unleash.unleash/src/lib/services/reset-token-service.ts

import crypto from 'crypto';
import bcrypt from 'bcryptjs';
import { URL } from 'url';
import { Logger } from '../logger';
import UsedTokenError from '../error/used-token-error';
import InvalidTokenError from '../error/invalid-token-error';
import { IUnleashConfig } from '../types/option';
import { IUnleashStores } from '../types/stores';
import {
    IResetQuery,
    IResetToken,
    IResetTokenStore,
} from '../types/stores/reset-token-store';
import { hoursToMilliseconds } from 'date-fns';

interface IInviteLinks {
    [key: string]: string;
}

export default class ResetTokenService {
    private store: IResetTokenStore;

    private logger: Logger;

    private readonly unleashBase: string;

    constructor(
        { resetTokenStore }: Pick<IUnleashStores, 'resetTokenStore'>,
        { getLogger, server }: Pick<IUnleashConfig, 'getLogger' | 'server'>,
    ) {
        this.store = resetTokenStore;
        this.logger = getLogger('/services/reset-token-service.ts');
        this.unleashBase = server.unleashUrl;
    }

    async useAccessToken(token: IResetQuery): Promise<boolean> {
        try {
            await this.isValid(token.token);
            await this.store.useToken(token);
            return true;
        } catch (e) {
            return false;
        }
    }

    async getActiveInvitations(): Promise<IInviteLinks> {
        try {
            const tokens = await this.store.getActiveTokens();
            const links = tokens.reduce((acc, token) => {
                const inviteLink =
                    this.getExistingInvitationUrl(token).toString();

                acc[token.userId] = inviteLink;

                return acc;
            }, {});

            return links;
        } catch (e) {
            return {};
        }
    }

    async isValid(token: string): Promise<IResetToken> {
        let t;
        try {
            t = await this.store.getActive(token);
            if (!t.usedAt) {
                return t;
            }
        } catch (e) {
            throw new InvalidTokenError();
        }
        throw new UsedTokenError(t.usedAt);
    }

    private getExistingInvitationUrl(token: IResetToken) {
        return new URL(`${this.unleashBase}/new-user?token=${token.token}`);
    }

    private async createResetUrl(
        forUser: number,
        creator: string,
        path: string,
    ): Promise<URL> {
        const token = await this.createToken(forUser, creator);
        return Promise.resolve(
            new URL(`${this.unleashBase}${path}?token=${token.token}`),
        );
    }

    async createResetPasswordUrl(
        forUser: number,
        creator: string,
    ): Promise<URL> {
        const path = '/reset-password';
        return this.createResetUrl(forUser, creator, path);
    }

    async createNewUserUrl(forUser: number, creator: string): Promise<URL> {
        const path = '/new-user';
        return this.createResetUrl(forUser, creator, path);
    }

    async createToken(
        tokenUser: number,
        creator: string,
        expiryDelta: number = hoursToMilliseconds(24),
    ): Promise<IResetToken> {
        const token = await this.generateToken();
        const expiry = new Date(Date.now() + expiryDelta);
        await this.store.expireExistingTokensForUser(tokenUser);
        return this.store.insert({
            reset_token: token,
            user_id: tokenUser,
            expires_at: expiry,
            created_by: creator,
        });
    }

    private generateToken(): Promise<string> {
        return bcrypt.hash(crypto.randomBytes(32).toString(), 10);
    }
}

module.exports = ResetTokenService;
Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00			`import crypto from 'crypto';`
Fix/bcryptjs (#1239) fixes: #1108 2022-01-06 20:43:57 +01:00			`import bcrypt from 'bcryptjs';`
Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00			`import { URL } from 'url';`
			`import { Logger } from '../logger';`
			`import UsedTokenError from '../error/used-token-error';`
			`import InvalidTokenError from '../error/invalid-token-error';`
Feat/options need types (#794) feat: options are now typed - This makes it easier to know what to send to unleash.start / unleash.create - Using a Partial to instantiate the config, then melding it with defaults to get a config object with all fields set either to their defaults or to whatever is passed in. Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com> Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-04-22 10:07:10 +02:00			`import { IUnleashConfig } from '../types/option';`
fix: Stores as typescript and with interfaces. (#902) Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-08-12 15:04:37 +02:00			`import { IUnleashStores } from '../types/stores';`
			`import {`
			`IResetQuery,`
			`IResetToken,`
			`IResetTokenStore,`
			`} from '../types/stores/reset-token-store';`
fix: be explicit when specifying time & replace moment with date-fns (#1072) 2021-11-02 15:13:46 +01:00			`import { hoursToMilliseconds } from 'date-fns';`
Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00
Feat/add new user email (#793) * feat: send email when adding a new user * fix: rename method * fix: create welcome email * fix: update email templates * fix: add name to templates * refactor: reduce database calls to one * fix: alter tests * fix: remove console logs 2021-04-23 10:58:47 +02:00			`interface IInviteLinks {`
			`[key: string]: string;`
			`}`

Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00			`export default class ResetTokenService {`
fix: Stores as typescript and with interfaces. (#902) Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-08-12 15:04:37 +02:00			`private store: IResetTokenStore;`
Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00
			`private logger: Logger;`

fix: misunderstanding node URL api 2021-05-11 14:43:41 +02:00			`private readonly unleashBase: string;`
Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00
			`constructor(`
fix: Stores as typescript and with interfaces. (#902) Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-08-12 15:04:37 +02:00			`{ resetTokenStore }: Pick<IUnleashStores, 'resetTokenStore'>,`
Feat/options need types (#794) feat: options are now typed - This makes it easier to know what to send to unleash.start / unleash.create - Using a Partial to instantiate the config, then melding it with defaults to get a config object with all fields set either to their defaults or to whatever is passed in. Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com> Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-04-22 10:07:10 +02:00			`{ getLogger, server }: Pick<IUnleashConfig, 'getLogger' \| 'server'>,`
Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00			`) {`
fix: Stores as typescript and with interfaces. (#902) Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-08-12 15:04:37 +02:00			`this.store = resetTokenStore;`
Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00			`this.logger = getLogger('/services/reset-token-service.ts');`
fix: misunderstanding node URL api 2021-05-11 14:43:41 +02:00			`this.unleashBase = server.unleashUrl;`
Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00			`}`

			`async useAccessToken(token: IResetQuery): Promise<boolean> {`
			`try {`
			`await this.isValid(token.token);`
			`await this.store.useToken(token);`
			`return true;`
			`} catch (e) {`
			`return false;`
			`}`
			`}`

Feat/add new user email (#793) * feat: send email when adding a new user * fix: rename method * fix: create welcome email * fix: update email templates * fix: add name to templates * refactor: reduce database calls to one * fix: alter tests * fix: remove console logs 2021-04-23 10:58:47 +02:00			`async getActiveInvitations(): Promise<IInviteLinks> {`
			`try {`
			`const tokens = await this.store.getActiveTokens();`
			`const links = tokens.reduce((acc, token) => {`
fix: Stores as typescript and with interfaces. (#902) Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-08-12 15:04:37 +02:00			`const inviteLink =`
			`this.getExistingInvitationUrl(token).toString();`
Feat/add new user email (#793) * feat: send email when adding a new user * fix: rename method * fix: create welcome email * fix: update email templates * fix: add name to templates * refactor: reduce database calls to one * fix: alter tests * fix: remove console logs 2021-04-23 10:58:47 +02:00
			`acc[token.userId] = inviteLink;`

			`return acc;`
			`}, {});`

			`return links;`
			`} catch (e) {`
			`return {};`
			`}`
			`}`

Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00			`async isValid(token: string): Promise<IResetToken> {`
			`let t;`
			`try {`
			`t = await this.store.getActive(token);`
			`if (!t.usedAt) {`
			`return t;`
			`}`
			`} catch (e) {`
			`throw new InvalidTokenError();`
			`}`
			`throw new UsedTokenError(t.usedAt);`
			`}`

Feat/add new user email (#793) * feat: send email when adding a new user * fix: rename method * fix: create welcome email * fix: update email templates * fix: add name to templates * refactor: reduce database calls to one * fix: alter tests * fix: remove console logs 2021-04-23 10:58:47 +02:00			`private getExistingInvitationUrl(token: IResetToken) {`
fix: misunderstanding node URL api 2021-05-11 14:43:41 +02:00			return new URL(`${this.unleashBase}/new-user?token=${token.token}`);
Feat/add new user email (#793) * feat: send email when adding a new user * fix: rename method * fix: create welcome email * fix: update email templates * fix: add name to templates * refactor: reduce database calls to one * fix: alter tests * fix: remove console logs 2021-04-23 10:58:47 +02:00			`}`

Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00			`private async createResetUrl(`
			`forUser: number,`
			`creator: string,`
			`path: string,`
			`): Promise<URL> {`
			`const token = await this.createToken(forUser, creator);`
			`return Promise.resolve(`
fix: misunderstanding node URL api 2021-05-11 14:43:41 +02:00			new URL(`${this.unleashBase}${path}?token=${token.token}`),
Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00			`);`
			`}`

			`async createResetPasswordUrl(`
			`forUser: number,`
			`creator: string,`
			`): Promise<URL> {`
fix: reset-token-service should use unleashUrl 2021-05-07 10:38:41 +02:00			`const path = '/reset-password';`
Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00			`return this.createResetUrl(forUser, creator, path);`
			`}`

Feat/add new user email (#793) * feat: send email when adding a new user * fix: rename method * fix: create welcome email * fix: update email templates * fix: add name to templates * refactor: reduce database calls to one * fix: alter tests * fix: remove console logs 2021-04-23 10:58:47 +02:00			`async createNewUserUrl(forUser: number, creator: string): Promise<URL> {`
fix: reset-token-service should use unleashUrl 2021-05-07 10:38:41 +02:00			`const path = '/new-user';`
Feat/add new user email (#793) * feat: send email when adding a new user * fix: rename method * fix: create welcome email * fix: update email templates * fix: add name to templates * refactor: reduce database calls to one * fix: alter tests * fix: remove console logs 2021-04-23 10:58:47 +02:00			`return this.createResetUrl(forUser, creator, path);`
			`}`

Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00			`async createToken(`
			`tokenUser: number,`
			`creator: string,`
fix: be explicit when specifying time & replace moment with date-fns (#1072) 2021-11-02 15:13:46 +01:00			`expiryDelta: number = hoursToMilliseconds(24),`
Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00			`): Promise<IResetToken> {`
			`const token = await this.generateToken();`
			`const expiry = new Date(Date.now() + expiryDelta);`
			`await this.store.expireExistingTokensForUser(tokenUser);`
			`return this.store.insert({`
			`reset_token: token,`
			`user_id: tokenUser,`
			`expires_at: expiry,`
			`created_by: creator,`
			`});`
			`}`

			`private generateToken(): Promise<string> {`
Fix/bcryptjs (#1239) fixes: #1108 2022-01-06 20:43:57 +01:00			`return bcrypt.hash(crypto.randomBytes(32).toString(), 10);`
Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00			`}`
			`}`

			`module.exports = ResetTokenService;`