mirror of
https://github.com/NginxProxyManager/nginx-proxy-manager.git
synced 2025-09-14 10:52:34 +00:00
Convert backend to ESM
- About 5 years overdue - Remove eslint, use bomejs instead
This commit is contained in:
Jamie Curnow
@@ -1,14 +1,14 @@
|
||||
const _ = require('lodash');
|
||||
const error = require('../lib/error');
|
||||
const userModel = require('../models/user');
|
||||
const authModel = require('../models/auth');
|
||||
const helpers = require('../lib/helpers');
|
||||
const TokenModel = require('../models/token');
|
||||
import _ from "lodash";
|
||||
import errs from "../lib/error.js";
|
||||
import { parseDatePeriod } from "../lib/helpers.js";
|
||||
import authModel from "../models/auth.js";
|
||||
import TokenModel from "../models/token.js";
|
||||
import userModel from "../models/user.js";
|
||||
|
||||
const ERROR_MESSAGE_INVALID_AUTH = 'Invalid email or password';
|
||||
|
||||
module.exports = {
|
||||
const ERROR_MESSAGE_INVALID_AUTH = "Invalid email or password";
|
||||
const ERROR_MESSAGE_INVALID_AUTH_I18N = "error.invalid-auth";
|
||||
|
||||
export default {
|
||||
/**
|
||||
* @param {Object} data
|
||||
* @param {String} data.identity
|
||||
@@ -19,68 +19,65 @@ module.exports = {
|
||||
* @returns {Promise}
|
||||
*/
|
||||
getTokenFromEmail: (data, issuer) => {
|
||||
let Token = new TokenModel();
|
||||
const Token = TokenModel();
|
||||
|
||||
data.scope = data.scope || 'user';
|
||||
data.expiry = data.expiry || '1d';
|
||||
data.scope = data.scope || "user";
|
||||
data.expiry = data.expiry || "1d";
|
||||
|
||||
return userModel
|
||||
.query()
|
||||
.where('email', data.identity.toLowerCase().trim())
|
||||
.andWhere('is_deleted', 0)
|
||||
.andWhere('is_disabled', 0)
|
||||
.where("email", data.identity.toLowerCase().trim())
|
||||
.andWhere("is_deleted", 0)
|
||||
.andWhere("is_disabled", 0)
|
||||
.first()
|
||||
.then((user) => {
|
||||
if (user) {
|
||||
// Get auth
|
||||
return authModel
|
||||
.query()
|
||||
.where('user_id', '=', user.id)
|
||||
.where('type', '=', 'password')
|
||||
.where("user_id", "=", user.id)
|
||||
.where("type", "=", "password")
|
||||
.first()
|
||||
.then((auth) => {
|
||||
if (auth) {
|
||||
return auth.verifyPassword(data.secret)
|
||||
.then((valid) => {
|
||||
if (valid) {
|
||||
|
||||
if (data.scope !== 'user' && _.indexOf(user.roles, data.scope) === -1) {
|
||||
// The scope requested doesn't exist as a role against the user,
|
||||
// you shall not pass.
|
||||
throw new error.AuthError('Invalid scope: ' + data.scope);
|
||||
}
|
||||
|
||||
// Create a moment of the expiry expression
|
||||
let expiry = helpers.parseDatePeriod(data.expiry);
|
||||
if (expiry === null) {
|
||||
throw new error.AuthError('Invalid expiry time: ' + data.expiry);
|
||||
}
|
||||
|
||||
return Token.create({
|
||||
iss: issuer || 'api',
|
||||
attrs: {
|
||||
id: user.id
|
||||
},
|
||||
scope: [data.scope],
|
||||
expiresIn: data.expiry
|
||||
})
|
||||
.then((signed) => {
|
||||
return {
|
||||
token: signed.token,
|
||||
expires: expiry.toISOString()
|
||||
};
|
||||
});
|
||||
} else {
|
||||
throw new error.AuthError(ERROR_MESSAGE_INVALID_AUTH);
|
||||
return auth.verifyPassword(data.secret).then((valid) => {
|
||||
if (valid) {
|
||||
if (data.scope !== "user" && _.indexOf(user.roles, data.scope) === -1) {
|
||||
// The scope requested doesn't exist as a role against the user,
|
||||
// you shall not pass.
|
||||
throw new errs.AuthError(`Invalid scope: ${data.scope}`);
|
||||
}
|
||||
});
|
||||
} else {
|
||||
throw new error.AuthError(ERROR_MESSAGE_INVALID_AUTH);
|
||||
|
||||
// Create a moment of the expiry expression
|
||||
const expiry = parseDatePeriod(data.expiry);
|
||||
if (expiry === null) {
|
||||
throw new errs.AuthError(`Invalid expiry time: ${data.expiry}`);
|
||||
}
|
||||
|
||||
return Token.create({
|
||||
iss: issuer || "api",
|
||||
attrs: {
|
||||
id: user.id,
|
||||
},
|
||||
scope: [data.scope],
|
||||
expiresIn: data.expiry,
|
||||
}).then((signed) => {
|
||||
return {
|
||||
token: signed.token,
|
||||
expires: expiry.toISOString(),
|
||||
};
|
||||
});
|
||||
}
|
||||
throw new errs.AuthError(
|
||||
ERROR_MESSAGE_INVALID_AUTH,
|
||||
ERROR_MESSAGE_INVALID_AUTH_I18N,
|
||||
);
|
||||
});
|
||||
}
|
||||
throw new errs.AuthError(ERROR_MESSAGE_INVALID_AUTH);
|
||||
});
|
||||
} else {
|
||||
throw new error.AuthError(ERROR_MESSAGE_INVALID_AUTH);
|
||||
}
|
||||
throw new errs.AuthError(ERROR_MESSAGE_INVALID_AUTH);
|
||||
});
|
||||
},
|
||||
|
||||
@@ -92,48 +89,45 @@ module.exports = {
|
||||
* @returns {Promise}
|
||||
*/
|
||||
getFreshToken: (access, data) => {
|
||||
let Token = new TokenModel();
|
||||
const Token = TokenModel();
|
||||
const thisData = data || {};
|
||||
|
||||
data = data || {};
|
||||
data.expiry = data.expiry || '1d';
|
||||
|
||||
if (access && access.token.getUserId(0)) {
|
||||
thisData.expiry = thisData.expiry || "1d";
|
||||
|
||||
if (access?.token.getUserId(0)) {
|
||||
// Create a moment of the expiry expression
|
||||
let expiry = helpers.parseDatePeriod(data.expiry);
|
||||
const expiry = parseDatePeriod(thisData.expiry);
|
||||
if (expiry === null) {
|
||||
throw new error.AuthError('Invalid expiry time: ' + data.expiry);
|
||||
throw new errs.AuthError(`Invalid expiry time: ${thisData.expiry}`);
|
||||
}
|
||||
|
||||
let token_attrs = {
|
||||
id: access.token.getUserId(0)
|
||||
const token_attrs = {
|
||||
id: access.token.getUserId(0),
|
||||
};
|
||||
|
||||
// Only admins can request otherwise scoped tokens
|
||||
let scope = access.token.get('scope');
|
||||
if (data.scope && access.token.hasScope('admin')) {
|
||||
scope = [data.scope];
|
||||
let scope = access.token.get("scope");
|
||||
if (thisData.scope && access.token.hasScope("admin")) {
|
||||
scope = [thisData.scope];
|
||||
|
||||
if (data.scope === 'job-board' || data.scope === 'worker') {
|
||||
if (thisData.scope === "job-board" || thisData.scope === "worker") {
|
||||
token_attrs.id = 0;
|
||||
}
|
||||
}
|
||||
|
||||
return Token.create({
|
||||
iss: 'api',
|
||||
scope: scope,
|
||||
attrs: token_attrs,
|
||||
expiresIn: data.expiry
|
||||
})
|
||||
.then((signed) => {
|
||||
return {
|
||||
token: signed.token,
|
||||
expires: expiry.toISOString()
|
||||
};
|
||||
});
|
||||
} else {
|
||||
throw new error.AssertionFailedError('Existing token contained invalid user data');
|
||||
iss: "api",
|
||||
scope: scope,
|
||||
attrs: token_attrs,
|
||||
expiresIn: thisData.expiry,
|
||||
}).then((signed) => {
|
||||
return {
|
||||
token: signed.token,
|
||||
expires: expiry.toISOString(),
|
||||
};
|
||||
});
|
||||
}
|
||||
throw new error.AssertionFailedError("Existing token contained invalid user data");
|
||||
},
|
||||
|
||||
/**
|
||||
@@ -141,24 +135,23 @@ module.exports = {
|
||||
* @returns {Promise}
|
||||
*/
|
||||
getTokenFromUser: (user) => {
|
||||
const expire = '1d';
|
||||
const Token = new TokenModel();
|
||||
const expiry = helpers.parseDatePeriod(expire);
|
||||
const expire = "1d";
|
||||
const Token = new TokenModel();
|
||||
const expiry = parseDatePeriod(expire);
|
||||
|
||||
return Token.create({
|
||||
iss: 'api',
|
||||
iss: "api",
|
||||
attrs: {
|
||||
id: user.id
|
||||
id: user.id,
|
||||
},
|
||||
scope: ['user'],
|
||||
expiresIn: expire
|
||||
})
|
||||
.then((signed) => {
|
||||
return {
|
||||
token: signed.token,
|
||||
expires: expiry.toISOString(),
|
||||
user: user
|
||||
};
|
||||
});
|
||||
}
|
||||
scope: ["user"],
|
||||
expiresIn: expire,
|
||||
}).then((signed) => {
|
||||
return {
|
||||
token: signed.token,
|
||||
expires: expiry.toISOString(),
|
||||
user: user,
|
||||
};
|
||||
});
|
||||
},
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user