From 3cc844a06ad813b5a06b656d4afc03b62fb43504 Mon Sep 17 00:00:00 2001 From: Luis Mesas Date: Fri, 27 Nov 2015 11:00:18 -0800 Subject: [PATCH 1/3] feat: added deviceVersion to salesforce login --- src/platforms/salesforce.js | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/platforms/salesforce.js b/src/platforms/salesforce.js index d8f38ff..4cc06b2 100644 --- a/src/platforms/salesforce.js +++ b/src/platforms/salesforce.js @@ -99,6 +99,7 @@ function salesforceCallback(req, res, next){ accessToken:sfData.accessToken, refreshToken:sfData.refreshToken }; + tokenManager.createAccessToken(profile.id, tokenData, function(err, token){ countries.countryFromPhone(profile._raw.mobile_phone, function(err, country){ var returnProfile = { @@ -155,6 +156,10 @@ function salesforceCallback(req, res, next){ data = {"roles": foundUser.roles}; } + if(config.version){ + data.deviceVersion = req.headers[config.version.header]; + } + tokenManager.createBothTokens(foundUser._id, data , function(err, tokens){ if(err) { res.send(409,{err: err.message}); From fe48f967e52a4a9decfce9f94be39a0ca1fcf921 Mon Sep 17 00:00:00 2001 From: Luis Mesas Date: Fri, 27 Nov 2015 11:08:28 -0800 Subject: [PATCH 2/3] feat: added deviceVersion to token on craetion stages --- src/routes/user.js | 40 ++++++++++++++++++++++++++-------------- 1 file changed, 26 insertions(+), 14 deletions(-) diff --git a/src/routes/user.js b/src/routes/user.js index 7fdeab3..6263458 100644 --- a/src/routes/user.js +++ b/src/routes/user.js @@ -77,20 +77,32 @@ function sendNewPassword(req, res, next){ function createUserEndpoint(req, res, next) { userMng().createUser(req.body, req.headers['x-otp-pin'], function(err, tokens){ - if (err) { - if (!err.code ) { - res.send(500, err); - } else { - var errCode = err.code; - delete(err.code); - res.send(errCode, err); - } - return next(false); - } else { - res.send(201, tokens); - return next(); - } - }); + + tokenManager.getRefreshTokenInfo(tokens.refreshToken, function(err, tokenSet){ + var userId = tokenSet.userId; + var tokenData = tokenSet.data; + + if(config.version){ + tokenData.deviceVersion = req.headers[config.version.header]; + } + + tokenManager.createBothTokens(userId, tokenData, function(err, tokens){ + if (err) { + if (!err.code ) { + res.send(500, err); + } else { + var errCode = err.code; + delete(err.code); + res.send(errCode, err); + } + return next(false); + } else { + res.send(201, tokens); + return next(); + } + }); + }); + }); } function createUserByToken(req, res, next) { From 09b90f18245b91c870c0ce23542018393fecb5ed Mon Sep 17 00:00:00 2001 From: Luis Mesas Date: Fri, 27 Nov 2015 11:13:27 -0800 Subject: [PATCH 3/3] feat: added deviceVersion to token on creation flow --- src/routes/user.js | 281 ++++++++++++++++++++++----------------------- 1 file changed, 140 insertions(+), 141 deletions(-) diff --git a/src/routes/user.js b/src/routes/user.js index 6263458..b31cf67 100644 --- a/src/routes/user.js +++ b/src/routes/user.js @@ -2,7 +2,7 @@ var RandExp = require('randexp'); var userDao = require('../managers/dao'); var config = require(process.cwd() + '/config.json'); -var cryptoMng = require('../managers/crypto')({ password : 'password' }); +var cryptoMng = require('../managers/crypto')({password: 'password'}); var emailMng = require('../managers/email'); var tokenManager = require('../managers/token'); @@ -13,50 +13,50 @@ var checkAuthHeader = require('../middlewares/authHeader.js'); var decodeToken = require('../middlewares/decodeToken.js'); var findUser = require('../middlewares/findUser.js'); -function sendNewPassword(req, res, next){ - - if(!req.params.email){ - res.send(400, { - err: 'auth_proxy_error', - des: 'empty email' - }); - return next(false); - } - - userDao.getAllUserFields(req.params.email, function(err, foundUser){ - if (!foundUser) { - res.send(404, { - err: 'user_not_found', - des: 'email does not exists' - }); - return next(false); - }else{ - var passwd = new RandExp(new RegExp(config.password.generatedRegex)).gen(); - - cryptoMng.encrypt(passwd, function(encryptedPassword){ - var fieldValue = []; - - if(Array.isArray(foundUser.password)){ - fieldValue = [foundUser.password[0], encryptedPassword]; - }else{ - fieldValue = [foundUser.password, encryptedPassword]; - } - - userDao.updateField(foundUser._id, 'password', fieldValue, function(err){ - if(err){ - res.send(500, { - err: 'auth_proxy_error', - des: 'internal error setting a new password' - }); - - return next(false); - - }else{ +function sendNewPassword(req, res, next) { + + if (!req.params.email) { + res.send(400, { + err: 'auth_proxy_error', + des: 'empty email' + }); + return next(false); + } + + userDao.getAllUserFields(req.params.email, function (err, foundUser) { + if (!foundUser) { + res.send(404, { + err: 'user_not_found', + des: 'email does not exists' + }); + return next(false); + } else { + var passwd = new RandExp(new RegExp(config.password.generatedRegex)).gen(); + + cryptoMng.encrypt(passwd, function (encryptedPassword) { + var fieldValue = []; + + if (Array.isArray(foundUser.password)) { + fieldValue = [foundUser.password[0], encryptedPassword]; + } else { + fieldValue = [foundUser.password, encryptedPassword]; + } + + userDao.updateField(foundUser._id, 'password', fieldValue, function (err) { + if (err) { + res.send(500, { + err: 'auth_proxy_error', + des: 'internal error setting a new password' + }); + + return next(false); + + } else { var data = {}; - if(foundUser.roles){ + if (foundUser.roles) { data.roles = foundUser.roles; } - tokenManager.createBothTokens(foundUser._id, data , function(err, tokens) { + tokenManager.createBothTokens(foundUser._id, data, function (err, tokens) { var link = config.emailVerification.redirectProtocol + '://user/refreshToken/' + tokens.refreshToken; emailMng().sendEmailForgotPassword(req.params.email, passwd, link, function (err) { @@ -68,123 +68,122 @@ function sendNewPassword(req, res, next){ return next(false); }); }); - } - }); - }); - } - }); + } + }); + }); + } + }); } function createUserEndpoint(req, res, next) { - userMng().createUser(req.body, req.headers['x-otp-pin'], function(err, tokens){ - - tokenManager.getRefreshTokenInfo(tokens.refreshToken, function(err, tokenSet){ - var userId = tokenSet.userId; - var tokenData = tokenSet.data; - - if(config.version){ - tokenData.deviceVersion = req.headers[config.version.header]; + userMng().createUser(req.body, req.headers['x-otp-pin'], function (err, tokens) { + if (err) { + if (!err.code) { + res.send(500, err); + } else { + var errCode = err.code; + delete(err.code); + res.send(errCode, err); } + return next(false); + } else { + tokenManager.getRefreshTokenInfo(tokens.refreshToken, function (err, tokenSet) { + var userId = tokenSet.userId; + var tokenData = tokenSet.data; + + if (config.version) { + tokenData.deviceVersion = req.headers[config.version.header]; + } - tokenManager.createBothTokens(userId, tokenData, function(err, tokens){ - if (err) { - if (!err.code ) { - res.send(500, err); - } else { - var errCode = err.code; - delete(err.code); - res.send(errCode, err); - } - return next(false); - } else { + tokenManager.createBothTokens(userId, tokenData, function (err, tokens) { res.send(201, tokens); return next(); - } + }); }); - }); + } }); } function createUserByToken(req, res, next) { - if(!req.params){ - res.send(400, { - err: 'invalid_url_params', - des: 'The call to this url must have params.' - } ); - return next(); - } - - userMng().createUserByToken(req.params.verifyToken, function(err, tokens){ - if (err) { - if (!err.code ) { - res.send(500, err); - } else { - var errCode = err.code; - delete(err.code); - res.send(errCode, err); - } - return next(false); - } else { - var compatibleDevices = config.emailVerification.compatibleEmailDevices; - var userAgent = String(req.headers['user-agent']); - - for(var i = 0; i < compatibleDevices.length; i++){ - var exp = compatibleDevices[i]; - var check = exp.replace(/\*/g,'.*'); - var match = userAgent.match(check); - var isCompatible = (match !== null && userAgent === match[0]); - if(isCompatible) { - match = userAgent.match(/.*Android.*/i); - var isAndroid = (match !== null && userAgent === match[0]); - var location = config.emailVerification.scheme + '://user/refreshToken/' + tokens.refreshToken; - - if(isAndroid){ - location = 'intent://user/refreshToken/' + tokens.refreshToken + '/#Intent;scheme=' + config.emailVerification.scheme + ';end'; - } - res.header('Location', location ); - res.send(302); - return next(false); - } - } - res.send(200, { msg: config.emailVerification.nonCompatibleEmailMsg } ); - return next(); - } - }); + if (!req.params) { + res.send(400, { + err: 'invalid_url_params', + des: 'The call to this url must have params.' + }); + return next(); + } + + userMng().createUserByToken(req.params.verifyToken, function (err, tokens) { + if (err) { + if (!err.code) { + res.send(500, err); + } else { + var errCode = err.code; + delete(err.code); + res.send(errCode, err); + } + return next(false); + } else { + var compatibleDevices = config.emailVerification.compatibleEmailDevices; + var userAgent = String(req.headers['user-agent']); + + for (var i = 0; i < compatibleDevices.length; i++) { + var exp = compatibleDevices[i]; + var check = exp.replace(/\*/g, '.*'); + var match = userAgent.match(check); + var isCompatible = (match !== null && userAgent === match[0]); + if (isCompatible) { + match = userAgent.match(/.*Android.*/i); + var isAndroid = (match !== null && userAgent === match[0]); + var location = config.emailVerification.scheme + '://user/refreshToken/' + tokens.refreshToken; + + if (isAndroid) { + location = 'intent://user/refreshToken/' + tokens.refreshToken + '/#Intent;scheme=' + config.emailVerification.scheme + ';end'; + } + res.header('Location', location); + res.send(302); + return next(false); + } + } + res.send(200, {msg: config.emailVerification.nonCompatibleEmailMsg}); + return next(); + } + }); } -function setPassword(req, res, next){ - if(!req.body){ - res.send(400, { - err: 'invalid_body', - des: 'The call to this url must have body.' - } ); - return next(); - } - - userMng().setPassword(req.user._id, req.body, function(err){ - if (err) { - if (!err.code ) { - res.send(500, err); - } else { - var errCode = err.code; - delete(err.code); - res.send(errCode, err); - } - return next(false); - } else { - res.send(204); - return next(); - } - }); +function setPassword(req, res, next) { + if (!req.body) { + res.send(400, { + err: 'invalid_body', + des: 'The call to this url must have body.' + }); + return next(); + } + + userMng().setPassword(req.user._id, req.body, function (err) { + if (err) { + if (!err.code) { + res.send(500, err); + } else { + var errCode = err.code; + delete(err.code); + res.send(errCode, err); + } + return next(false); + } else { + res.send(204); + return next(); + } + }); } -function addRoutes(service){ - service.get('/user/:email/password', sendNewPassword); +function addRoutes(service) { + service.get('/user/:email/password', sendNewPassword); - service.post(config.passThroughEndpoint.path, createUserEndpoint); - service.get('/user/activate', createUserByToken); + service.post(config.passThroughEndpoint.path, createUserEndpoint); + service.get('/user/activate', createUserByToken); - service.put('/user/me/password', checkAccessTokenParam, checkAuthHeader, decodeToken, findUser, setPassword); + service.put('/user/me/password', checkAccessTokenParam, checkAuthHeader, decodeToken, findUser, setPassword); } module.exports = addRoutes;