
+
+      });
+
+    });
+
+
+    describe('with a configured Firebase', function() {
+
+      describe('#getAuthConfig', function() {
+
+        it('actually returns the current configuration', function() {
+
+          return expect(instance.getAuthConfig())
+          .to.eventually.include.keys([
+            'domains',
+            'sessionLengthSeconds',
+            'anonymous',
+            'facebook',
+            'twitter',
+            'github',
+            'google',
+            'password'
+          ]);
+
+        });
+
+      });
+
+    });
+
+  });
+
+  describe('#createUser', function() {
+
+    it('creates a new user with the specified username and password', function() {
+
+      return expect(instance.createUser('foobar@foobar.com', 'blarg'))
+      .to.eventually.be.fulfilled;
+
+    });
+
+  });
+
+
+  describe('#listUsers', function() {
+
+    it('lists all users on the Firebase', function() {
+
+      return expect(instance.listUsers())
+      .to.eventually.have.length.above(0);
+
+    });
+
+  });
+
+  describe('#sendResetEmail', function() {
+
+    it('sends a reset email to the specified user', function() {
+
+      return expect(instance.sendResetEmail('foobar@foobar.com'))
+      .to.eventually.be.fulfilled;
+
+    });
+
+  });
+
+  describe('#changeUserPassword', function() {
+
+    it('changes the password of the specified user', function() {
+
+      return expect(instance.changeUserPassword('foobar@foobar.com'))
+      .to.eventually.be.fulfilled;
+
+    });
+
+  });
+
+  describe('#removeUser', function() {
+
+    it('removes the specified user', function() {
+
+      return instance.removeUser('foobar@foobar.com')
+      .then(function() {
+
+        return expect(instance.listUsers())
+        .to.eventually.have.length.below(1);
+
+      });
+
+    });
+
+  });
+
 });

Fixed alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

41604

increased by31.72%

Number of package files

17

increased by6.25%

Lines of code

952

increased by46.69%

Number of low supply chain risk alerts

8

decreased by-33.33%

No dependency changes