ToolJet/server/src/services/auth.service.ts

import { Injectable, NotFoundException, UnauthorizedException } from '@nestjs/common';
import { UsersService } from './users.service';
import { OrganizationsService } from './organizations.service';
import { JwtService } from '@nestjs/jwt';
import { User } from '../entities/user.entity';
import { OrganizationUsersService } from './organization_users.service';
import { EmailService } from './email.service';
const bcrypt = require('bcrypt');
const uuid = require('uuid');

@Injectable()
export class AuthService {
  constructor(
    private usersService: UsersService,
    private jwtService: JwtService,
    private organizationsService: OrganizationsService,
    private organizationUsersService: OrganizationUsersService,
    private emailService: EmailService
  ) {}

  async validateUser(email: string, password: string): Promise<User> {
    const user = await this.usersService.findByEmail(email);

    if (!user) return null;

    const isVerified = await bcrypt.compare(password, user.password);

    return isVerified ? user : null;
  }

  async login(params: any) {
    const user = await this.validateUser(params.email, params.password);

    if (user) {
      const payload = { username: user.id, sub: user.email };

      return {
        auth_token: this.jwtService.sign(payload),
        email: user.email,
        first_name: user.firstName,
        last_name: user.lastName,
        role: user.role,
      };
    } else {
      throw new UnauthorizedException('Invalid credentials');
    }
  }

  async signup(params: any) {
    // Check if the installation allows user signups
    if (process.env.DISABLE_SIGNUPS === 'true') {
      return {};
    }

    const { email } = params;
    const organization = await this.organizationsService.create('Untitled organization');
    const user = await this.usersService.create({ email }, organization);
    // eslint-disable-next-line @typescript-eslint/no-unused-vars
    const organizationUser = await this.organizationUsersService.create(user, organization, 'admin');

    this.emailService.sendWelcomeEmail(user.email, user.firstName, user.invitationToken);

    return user;
  }

  async forgotPassword(email: string) {
    const user = await this.usersService.findByEmail(email);
    const forgotPasswordToken = uuid.v4();
    this.usersService.update(user.id, { forgotPasswordToken });
    this.emailService.sendPasswordResetEmail(email, forgotPasswordToken);
  }

  async resetPassword(token: string, password: string) {
    const user = await this.usersService.findByPasswordResetToken(token);
    if (!user) {
      throw new NotFoundException('Invalid token');
    } else {
      this.usersService.update(user.id, { password, forgotPasswordToken: null });
    }
  }
}
Feature: Reset password 2021-07-26 16:02:47 +00:00			`import { Injectable, NotFoundException, UnauthorizedException } from '@nestjs/common';`
Organise modules, controllers & services 2021-07-11 05:39:55 +00:00			`import { UsersService } from './users.service';`
Endpoint: user signup 2021-07-19 05:42:16 +00:00			`import { OrganizationsService } from './organizations.service';`
Set up typeORM & JWT authentication 2021-07-08 07:39:07 +00:00			`import { JwtService } from '@nestjs/jwt';`
Endpoint: add apps to folder 2021-07-11 05:13:51 +00:00			`import { User } from '../entities/user.entity';`
Endpoint: user signup 2021-07-19 05:42:16 +00:00			`import { OrganizationUsersService } from './organization_users.service';`
Feature: Nodemailer integration, welcome emails 2021-07-26 14:30:12 +00:00			`import { EmailService } from './email.service';`
Set up typeORM & JWT authentication 2021-07-08 07:39:07 +00:00			`const bcrypt = require('bcrypt');`
Fix linting errors across the app (#785) * eslint-setup: rules for frontend and server * setup pre-commit:hook * frontend:eslint fixes * frontend eslint errors and warning fixed * eslint:fix for ./server * fix server/test: expectatin string lint/error * pre-commit:updated * removed unwanted install cmd from docker file * recommended settings and extension for vscode * husky prepare script added * updated extension recommendations * added prettier as recommended extension * added pre-commit to package.json * remove .prettierrc file * resolve changes * resolve changes 2021-09-21 13:48:28 +00:00			`const uuid = require('uuid');`
Set up typeORM & JWT authentication 2021-07-08 07:39:07 +00:00
			`@Injectable()`
			`export class AuthService {`
			`constructor(`
			`private usersService: UsersService,`
Endpoint: user signup 2021-07-19 05:42:16 +00:00			`private jwtService: JwtService,`
			`private organizationsService: OrganizationsService,`
Feature: Nodemailer integration, welcome emails 2021-07-26 14:30:12 +00:00			`private organizationUsersService: OrganizationUsersService,`
Fix linting errors across the app (#785) * eslint-setup: rules for frontend and server * setup pre-commit:hook * frontend:eslint fixes * frontend eslint errors and warning fixed * eslint:fix for ./server * fix server/test: expectatin string lint/error * pre-commit:updated * removed unwanted install cmd from docker file * recommended settings and extension for vscode * husky prepare script added * updated extension recommendations * added prettier as recommended extension * added pre-commit to package.json * remove .prettierrc file * resolve changes * resolve changes 2021-09-21 13:48:28 +00:00			`private emailService: EmailService`
			`) {}`
Set up typeORM & JWT authentication 2021-07-08 07:39:07 +00:00
			`async validateUser(email: string, password: string): Promise<User> {`
			`const user = await this.usersService.findByEmail(email);`

Fix linting errors across the app (#785) * eslint-setup: rules for frontend and server * setup pre-commit:hook * frontend:eslint fixes * frontend eslint errors and warning fixed * eslint:fix for ./server * fix server/test: expectatin string lint/error * pre-commit:updated * removed unwanted install cmd from docker file * recommended settings and extension for vscode * husky prepare script added * updated extension recommendations * added prettier as recommended extension * added pre-commit to package.json * remove .prettierrc file * resolve changes * resolve changes 2021-09-21 13:48:28 +00:00			`if (!user) return null;`
Hashing passwords using beforeInsert & beforeUpdate 2021-07-10 07:01:13 +00:00
			`const isVerified = await bcrypt.compare(password, user.password);`
Set up typeORM & JWT authentication 2021-07-08 07:39:07 +00:00
			`return isVerified ? user : null;`
			`}`

			`async login(params: any) {`
			`const user = await this.validateUser(params.email, params.password);`

			`if (user) {`
			`const payload = { username: user.id, sub: user.email };`

			`return {`
Apps endpoint with pagination 2021-07-10 13:54:32 +00:00			`auth_token: this.jwtService.sign(payload),`
Send first name, last name and email as part of response to login (#481) 2021-08-09 12:10:44 +00:00			`email: user.email,`
			`first_name: user.firstName,`
Feature: Apps should only be edited by the admin or developer of the organisation. (#724) * hide edit button for role:"user" * probably one solution * role=viewer cannot edit apps * unused imports removed 2021-09-10 09:40:23 +00:00			`last_name: user.lastName,`
Fix linting errors across the app (#785) * eslint-setup: rules for frontend and server * setup pre-commit:hook * frontend:eslint fixes * frontend eslint errors and warning fixed * eslint:fix for ./server * fix server/test: expectatin string lint/error * pre-commit:updated * removed unwanted install cmd from docker file * recommended settings and extension for vscode * husky prepare script added * updated extension recommendations * added prettier as recommended extension * added pre-commit to package.json * remove .prettierrc file * resolve changes * resolve changes 2021-09-21 13:48:28 +00:00			`role: user.role,`
Set up typeORM & JWT authentication 2021-07-08 07:39:07 +00:00			`};`
			`} else {`
			`throw new UnauthorizedException('Invalid credentials');`
			`}`
			`}`
Endpoint: user signup 2021-07-19 05:42:16 +00:00
			`async signup(params: any) {`
			`// Check if the installation allows user signups`
Fix linting errors across the app (#785) * eslint-setup: rules for frontend and server * setup pre-commit:hook * frontend:eslint fixes * frontend eslint errors and warning fixed * eslint:fix for ./server * fix server/test: expectatin string lint/error * pre-commit:updated * removed unwanted install cmd from docker file * recommended settings and extension for vscode * husky prepare script added * updated extension recommendations * added prettier as recommended extension * added pre-commit to package.json * remove .prettierrc file * resolve changes * resolve changes 2021-09-21 13:48:28 +00:00			`if (process.env.DISABLE_SIGNUPS === 'true') {`
			`return {};`
Endpoint: user signup 2021-07-19 05:42:16 +00:00			`}`
Fix linting errors across the app (#785) * eslint-setup: rules for frontend and server * setup pre-commit:hook * frontend:eslint fixes * frontend eslint errors and warning fixed * eslint:fix for ./server * fix server/test: expectatin string lint/error * pre-commit:updated * removed unwanted install cmd from docker file * recommended settings and extension for vscode * husky prepare script added * updated extension recommendations * added prettier as recommended extension * added pre-commit to package.json * remove .prettierrc file * resolve changes * resolve changes 2021-09-21 13:48:28 +00:00
Endpoint: user signup 2021-07-19 05:42:16 +00:00			`const { email } = params;`
			`const organization = await this.organizationsService.create('Untitled organization');`
Endpoint for creating new organization users 2021-07-19 09:36:34 +00:00			`const user = await this.usersService.create({ email }, organization);`
Fix linting errors across the app (#785) * eslint-setup: rules for frontend and server * setup pre-commit:hook * frontend:eslint fixes * frontend eslint errors and warning fixed * eslint:fix for ./server * fix server/test: expectatin string lint/error * pre-commit:updated * removed unwanted install cmd from docker file * recommended settings and extension for vscode * husky prepare script added * updated extension recommendations * added prettier as recommended extension * added pre-commit to package.json * remove .prettierrc file * resolve changes * resolve changes 2021-09-21 13:48:28 +00:00			`// eslint-disable-next-line @typescript-eslint/no-unused-vars`
Endpoint: user signup 2021-07-19 05:42:16 +00:00			`const organizationUser = await this.organizationUsersService.create(user, organization, 'admin');`

Feature: Nodemailer integration, welcome emails 2021-07-26 14:30:12 +00:00			`this.emailService.sendWelcomeEmail(user.email, user.firstName, user.invitationToken);`

Endpoint: user signup 2021-07-19 05:42:16 +00:00			`return user;`
Feature: Reset password 2021-07-26 16:02:47 +00:00			`}`

			`async forgotPassword(email: string) {`
			`const user = await this.usersService.findByEmail(email);`
			`const forgotPasswordToken = uuid.v4();`
Feature: Check for updates 2021-07-26 17:14:14 +00:00			`this.usersService.update(user.id, { forgotPasswordToken });`
Feature: Reset password 2021-07-26 16:02:47 +00:00			`this.emailService.sendPasswordResetEmail(email, forgotPasswordToken);`
			`}`

			`async resetPassword(token: string, password: string) {`
			`const user = await this.usersService.findByPasswordResetToken(token);`
Fix linting errors across the app (#785) * eslint-setup: rules for frontend and server * setup pre-commit:hook * frontend:eslint fixes * frontend eslint errors and warning fixed * eslint:fix for ./server * fix server/test: expectatin string lint/error * pre-commit:updated * removed unwanted install cmd from docker file * recommended settings and extension for vscode * husky prepare script added * updated extension recommendations * added prettier as recommended extension * added pre-commit to package.json * remove .prettierrc file * resolve changes * resolve changes 2021-09-21 13:48:28 +00:00			`if (!user) {`
			`throw new NotFoundException('Invalid token');`
Feature: Reset password 2021-07-26 16:02:47 +00:00			`} else {`
Feature: Check for updates 2021-07-26 17:14:14 +00:00			`this.usersService.update(user.id, { password, forgotPasswordToken: null });`
Feature: Reset password 2021-07-26 16:02:47 +00:00			`}`
Endpoint: user signup 2021-07-19 05:42:16 +00:00			`}`
Set up typeORM & JWT authentication 2021-07-08 07:39:07 +00:00			`}`