supertokens-node - npm Package Compare versions

6

lib/build/authUtils.d.ts

		@@ -332,2 +332,8 @@ // @ts-nocheck
		>;
		filterOutInvalidFirstFactorsOrThrowIfAllAreInvalid: (
		factorIds: string[],
		tenantId: string,
		hasSession: boolean,
		userContext: UserContext
		) => Promise<string[]>;
		};

68

lib/build/authUtils.js

		@@ -113,3 +113,3 @@ "use strict";
		// then we do not want to include a link in the email.
		const validFirstFactors = await filterOutInvalidFirstFactorsOrThrowIfAllAreInvalid(
		const validFirstFactors = await exports.AuthUtils.filterOutInvalidFirstFactorsOrThrowIfAllAreInvalid(
		factorIds,
		@@ -816,2 +816,35 @@ tenantId,
		},
		filterOutInvalidFirstFactorsOrThrowIfAllAreInvalid: async function (factorIds, tenantId, hasSession, userContext) {
		let validFactorIds = [];
		for (const id of factorIds) {
		// This util takes the tenant config into account (if it exists), then the MFA (static) config if it was initialized and set.
		let validRes = await utils_2.isValidFirstFactor(tenantId, id, userContext);
		if (validRes.status === "TENANT_NOT_FOUND_ERROR") {
		if (hasSession) {
		throw new error_1.default({
		type: error_1.default.UNAUTHORISED,
		message: "Tenant not found",
		});
		} else {
		throw new Error("Tenant not found error.");
		}
		} else if (validRes.status === "OK") {
		validFactorIds.push(id);
		}
		}
		if (validFactorIds.length === 0) {
		if (!hasSession) {
		throw new error_1.default({
		type: error_1.default.UNAUTHORISED,
		message: "A valid session is required to authenticate with secondary factors",
		});
		} else {
		throw new error_2.default({
		type: error_2.default.BAD_INPUT_ERROR,
		message: "First factor sign in/up called for a non-first factor with an active session.",
		});
		}
		}
		return validFactorIds;
		},
		};
		@@ -925,34 +958,1 @@ async function filterOutInvalidSecondFactorsOrThrowIfAllAreInvalid(
		}
		async function filterOutInvalidFirstFactorsOrThrowIfAllAreInvalid(factorIds, tenantId, hasSession, userContext) {
		let validFactorIds = [];
		for (const id of factorIds) {
		// This util takes the tenant config into account (if it exists), then the MFA (static) config if it was initialized and set.
		let validRes = await utils_2.isValidFirstFactor(tenantId, id, userContext);
		if (validRes.status === "TENANT_NOT_FOUND_ERROR") {
		if (hasSession) {
		throw new error_1.default({
		type: error_1.default.UNAUTHORISED,
		message: "Tenant not found",
		});
		} else {
		throw new Error("Tenant not found error.");
		}
		} else if (validRes.status === "OK") {
		validFactorIds.push(id);
		}
		}
		if (validFactorIds.length === 0) {
		if (!hasSession) {
		throw new error_1.default({
		type: error_1.default.UNAUTHORISED,
		message: "A valid session is required to authenticate with secondary factors",
		});
		} else {
		throw new error_2.default({
		type: error_2.default.BAD_INPUT_ERROR,
		message: "First factor sign in/up called for a non-first factor with an active session.",
		});
		}
		}
		return validFactorIds;
		}

41

lib/build/recipe/passwordless/api/implementation.js

		@@ -297,2 +297,11 @@ "use strict";
		factorIds = utils_1.getEnabledPwlessFactors(input.options.config);
		if (accountInfo.email !== undefined) {
		factorIds = factorIds.filter((factor) =>
		[multifactorauth_1.FactorIds.OTP_EMAIL, multifactorauth_1.FactorIds.LINK_EMAIL].includes(factor)
		);
		} else {
		factorIds = factorIds.filter((factor) =>
		[multifactorauth_1.FactorIds.OTP_PHONE, multifactorauth_1.FactorIds.LINK_PHONE].includes(factor)
		);
		}
		}
		@@ -430,3 +439,3 @@ const preAuthChecks = await authUtils_1.AuthUtils.preAuthChecks({
		deviceId: response.deviceId,
		flowType: input.options.config.flowType,
		flowType: flowType,
		preAuthSessionId: response.preAuthSessionId,
		@@ -537,3 +546,31 @@ };
		let userInputCode = undefined;
		const flowType = input.options.config.flowType;
		// This mirrors how we construct factorIds in createCodePOST
		let factorIds;
		if (input.session !== undefined) {
		if (deviceInfo.email !== undefined) {
		factorIds = [multifactorauth_1.FactorIds.OTP_EMAIL];
		} else {
		factorIds = [multifactorauth_1.FactorIds.OTP_PHONE];
		}
		// We do not do further filtering here, since we know the exact factor id and the fact that it was created
		// which means it was allowed and the user is allowed to re-send it.
		// We will execute all check when the code is consumed anyway.
		} else {
		factorIds = utils_1.getEnabledPwlessFactors(input.options.config);
		factorIds = await authUtils_1.AuthUtils.filterOutInvalidFirstFactorsOrThrowIfAllAreInvalid(
		factorIds,
		input.tenantId,
		false,
		input.userContext
		);
		}
		// This is correct because in createCodePOST we only allow OTP_EMAIL
		let flowType = input.options.config.flowType;
		if (factorIds.every((id) => id.startsWith("link"))) {
		flowType = "MAGIC_LINK";
		} else if (factorIds.every((id) => id.startsWith("otp"))) {
		flowType = "USER_INPUT_CODE";
		} else {
		flowType = "USER_INPUT_CODE_AND_MAGIC_LINK";
		}
		if (flowType === "MAGIC_LINK" \|\| flowType === "USER_INPUT_CODE_AND_MAGIC_LINK") {
		@@ -540,0 +577,0 @@ magicLink =

2

lib/build/version.d.ts

		// @ts-nocheck
		export declare const version = "17.0.2";
		export declare const version = "17.0.3";
		export declare const cdiSupported: string[];
		export declare const dashboardVersion = "0.11";

2

lib/build/version.js

		@@ -18,5 +18,5 @@ "use strict";
		*/
		exports.version = "17.0.2";
		exports.version = "17.0.3";
		exports.cdiSupported = ["5.0"];
		// Note: The actual script import for dashboard uses v{DASHBOARD_VERSION}
		exports.dashboardVersion = "0.11";

2

package.json

		{
		"name": "supertokens-node",
		"version": "17.0.2",
		"version": "17.0.3",
		"description": "NodeJS driver for SuperTokens core",
		@@ -5,0 +5,0 @@ "main": "index.js",

CHANGELOG.md

Sorry, the diff of this file is too big to display

Improved metrics