reset totp
This commit is contained in:
parent
48a8d1fb45
commit
fa1eb6a5f0
14 changed files with 354 additions and 83 deletions
|
|
@ -22,7 +22,7 @@ export async function login(req: Request, res: Response): Promise<any> {
|
|||
let username = req.body.username;
|
||||
let totp = req.body.totp;
|
||||
|
||||
let { id, secret, mail, firstname, lastname, isOwner } = await UserService.getByUsername(username);
|
||||
let { id, secret } = await UserService.getByUsername(username);
|
||||
|
||||
let valid = speakeasy.totp.verify({
|
||||
secret: secret,
|
||||
|
|
@ -35,39 +35,12 @@ export async function login(req: Request, res: Response): Promise<any> {
|
|||
throw new UnauthorizedRequestException("Token not valid or expired");
|
||||
}
|
||||
|
||||
let userPermissions = await UserPermissionService.getByUser(id);
|
||||
let userPermissionStrings = userPermissions.map((e) => e.permission);
|
||||
let userRoles = await UserService.getAssignedRolesByUserId(id);
|
||||
let rolePermissions = userRoles.length != 0 ? await RolePermissionService.getByRoles(userRoles.map((e) => e.id)) : [];
|
||||
let rolePermissionStrings = rolePermissions.map((e) => e.permission);
|
||||
let permissionObject = PermissionHelper.convertToObject([...userPermissionStrings, ...rolePermissionStrings]);
|
||||
|
||||
let jwtData: JWTToken = {
|
||||
userId: id,
|
||||
mail: mail,
|
||||
username: username,
|
||||
firstname: firstname,
|
||||
lastname: lastname,
|
||||
isOwner: isOwner,
|
||||
permissions: permissionObject,
|
||||
};
|
||||
|
||||
let accessToken: string;
|
||||
let refreshToken: string;
|
||||
|
||||
JWTHelper.create(jwtData)
|
||||
.then((result) => {
|
||||
accessToken = result;
|
||||
})
|
||||
.catch((err) => {
|
||||
console.log(err);
|
||||
throw new InternalException("Failed accessToken creation", err);
|
||||
});
|
||||
let accessToken = await JWTHelper.buildToken(id);
|
||||
|
||||
let refreshCommand: CreateRefreshCommand = {
|
||||
userId: id,
|
||||
};
|
||||
refreshToken = await RefreshCommandHandler.create(refreshCommand);
|
||||
let refreshToken = await RefreshCommandHandler.create(refreshCommand);
|
||||
|
||||
res.json({
|
||||
accessToken,
|
||||
|
|
@ -106,40 +79,15 @@ export async function refresh(req: Request, res: Response): Promise<any> {
|
|||
throw new UnauthorizedRequestException("user not identified with token and refresh");
|
||||
}
|
||||
|
||||
let { id, username, mail, firstname, lastname, isOwner } = await UserService.getById(tokenUserId);
|
||||
|
||||
let permissions = await UserPermissionService.getByUser(id);
|
||||
let permissionStrings = permissions.map((e) => e.permission);
|
||||
let permissionObject = PermissionHelper.convertToObject(permissionStrings);
|
||||
|
||||
let jwtData: JWTToken = {
|
||||
userId: id,
|
||||
mail: mail,
|
||||
username: username,
|
||||
firstname: firstname,
|
||||
lastname: lastname,
|
||||
isOwner: isOwner,
|
||||
permissions: permissionObject,
|
||||
};
|
||||
|
||||
let accessToken: string;
|
||||
let refreshToken: string;
|
||||
|
||||
JWTHelper.create(jwtData)
|
||||
.then((result) => {
|
||||
accessToken = result;
|
||||
})
|
||||
.catch((err) => {
|
||||
throw new InternalException("Failed accessToken creation", err);
|
||||
});
|
||||
let accessToken = await JWTHelper.buildToken(tokenUserId);
|
||||
|
||||
let refreshCommand: CreateRefreshCommand = {
|
||||
userId: id,
|
||||
userId: tokenUserId,
|
||||
};
|
||||
refreshToken = await RefreshCommandHandler.create(refreshCommand);
|
||||
let refreshToken = await RefreshCommandHandler.create(refreshCommand);
|
||||
|
||||
let removeToken: DeleteRefreshCommand = {
|
||||
userId: id,
|
||||
userId: tokenUserId,
|
||||
token: refresh,
|
||||
};
|
||||
await RefreshCommandHandler.deleteByToken(removeToken);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue