Release/update workflows

.github/workflows/cron-dependency-checker-workflow.yml

@@ -17,7 +17,7 @@ jobs:
       - name: Install Node
         uses: actions/setup-node@v1
         with:
-          node-version: 12
+          node-version: 16
 
       - name: NPM Install
         run: npm i

.github/workflows/on-version-update.yml

@@ -21,7 +21,7 @@ jobs:
       - name: Install Node
         uses: actions/setup-node@v1
         with:
-          node-version: 12
+          node-version: 16
 
       - name: Bump Version and Create Tag
         uses: phips28/gh-action-bump-version@master

.github/workflows/pr-open-to-master-workflows.yml

@@ -21,7 +21,7 @@ jobs:
       - name: Install Node
         uses: actions/setup-node@v1
         with:
-          node-version: 12
+          node-version: 16
 
       - name: Install Newman
         run: |

.run/install.run.xml

@@ -2,7 +2,7 @@
   <configuration default="false" name="install" type="js.build_tools.npm">
     <package-json value="$PROJECT_DIR$/package.json" />
     <command value="install" />
-    <node-interpreter value="project" />
+    <node-interpreter value="/usr/local/bin/node" />
     <envs>
       <env name="PORT" value="4000" />
       <env name="ACCESS_TOKEN_SECRET" value="443f000de3bb0f2cc55c86f7f4de55cf4b3cbb2e87a87f0a9eda4e7325429d070f6b7873efa098e577820a9c237b05f608654a5ecefd700961a4ac3deb84c6a0" />

.run/outdated.run.xml

@@ -5,7 +5,7 @@
     <scripts>
       <script value="outdated" />
     </scripts>
-    <node-interpreter value="project" />
+    <node-interpreter value="/usr/local/bin/node" />
     <envs />
     <method v="2" />
   </configuration>

.run/postmanDevelop.run.xml

@@ -6,7 +6,7 @@
       <script value="postmanDevelop" />
     </scripts>
     <arguments value="--adminAuthToken=admin-auth-token=${OTH_ADMIN_AUTH_TOKEN} --responseEncryptionSecret=response-encryption-secret=${OTH_RESPONSE_ENCRYPTION_SECRET}" />
-    <node-interpreter value="project" />
+    <node-interpreter value="/usr/local/bin/node" />
     <envs />
     <method v="2" />
   </configuration>

.run/postmanLocal.run.xml

@@ -6,7 +6,7 @@
       <script value="postmanLocal" />
     </scripts>
     <arguments value="--adminAuthToken=admin-auth-token=${OTH_ADMIN_AUTH_TOKEN} --responseEncryptionSecret=response-encryption-secret=${OTH_RESPONSE_ENCRYPTION_SECRET}" />
-    <node-interpreter value="project" />
+    <node-interpreter value="/usr/local/bin/node" />
     <envs />
     <method v="2" />
   </configuration>

.run/start.run.xml

@@ -5,7 +5,7 @@
     <scripts>
       <script value="start" />
     </scripts>
-    <node-interpreter value="project" />
+    <node-interpreter value="/usr/local/bin/node" />
     <envs />
     <method v="2" />
   </configuration>

.run/startLocal.run.xml

@@ -5,7 +5,7 @@
     <scripts>
       <script value="startLocal" />
     </scripts>
-    <node-interpreter value="project" />
+    <node-interpreter value="/usr/local/bin/node" />
     <envs />
     <method v="2" />
   </configuration>

.run/update.run.xml

@@ -2,7 +2,7 @@
   <configuration default="false" name="update" type="js.build_tools.npm">
     <package-json value="$PROJECT_DIR$/package.json" />
     <command value="update" />
-    <node-interpreter value="project" />
+    <node-interpreter value="/usr/local/bin/node" />
     <envs />
     <method v="2" />
   </configuration>

README.md

@@ -63,6 +63,7 @@ MODULE=AuthServer
 ENVIRONMENT=Local
 
 CLIENT_URL=http://localhost:4200
+ADMIN_CLIENT_URLS="http://localhost:4202"
 CLIENT_RESET_PASSWORD_URL=http://localhost:4200/reset-password
 CLIENT_VERIFICATION_SUCCESS_URL=http://localhost:4200/verify-account
 
@@ -145,3 +146,4 @@ Refer to **[CODE_OF_CONDUCT.md](https://github.com/open-template-hub/.github/blo
 ## LICENSE
 
 The source code for this project is released under the [MIT License](LICENSE).
+

app/controller/auth.controller.ts

@@ -28,6 +28,7 @@ export class AuthController {
       private environment = new Environment(),
       private tokenUtil: TokenUtil = new TokenUtil( environment.args() )
   ) {
+    /* intentionally blank */
   }
 
   /**
@@ -40,6 +41,7 @@ export class AuthController {
   signup = async (
       db: PostgreSqlProvider,
       message_queue_provider: MessageQueueProvider,
+      origin: string,
       user: User,
       languageCode?: string
   ) => {
@@ -67,7 +69,7 @@ export class AuthController {
 
     if ( isAutoVerify ) {
       await this.verify( db, verificationToken );
-      return this.login( db, message_queue_provider, user );
+      return this.login( db, message_queue_provider, origin, user );
     } else {
       const orchestrationChannelTag =
           this.environment.args().mqArgs?.orchestrationServerMessageQueueChannel;
@@ -106,6 +108,7 @@ export class AuthController {
   login = async (
       db: PostgreSqlProvider,
       messageQueueProvider: MessageQueueProvider,
+      origin: string,
       user: User,
       skipTwoFactorControl: boolean = false
   ) => {
@@ -127,6 +130,13 @@ export class AuthController {
 
     let dbUser = await userRepository.findUserByUsernameOrEmail( username );
 
+    // if user is not admin and origin is related with admin clients, do not permit to process
+    if(dbUser?.role && dbUser.role !== UserRole.ADMIN && process.env.ADMIN_CLIENT_URLS?.includes(origin)) {
+      let e = new Error("Bad Credentials") as HttpError;
+      e.responseCode = ResponseCode.FORBIDDEN;
+      throw e;
+    }
+
     if ( !( await bcrypt.compare( user.password, dbUser.password ) ) ) {
       let e = new Error( 'Bad credentials' ) as HttpError;
       e.responseCode = ResponseCode.FORBIDDEN;
@@ -360,4 +370,50 @@ export class AuthController {
     }
     return maskedNumber;
   }
+
+  getUsers = async (
+    db: PostgreSqlProvider,
+    role?: string,
+    verified?: any,
+    oauth?: any,
+    twoFA?: any,
+    username?: string,
+    offset?: number,
+    limit?: number
+  ) => {
+    const userRepository = new UserRepository(db);
+
+    if(role === 'All') {
+      role = '';
+    }
+
+    if(verified === 'true') {
+      verified = true
+    } else if(verified === 'false') {
+      verified = false
+    }
+
+    if(twoFA === 'true') {
+      twoFA = true
+    } else if(twoFA === 'false') {
+      twoFA = false
+    }
+
+    if(!offset) {
+      offset = 0;
+    }
+
+    if(!limit) {
+      limit = 20;
+    }
+
+    let users: any[] = []
+    let count: any;
+
+    users = await userRepository.getAllUsers(role ?? '', verified, twoFA, oauth, username ?? '', offset, limit);
+    count = +(await userRepository.getAllUsersCount(role ?? '', verified, twoFA, oauth, username ?? '')).count ?? 0;
+
+    return { users, meta: { offset, limit, count } };
+  }
 }
+

app/controller/info.controller.ts

@@ -16,4 +16,9 @@ export class InfoController {
     const userRepository = new UserRepository( db );
     return userRepository.findEmailByUsername( user.username );
   };
+
+  other = async( db: PostgreSqlProvider, username: string ) => {
+    const userRepository = new UserRepository( db );
+    return userRepository.findEmailByUsername( username );
+  }
 }

app/repository/social-login.repository.ts

@@ -92,4 +92,44 @@ export class SocialLoginRepository {
       throw error;
     }
   };
+
+  getAllUsersByKey = async(
+    username: string,
+    socialLoginKey: string,
+    offset: number,
+    limit: number
+  ) => {
+    let response;
+
+    try {
+      response = await this.provider.query(
+         'SELECT social_login_key, username, external_user_email, social_login_mappings.social_login_key FROM social_login_mappings WHERE social_login_key = $1 and (username LIKE $2 or external_user_email LIKE $3) ORDER BY username OFFSET $4 LIMIT $5',
+         [socialLoginKey, '%' + username + '%', '%' + username + '%', offset, limit]
+      );
+    } catch(error) {
+      console.error(error);
+      throw error;
+    }
+
+    return response.rows;
+  }
+
+  getAllUsersByKeyCount = async(
+    username: string,
+    socialLoginKey: string
+  ) => {
+    let response;
+
+    try {
+      response = await this.provider.query(
+        'SELECT COUNT(*) FROM social_login_mappings WHERE social_login_key = $1 and (username LIKE $2 or external_user_email LIKE $3)',
+        [socialLoginKey, '%' + username + '%', '%' + username + '%']
+      )
+    } catch(error) {
+      console.error(error);
+      throw error;
+    }
+
+    return response.rows;
+  }
 }

app/repository/user.repository.ts

@@ -214,4 +214,89 @@ export class UserRepository {
       throw error;
     }
   };
+
+  getAllUsers = async(role: string, verified: boolean | undefined, twoFA: boolean | undefined, oauth: string | undefined, username: string, offset: number, limit: number) => {    
+    let response;
+
+    try {
+      let whereQueryString = "WHERE role ILIKE $3 and (users.username LIKE $4 or email LIKE $5)"
+      let whereQueryParams: Array<any> = ['%' + role + '%', '%' + username + '%', '%' + username + '%']
+
+      let paramCounter = 6;
+
+      if(verified !== undefined) {
+        whereQueryString += ` and verified = $${paramCounter}`
+        paramCounter += 1
+        whereQueryParams.push(verified)
+      }
+
+      if(twoFA !== undefined) {
+        whereQueryString += ` and two_factor_enabled = $${paramCounter}`
+        paramCounter += 1
+        whereQueryParams.push(twoFA)
+      }
+
+      if(oauth !== undefined) {
+        if(oauth === 'exclude') {
+          whereQueryString += ` and social_login_mappings.social_login_key IS NULL`
+        } else {
+          whereQueryString += ` and social_login_mappings.social_login_key = $${paramCounter}`
+          whereQueryParams.push(oauth)
+        }
+      }
+
+      response = await this.provider.query(
+        `SELECT users.username, users.email, users.verified, users.phone_number as phoneNumber, users.two_factor_enabled as twoFactorEnabled, social_login_mappings.external_user_email, social_login_mappings.social_login_key FROM users LEFT JOIN social_login_mappings ON users.username = social_login_mappings.username ${whereQueryString} ORDER BY users.username OFFSET $1 LIMIT $2`,
+        [offset, limit, ...whereQueryParams]
+      );
+    } catch ( error ) {
+      console.error( error );
+      throw error;
+    }
+
+    return response.rows
+  }
+
+  getAllUsersCount = async(role: string, verified: boolean | undefined, twoFA: boolean | undefined, oauth: string | undefined, username: string) => {
+    let response;
+    try {
+
+      let whereQueryString = "WHERE role ILIKE $1 and users.username LIKE $2"
+      let whereQueryParams: any[] = ['%' + role + '%', '%' + username + '%']
+
+      let paramCounter = 3
+
+      if(verified !== undefined) {
+        whereQueryString += ` and verified = $${paramCounter}`
+        paramCounter += 1
+        whereQueryParams.push(verified) 
+      }
+
+      if(twoFA !== undefined) {
+        whereQueryString += ` and two_factor_enabled = $${paramCounter}`;
+        paramCounter += 1
+        whereQueryParams.push(twoFA)
+      }
+
+      if(oauth !== undefined) {
+        if(oauth === 'exclude') {
+          whereQueryString += ` and social_login_mappings.social_login_key IS NULL`
+        } else {
+          whereQueryString += ` and social_login_mappings.social_login_key = $${paramCounter}`
+          whereQueryParams.push(oauth)  
+        }
+      } 
+
+      response = await this.provider.query(
+       `SELECT COUNT(*) FROM users LEFT JOIN social_login_mappings ON users.username = social_login_mappings.username ${whereQueryString}`,
+        [...whereQueryParams]
+      );
+      this.shouldHaveSingleRow( response );
+    } catch(error) {
+      console.log(error);
+      throw error;
+    }
+
+    return response.rows[0]
+  }
 }