v3.0.0

v3.0.0 (2020-11-08)

✨ New features

• 47ceb5bc Add support for login links
• 161b2643 Add endpoint for password details
• ef5654db Ship Casbin-powered permissions (fixed #337)
  (Issues: #337)- 872559c6 Add user access token scopes endpoint
• 5225c309 Add API scopes endpoint
• 8de94323 Add gender prediction API
• e9baebd9 Auto-fill country, timezone
• cbb355ee Add Sentry
• ff44de69 Add support for disabling billing
• b248d84c Add new user registrations check
• 54774f25 Add newUserRegistrationDomains check
• d6beaf83 Add Prisma CRUD endpoints
• b1074976 Add pipes for optional int, order by
• 6b732e2a Add support for cursor
• 6d43fcfe Use DTO in PATCH method
• c9f03df3 Add auth module with register
• c9291532 Add registration with email conflict check
• b311e5af Add common configuration
• 7b6902d8 Render and send emails
• 9fe994d3 Add HTML email layout
• a7979c22 Add resend email verification endpoint
• 3b4a4680 Add authentication
• 5abd4987 Add refresh token endpoint
• d1e9e252 Add scope authorization in Guard
• 93d82e1c Expose data by removing secrets
• 0e7c8b20 Add session endpoints
• 8233d52a Add endpoints for access tokens
• 276c95a3 Add endpoints for user memberships
• f7082e0f Add emails module
• 818ad11a Add groups endpoints
• 26c0c0ef Add group membership controller
• a642b7ea Support creating groups, memberships
• 183b6749 Add Pwned module
• 21a7cb4f Add support for password change, refactor auth
• d99de49c Add scheduler to delete sessions
• b3ec3fc4 Add helmet for security
• 754495e1 Add OpenAPI docs
• e3628898 Add tokens module, 2FA
• 9aaee67a Add logout endpoint
• cee3a55c Add 2FA enable/disable endpoints
• f8f47f29 Add password forgot/reset
• 339a29da Add verify emails endpoint
• e4e78e1d Add approved subnets endpoints
• b3f60938 Add geolocation service
• 2c892e83 Add approve subnet endpoint
• 0f219cdc Add support for MFA when logging in
• e314375b Login with email token endpoints
• 8c7f926b Send membership welcome email
• 9857fbc5 Support logging in backup code
• f1337775 Add group API keys module
• 62ee163d Add basic Stripe module
• 0dc4b422 Add Stripe invoices endpoints
• ec9ec37b Add Twilio module
• ce710401 Add SMS MFA OTP
• b147b685 Add email MFA
• f39eddac Add Stripe sources endpoints
• 74df85c2 Add API key scopes
• 2a8170f1 Add domain module
• 59a4a7cb Add DNS module
• e160f8ef Add HTML domain verification
• 9da99653 Add subscription endpoints
• 7506cb20 Handle Stripe webhook event
• 049e3eb0 Add audit logs module
• 36bda486 Create audit log
• 47869cdd Add webhooks module
• 53ebb4a8 Trigger webhooks on audit log
• 8a5c0152 Implement LRU for API keys
• bf9976d8 Add API key users controllers
• 7c35bd21 Serve static files
• cbc8034c Add support for merging users (fixed #950)
  (Issues: #950)- 727b6112 Add SMS-based MFA method

♻️ Updates

• 3dadf22f Change snake to camel case
• e7ab0eb7 Change organization to group
• 5cd080ea Update organization group
• 9691e797 Update user service references
• dd86fb40 Update org
• efbc78f9 Organize imports, update user rest
• cabd9e13 Make login password optional
• 8b2e8e12 Use object param for mail
• 6b09c3e3 Allow all attributes in mail
• 4dc4bf69 Update helpers
• 91ac3cc6 Use TWT instead of username
• 3f3ccf14 Use number for ID, not string
• 8cae2670 Remove fallback from TWT
• 0efe1c8f Use number instead of string in ID
• 1a7a1181 Use number IDs in controllers
• 170ba999 Add login link token to email
• 5edf233a Use number ID for user, validate number
• a3535905 Use number for org ID
• 2c201062 Use TWT for IDs
• e70fa98c Use TWT of length 10
• 8327891f Support all id-like keys with TWT
• bba4a39a Allow empty passwords
• ae0022b9 Add decode TWT function
• 5a6fa2e7 Use string for ID validation
• 08a2c53a Use Joi.number() for ID
• 8c90ee64 use take in rest
• d598a1f1 Use any for res.locals
• 9558c36d Use take in Prisma
• 905e0181 Use new authorization helper in user.ts
• 9301944a Add Casbin admin scopes
• 02799be5 Use new authorization can in group, auth
• 28b0b142 Change params to subject, action, object
• cd1fb73e Remove expiry from access tokens
• fefcdba2 Move access token scopes to security
• 2a75733f Use constants in policy
• 13490a14 Update delete casbin policies
• 3fac6c93 Remove username validation
• 63577fad Change API key, access token length to 32
• 629b7aac Update group ID as attribute
• 1e040a76 Change stripeCustomerId to stripeCustomer
• 9b760e1d Skip test for Stripe
• cd433d17 Make tracking optional
• d83146ce Check tracking config before ES
• 0f300e3b Move some config from file
• 733f923d Use config helpr instead of imports
• b4c6176d Use email config with Nodemailer interface
• 34eb080f Use session UUID as refresh token
• 527ab9a3 Get user ID, scopes in JWT strategy
• 3e259b43 Use access toke ngenerator abstraction
• 6a31e886 Use local scope guards (https://stackoverflow.com/a/50801832/1656944)
• d30ce2fa Use session ID as param
• 959dc7b8 Use global guards, @public decorator
• be84f02f Use new scope structure
• 915c5ae6 Send email not verified exception message
• b7cf9f39 Hash passwords, ensure uncompromised
• 62d6ae04 Use prisma directly not authService
• f7697ebd Use safe email helper
• 75fc733f Lowercase, remove plus from email
• e69cc370 Use import instead of import type
• 750eb880 Change 2fa to totp
• 0857ae77 Use auth module-scoped constants
• 3fb490fa Change approved location -> approved subnet
• fe973961 Hash approved subnets
• d0bb693c Add cache to geolocation
• d9899226 Store geolocation in approved subnets
• 24afea03 Approve new subnets in auth
• 63bac411 Allow adding team members without name
• ffd8fdf8 Generate/regenerate backup codes in 2FA
• e3349735 Add email verification template
• d4c10d29 Add create/delete/replace customer endpoint
• 560c03ac Allow uppercase sorting
• 6c2897da Use relative import paths
• 170bc5de Use .env data in configuration
• 20d8cebb Change twoFactorEnabled -> twoFactorMethod
• b5d94ce7 Use TokensService for UUID
• b490af16 Update scopes in controllers
• 3253de5b Normalize domain URL
• c401a330 Normalize +, . in emails
• c0b928a8 Use raw/JSON middleware
• c797457b Change auth controller login routes
• aa80db1b Use constant for login token sub
• a39009b7 Add membership module to app
• 27066a69 Add pretty profile pictures for domain, group, user
• 86a456d1 Add ID to auth token
• 43e85967 Use Gravatar as user profile picture
• 5a1cb701 Add audit log decorators on controller
• 74705d67 Add webhook scopes to API key
• 6c546cfa Add webhook scopes endpoint
• 89af8027 Add group/user methods in API kes
• c84bccba Add API key scopes for user
• 24f0d246 Only allow clean, secure scopes in API keys
• b32c5af3 Use custom JWT strategy
• 49ed4a47 Support referrer restrictions in API keys
• e24b26d0 Check IP address restrictions in API keys
• 269d1f17 Rename jwt -> staart in auth
• 500534bf Use user object in auth objects
• 149651c2 Use service name in loggers
• 8ac6f7f3 Send response time headers
• 8e248ffa Don't use native errors
• 402ce140 Don't use HttpException
• a7ee700f Use error constants
• 91aba2e3 Add constants errors in pipes
• d0e58468 Add descriptions for errors
• 52e5de85 Add global controller prefix

🐛 Bug fixes

• cf4a8fd7 Wait for token to be generated
• 128d995b Use Tokens.LOGIN_LINK to verify JWT
• 661bf6d0 Use string for userId in TWT
• 75fc64fc Use take instead of first
• 97b21181 Use TWT in local to token
• 780e7d6b Use where with ID key
• aea4d9f0 Use numbers not TWTs in controllers
• b3f2f9bc Use string adapter for casbin model
• 294a5682 Use integer IDs, not TWTs, in casbin policy
• 14f3182e Change scopes type in access token, API key
• 17f07562 Make sure user has a verified email
• dc67971e Only allow admin, member roles in teams
• 4d070cf1 Create memberships manually
• 27baa6ec Allow prefers email ID
• 3a0f0c4d Change profilePicture to Url suffix
• 87c9b13e Fix stripe customer ID key
• d3c8c255 Change imports to config
• 5e6d6918 Make keys in DTO optional
• f27c6b9d Ensure result exists before accessing user
• a166eaa1 Fix use authentication in class
• 9cdea097 Specify IP address when adding member, add module
• 97096b3f Use object payload for JWT
• 99f9058d Fix registration, location
• 10a4b3c0 Fix password hash in Pwned
• 087701ea Use module imports, not service
• fb46eeb4 Import StripeModule
• f883155b Move scopes endpoint to top
• e2541a16 Add ConfigModule to ApiKeysModule

🔒 Security issues

• e1d3e0cb Add AuthGuard in user endpoints
• 653ccfc4 Add scopes and guards on user routes

⬆️ Dependency updates

• 5693784b Update @staart/redis
• c38e0464 Update @staart/redis to v2.3.0
• b9e775fd Update @staart/scripts to v1.17.0
• 713dc5af Update @staart/payments to v4.0.0
• 59f2ec6b Update @prisma to v2.4.1
• 6e121dc5 Update twt to v1.2.0
• 71f81595 Update cosmic to v1.0.1
• 517fd0d1 Update @staart/scripts to v1.18.0
• 9bf7fcb5 Update staart/scripts to v1.18.1
• 51c8f8e8 Update @staart/elasticsearch to v2.2.4
• 0edb1ad5 Update @staart/scripts to v1.18.2
• 114e200d Update @sentry/node, @staart/scripts
• 34242e21 Update update-template to v1.1.2
• 1262a0ff Update all dependencies
• 5f48cf67 Update all dependencies

💥 Breaking changes

• ec11d6f2 Add v3