Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
{
username: user && user.username,
email: user && user.email,
},
400,
);
}
// In case where password is an object we assume it was prevalidated and hashed
if (!user.password ||
(isString(user.password) && !validators.validatePassword(user.password))) {
throw new AccountsError('Password is required');
}
if (!validators.validateUsername(user.username) && !validators.validateEmail(user.email)) {
throw new AccountsError('Username or Email is required');
}
const hashAlgorithm = this.options.passwordHashAlgorithm;
const password = (user.password && hashAlgorithm) ?
hashPassword(user.password, hashAlgorithm) : user.password;
const userToCreate = { ...user, password };
try {
const userId = await this.transport.createUser(userToCreate);
const { onUserCreated } = this.options;
if (callback && isFunction(callback)) {
callback();
}
if (isFunction(onUserCreated)) {
try {
await onUserCreated({ id: userId });
} catch (err) {
async createUser(user: CreateUserType, callback: ?Function): Promise {
if (!user || user.password === undefined) {
throw new AccountsError(
'Unrecognized options for create user request',
{
username: user && user.username,
email: user && user.email,
},
400,
);
}
// In case where password is an object we assume it was prevalidated and hashed
if (!user.password ||
(isString(user.password) && !validators.validatePassword(user.password))) {
throw new AccountsError('Password is required');
}
if (!validators.validateUsername(user.username) && !validators.validateEmail(user.email)) {
'Unrecognized options for create user request',
{
username: user && user.username,
email: user && user.email,
},
400,
);
}
// In case where password is an object we assume it was prevalidated and hashed
if (!user.password ||
(isString(user.password) && !validators.validatePassword(user.password))) {
throw new AccountsError('Password is required');
}
if (!validators.validateUsername(user.username) && !validators.validateEmail(user.email)) {
throw new AccountsError('Username or Email is required');
}
const hashAlgorithm = this.options.passwordHashAlgorithm;
const password = (user.password && hashAlgorithm) ?
hashPassword(user.password, hashAlgorithm) : user.password;
const userToCreate = { ...user, password };
try {
const userId = await this.transport.createUser(userToCreate);
const { onUserCreated } = this.options;
if (callback && isFunction(callback)) {
callback();
}
if (isFunction(onUserCreated)) {
try {
await onUserCreated({ id: userId });
async createUser(user: CreateUserType, callback: ?Function): Promise {
if (!user || user.password === undefined) {
throw new AccountsError(
'Unrecognized options for create user request',
{
username: user && user.username,
email: user && user.email,
},
400,
);
}
// In case where password is an object we assume it was prevalidated and hashed
if (!user.password ||
(isString(user.password) && !validators.validatePassword(user.password))) {
throw new AccountsError('Password is required');
}
if (!validators.validateUsername(user.username) && !validators.validateEmail(user.email)) {
throw new AccountsError('Username or Email is required');
}
const hashAlgorithm = this.options.passwordHashAlgorithm;
const password = (user.password && hashAlgorithm) ?
hashPassword(user.password, hashAlgorithm) : user.password;
const userToCreate = { ...user, password };
try {
const userId = await this.transport.createUser(userToCreate);
const { onUserCreated } = this.options;
if (callback && isFunction(callback)) {
callback();
async loginWithPassword(user: PasswordLoginUserType,
password: ?PasswordType,
callback?: Function): Promise {
if (!password || !user) {
throw new AccountsError('Unrecognized options for login request', user, 400);
}
if ((!isString(user) && !isValidUserObject(user)) || !isString(password)) {
throw new AccountsError('Match failed', user, 400);
}
this.store.dispatch(loggingIn(true));
try {
const hashAlgorithm = this.options.passwordHashAlgorithm;
const pass = hashAlgorithm ? hashPassword(password, hashAlgorithm) : password;
const res: LoginReturnType = await this.transport.loginWithPassword(user, pass);
this.store.dispatch(loggingIn(false));
await this.storeTokens(res.tokens);
this.store.dispatch(setTokens(res.tokens));
this.store.dispatch(setUser(res.user));
async loginWithPassword(user: PasswordLoginUserType,
password: ?PasswordType,
callback?: Function): Promise {
if (!password || !user) {
throw new AccountsError('Unrecognized options for login request', user, 400);
}
if ((!isString(user) && !isValidUserObject(user)) || !isString(password)) {
throw new AccountsError('Match failed', user, 400);
}
this.store.dispatch(loggingIn(true));
try {
const hashAlgorithm = this.options.passwordHashAlgorithm;
const pass = hashAlgorithm ? hashPassword(password, hashAlgorithm) : password;
const res: LoginReturnType = await this.transport.loginWithPassword(user, pass);
this.store.dispatch(loggingIn(false));
await this.storeTokens(res.tokens);
this.store.dispatch(setTokens(res.tokens));
this.store.dispatch(setUser(res.user));
if (this.options.onSignedInHook && isFunction(this.options.onSignedInHook)) {
this.options.onSignedInHook();
}
async requestVerificationEmail(email: string): Promise {
if (!validators.validateEmail(email)) throw new AccountsError('Valid email must be provided');
try {
await this.transport.sendVerificationEmail(email);
} catch (err) {
throw new AccountsError(err.message);
}
}
}
this.clearTokens();
this.store.dispatch(clearUser());
if (callback && isFunction(callback)) {
callback();
}
if (this.options.onSignedOutHook) {
this.options.onSignedOutHook();
}
} catch (err) {
this.clearTokens();
this.store.dispatch(clearUser());
if (callback && isFunction(callback)) {
callback(err);
}
throw new AccountsError(err.message);
}
}
async impersonate(username: string): Promise {
if (!isString(username)) {
throw new AccountsError('Username is required');
}
if (this.isImpersonated()) {
throw new AccountsError('User already impersonating');
}
const { accessToken, refreshToken } = await this.tokens();
if (!accessToken) {
throw new AccountsError('There is no access tokens available');
}
const res = await this.transport.impersonate(accessToken, username);
if (!res.authorized) {
throw new AccountsError(`User unauthorized to impersonate ${username}`);
} else {
const { persistImpersonation } = this.options;
this.store.dispatch(setImpersonated(true));
this.store.dispatch(setOriginalTokens({ accessToken, refreshToken }));
if (persistImpersonation) {
async impersonate(username: string): Promise {
if (!isString(username)) {
throw new AccountsError('Username is required');
}
if (this.isImpersonated()) {
throw new AccountsError('User already impersonating');
}
const { accessToken, refreshToken } = await this.tokens();
if (!accessToken) {
throw new AccountsError('There is no access tokens available');
}
const res = await this.transport.impersonate(accessToken, username);
if (!res.authorized) {
throw new AccountsError(`User unauthorized to impersonate ${username}`);
} else {
const { persistImpersonation } = this.options;
this.store.dispatch(setImpersonated(true));
this.store.dispatch(setOriginalTokens({ accessToken, refreshToken }));
if (persistImpersonation) {
await this.storeOriginalTokens({ accessToken, refreshToken });
await this.storeTokens(res.tokens);
}
this.store.dispatch(setTokens(res.tokens));