diff --git a/backend/src/controllers/v1/authController.ts b/backend/src/controllers/v1/authController.ts index 6f6a147bb1..b4854bd3ee 100644 --- a/backend/src/controllers/v1/authController.ts +++ b/backend/src/controllers/v1/authController.ts @@ -13,7 +13,7 @@ import { } from '../../variables'; import { BadRequestError } from '../../utils/errors'; import { EELogService } from '../../ee/services'; -import { getChannelFromUserAgent } from '../../utils/posthog'; // TODO: move this +import { getChannelFromUserAgent } from '../../utils/posthog'; import { getJwtRefreshSecret, getJwtAuthLifetime, @@ -24,6 +24,7 @@ import { declare module 'jsonwebtoken' { export interface UserIDJwtPayload extends jwt.JwtPayload { userId: string; + refreshVersion?: number; } } @@ -173,9 +174,7 @@ export const login2 = async (req: Request, res: Response) => { */ export const logout = async (req: Request, res: Response) => { try { - await clearTokens({ - userId: req.user._id.toString() - }); + await clearTokens(req.user._id); // clear httpOnly cookie res.cookie('jid', '', { @@ -223,7 +222,7 @@ export const checkAuth = async (req: Request, res: Response) => { } /** - * Return new token by redeeming refresh token + * Return new JWT access token by first validating the refresh token * @param req * @param res * @returns @@ -233,7 +232,7 @@ export const getNewToken = async (req: Request, res: Response) => { const refreshToken = req.cookies.jid; if (!refreshToken) { - throw new Error('Failed to find token in request cookies'); + throw new Error('Failed to find refresh token in request cookies'); } const decodedToken = ( @@ -242,12 +241,16 @@ export const getNewToken = async (req: Request, res: Response) => { const user = await User.findOne({ _id: decodedToken.userId - }).select('+publicKey'); + }).select('+publicKey +refreshVersion'); if (!user) throw new Error('Failed to authenticate unfound user'); if (!user?.publicKey) throw new Error('Failed to authenticate not fully set up account'); + if (decodedToken?.refreshVersion !== user.refreshVersion) throw BadRequestError({ + message: 'Failed to validate refresh token' + }); + const token = createToken({ payload: { userId: decodedToken.userId diff --git a/backend/src/controllers/v1/passwordController.ts b/backend/src/controllers/v1/passwordController.ts index f0e5ee3db2..bf8f5f1521 100644 --- a/backend/src/controllers/v1/passwordController.ts +++ b/backend/src/controllers/v1/passwordController.ts @@ -4,12 +4,20 @@ import * as Sentry from '@sentry/node'; const jsrp = require('jsrp'); import * as bigintConversion from 'bigint-conversion'; import { User, BackupPrivateKey, LoginSRPDetail } from '../../models'; -import { createToken } from '../../helpers/auth'; -import { sendMail } from '../../helpers/nodemailer'; +import { + createToken, + sendMail, + clearTokens +} from '../../helpers'; import { TokenService } from '../../services'; import { TOKEN_EMAIL_PASSWORD_RESET } from '../../variables'; import { BadRequestError } from '../../utils/errors'; -import { getSiteURL, getJwtSignupLifetime, getJwtSignupSecret } from '../../config'; +import { + getSiteURL, + getJwtSignupLifetime, + getJwtSignupSecret, + getHttpsEnabled +} from '../../config'; /** * Password reset step 1: Send email verification link to email [email] @@ -117,6 +125,7 @@ export const emailPasswordResetVerify = async (req: Request, res: Response) => { */ export const srp1 = async (req: Request, res: Response) => { // return salt, serverPublicKey as part of first step of SRP protocol + try { const { clientPublicKey } = req.body; const user = await User.findOne({ @@ -221,6 +230,17 @@ export const changePassword = async (req: Request, res: Response) => { new: true } ); + + // await clearTokens(user._id); + + // // clear httpOnly cookie + + // res.cookie('jid', '', { + // httpOnly: true, + // path: '/', + // sameSite: 'strict', + // secure: (await getHttpsEnabled()) as boolean + // }); return res.status(200).send({ message: 'Successfully changed password' diff --git a/backend/src/helpers/auth.ts b/backend/src/helpers/auth.ts index 2623d31536..c921fcf6f5 100644 --- a/backend/src/helpers/auth.ts +++ b/backend/src/helpers/auth.ts @@ -34,7 +34,7 @@ import { * @param {Object} obj * @param {Object} obj.headers - HTTP request headers object */ -const validateAuthMode = ({ +export const validateAuthMode = ({ headers, acceptedAuthModes }: { @@ -96,7 +96,7 @@ const validateAuthMode = ({ * @param {String} obj.authTokenValue - JWT token value * @returns {User} user - user corresponding to JWT token */ -const getAuthUserPayload = async ({ +export const getAuthUserPayload = async ({ authTokenValue }: { authTokenValue: string; @@ -122,7 +122,7 @@ const getAuthUserPayload = async ({ * @param {String} obj.authTokenValue - service token value * @returns {ServiceTokenData} serviceTokenData - service token data */ -const getAuthSTDPayload = async ({ +export const getAuthSTDPayload = async ({ authTokenValue }: { authTokenValue: string; @@ -168,7 +168,7 @@ const getAuthSTDPayload = async ({ * @param {String} obj.authTokenValue - service account access token value * @returns {ServiceAccount} serviceAccount */ -const getAuthSAAKPayload = async ({ +export const getAuthSAAKPayload = async ({ authTokenValue }: { authTokenValue: string; @@ -197,7 +197,7 @@ const getAuthSAAKPayload = async ({ * @param {String} obj.authTokenValue - API key value * @returns {APIKeyData} apiKeyData - API key data */ -const getAuthAPIKeyPayload = async ({ +export const getAuthAPIKeyPayload = async ({ authTokenValue }: { authTokenValue: string; @@ -254,7 +254,10 @@ const getAuthAPIKeyPayload = async ({ * @return {String} obj.token - issued JWT token * @return {String} obj.refreshToken - issued refresh token */ -const issueAuthTokens = async ({ userId }: { userId: string }) => { +export const issueAuthTokens = async ({ userId }: { userId: string }) => { + + const user = await User.findById(userId).select('+refreshVersion'); + if (!user) throw AccountNotFoundError(); // issue tokens const token = createToken({ @@ -267,7 +270,8 @@ const issueAuthTokens = async ({ userId }: { userId: string }) => { const refreshToken = createToken({ payload: { - userId + userId, + refreshVersion: user.refreshVersion }, expiresIn: await getJwtRefreshLifetime(), secret: await getJwtRefreshSecret() @@ -284,9 +288,9 @@ const issueAuthTokens = async ({ userId }: { userId: string }) => { * @param {Object} obj * @param {String} obj.userId - id of user whose tokens are cleared. */ -const clearTokens = async ({ userId }: { userId: string }): Promise => { +export const clearTokens = async (userId: Types.ObjectId): Promise => { // increment refreshVersion on user by 1 - User.findOneAndUpdate({ + await User.findOneAndUpdate({ _id: userId }, { $inc: { @@ -303,7 +307,7 @@ const clearTokens = async ({ userId }: { userId: string }): Promise => { * @param {String} obj.secret - (JWT) secret such as [JWT_AUTH_SECRET] * @param {String} obj.expiresIn - string describing time span such as '10h' or '7d' */ -const createToken = ({ +export const createToken = ({ payload, expiresIn, secret @@ -315,15 +319,4 @@ const createToken = ({ return jwt.sign(payload, secret, { expiresIn }); -}; - -export { - validateAuthMode, - getAuthUserPayload, - getAuthSTDPayload, - getAuthSAAKPayload, - getAuthAPIKeyPayload, - createToken, - issueAuthTokens, - clearTokens -}; +}; \ No newline at end of file diff --git a/backend/src/helpers/bot.ts b/backend/src/helpers/bot.ts index 04dfd7e365..e93ab6a8bc 100644 --- a/backend/src/helpers/bot.ts +++ b/backend/src/helpers/bot.ts @@ -31,7 +31,7 @@ import { InternalServerError } from "../utils/errors"; * @param {String} obj.name - name of bot * @param {String} obj.workspaceId - id of workspace that bot belongs to */ -const createBot = async ({ +export const createBot = async ({ name, workspaceId, }: { @@ -93,7 +93,7 @@ const createBot = async ({ * @param {String} obj.workspaceId - id of workspace * @param {String} obj.environment - environment */ -const getSecretsHelper = async ({ +export const getSecretsBotHelper = async ({ workspaceId, environment, }: { @@ -136,7 +136,7 @@ const getSecretsHelper = async ({ * @param {String} obj.workspaceId - id of workspace * @returns {String} key - decrypted workspace key */ -const getKey = async ({ workspaceId }: { workspaceId: string }) => { +export const getKey = async ({ workspaceId }: { workspaceId: string }) => { const encryptionKey = await getEncryptionKey(); const rootEncryptionKey = await getRootEncryptionKey(); @@ -194,7 +194,7 @@ const getKey = async ({ workspaceId }: { workspaceId: string }) => { * @param {String} obj1.workspaceId - id of workspace * @param {String} obj1.plaintext - plaintext to encrypt */ -const encryptSymmetricHelper = async ({ +export const encryptSymmetricHelper = async ({ workspaceId, plaintext, }: { @@ -222,7 +222,7 @@ const encryptSymmetricHelper = async ({ * @param {String} obj.iv - iv * @param {String} obj.tag - tag */ -const decryptSymmetricHelper = async ({ +export const decryptSymmetricHelper = async ({ workspaceId, ciphertext, iv, @@ -242,11 +242,4 @@ const decryptSymmetricHelper = async ({ }); return plaintext; -}; - -export { - createBot, - getSecretsHelper, - encryptSymmetricHelper, - decryptSymmetricHelper -}; +}; \ No newline at end of file diff --git a/backend/src/helpers/database.ts b/backend/src/helpers/database.ts index fa8c351552..b9284bbf8c 100644 --- a/backend/src/helpers/database.ts +++ b/backend/src/helpers/database.ts @@ -7,7 +7,7 @@ import { getLogger } from '../utils/logger'; * @param {String} obj.mongoURL - mongo connection string * @returns */ -const initDatabaseHelper = async ({ +export const initDatabaseHelper = async ({ mongoURL }: { mongoURL: string; @@ -30,7 +30,7 @@ const initDatabaseHelper = async ({ /** * Close database conection */ -const closeDatabaseHelper = async () => { +export const closeDatabaseHelper = async () => { return Promise.all([ new Promise((resolve) => { if (mongoose.connection && mongoose.connection.readyState == 1) { @@ -41,9 +41,4 @@ const closeDatabaseHelper = async () => { } }) ]); -} - -export { - initDatabaseHelper, - closeDatabaseHelper } \ No newline at end of file diff --git a/backend/src/helpers/event.ts b/backend/src/helpers/event.ts index c58da5b706..47c2437494 100644 --- a/backend/src/helpers/event.ts +++ b/backend/src/helpers/event.ts @@ -18,7 +18,7 @@ interface Event { * @param {String} obj.event.workspaceId - id of workspace that event is part of * @param {Object} obj.event.payload - payload of event (depends on event) */ -const handleEventHelper = async ({ event }: { event: Event }) => { +export const handleEventHelper = async ({ event }: { event: Event }) => { const { workspaceId, environment } = event; // TODO: moduralize bot check into separate function @@ -37,6 +37,4 @@ const handleEventHelper = async ({ event }: { event: Event }) => { }); break; } -}; - -export { handleEventHelper }; +}; \ No newline at end of file diff --git a/backend/src/helpers/index.ts b/backend/src/helpers/index.ts new file mode 100644 index 0000000000..b9d85f8713 --- /dev/null +++ b/backend/src/helpers/index.ts @@ -0,0 +1,17 @@ +export * from './auth'; +export * from './bot'; +export * from './database'; +export * from './event'; +export * from './integration'; +export * from './key'; +export * from './membership'; +export * from './membershipOrg'; +export * from './nodemailer'; +export * from './organization'; +export * from './rateLimiter'; +export * from './secret'; +export * from './secrets'; +export * from './signup'; +export * from './token'; +export * from './user'; +export * from './workspace'; \ No newline at end of file diff --git a/backend/src/helpers/integration.ts b/backend/src/helpers/integration.ts index 4d26bded9c..316ce1c890 100644 --- a/backend/src/helpers/integration.ts +++ b/backend/src/helpers/integration.ts @@ -37,7 +37,7 @@ interface Update { * @param {String} obj.code - code * @returns {IntegrationAuth} integrationAuth - integration auth after OAuth2 code-token exchange */ -const handleOAuthExchangeHelper = async ({ +export const handleOAuthExchangeHelper = async ({ workspaceId, integration, code, @@ -118,7 +118,7 @@ const handleOAuthExchangeHelper = async ({ * @param {Object} obj * @param {Object} obj.workspaceId - id of workspace */ -const syncIntegrationsHelper = async ({ +export const syncIntegrationsHelper = async ({ workspaceId, environment }: { @@ -177,7 +177,7 @@ const syncIntegrationsHelper = async ({ * @param {String} obj.integrationAuthId - id of integration auth * @param {String} refreshToken - decrypted refresh token */ - const getIntegrationAuthRefreshHelper = async ({ integrationAuthId }: { integrationAuthId: Types.ObjectId }) => { +export const getIntegrationAuthRefreshHelper = async ({ integrationAuthId }: { integrationAuthId: Types.ObjectId }) => { let refreshToken; try { @@ -214,7 +214,7 @@ const syncIntegrationsHelper = async ({ * @param {String} obj.integrationAuthId - id of integration auth * @returns {String} accessToken - decrypted access token */ -const getIntegrationAuthAccessHelper = async ({ integrationAuthId }: { integrationAuthId: Types.ObjectId }) => { +export const getIntegrationAuthAccessHelper = async ({ integrationAuthId }: { integrationAuthId: Types.ObjectId }) => { let accessId; let accessToken; try { @@ -277,7 +277,7 @@ const getIntegrationAuthAccessHelper = async ({ integrationAuthId }: { integrati * @param {String} obj.integrationAuthId - id of integration auth * @param {String} obj.refreshToken - refresh token */ -const setIntegrationAuthRefreshHelper = async ({ +export const setIntegrationAuthRefreshHelper = async ({ integrationAuthId, refreshToken }: { @@ -326,7 +326,7 @@ const setIntegrationAuthRefreshHelper = async ({ * @param {String} obj.accessToken - access token * @param {Date} obj.accessExpiresAt - expiration date of access token */ -const setIntegrationAuthAccessHelper = async ({ +export const setIntegrationAuthAccessHelper = async ({ integrationAuthId, accessId, accessToken, @@ -378,13 +378,4 @@ const setIntegrationAuthAccessHelper = async ({ } return integrationAuth; -} - -export { - handleOAuthExchangeHelper, - syncIntegrationsHelper, - getIntegrationAuthRefreshHelper, - getIntegrationAuthAccessHelper, - setIntegrationAuthRefreshHelper, - setIntegrationAuthAccessHelper -} +} \ No newline at end of file diff --git a/backend/src/helpers/key.ts b/backend/src/helpers/key.ts index bbd15ba585..afb4f6396b 100644 --- a/backend/src/helpers/key.ts +++ b/backend/src/helpers/key.ts @@ -17,7 +17,7 @@ interface Key { * @param {String} obj.keys.nonce - nonce for encryption * @param {String} obj.keys.userId - id of receiver user */ -const pushKeys = async ({ +export const pushKeys = async ({ userId, workspaceId, keys @@ -50,6 +50,4 @@ const pushKeys = async ({ workspace: workspaceId })) ); -}; - -export { pushKeys }; +}; \ No newline at end of file diff --git a/backend/src/helpers/membership.ts b/backend/src/helpers/membership.ts index a78100248b..70c42be23e 100644 --- a/backend/src/helpers/membership.ts +++ b/backend/src/helpers/membership.ts @@ -17,7 +17,7 @@ import { * @param {String} obj.workspaceId - id of workspace * @returns {Membership} membership - membership of user with id [userId] for workspace with id [workspaceId] */ -const validateMembership = async ({ +export const validateMembership = async ({ userId, workspaceId, acceptedRoles, @@ -50,7 +50,7 @@ const validateMembership = async ({ * @param {Object} queryObj - query object * @return {Object} membership - membership */ -const findMembership = async (queryObj: any) => { +export const findMembership = async (queryObj: any) => { let membership; try { membership = await Membership.findOne(queryObj); @@ -71,7 +71,7 @@ const findMembership = async (queryObj: any) => { * @param {String} obj.workspaceId - id of workspace. * @param {String[]} obj.roles - roles of users. */ -const addMemberships = async ({ +export const addMemberships = async ({ userIds, workspaceId, roles @@ -112,7 +112,7 @@ const addMemberships = async ({ * @param {Object} obj * @param {String} obj.membershipId - id of membership to delete */ -const deleteMembership = async ({ membershipId }: { membershipId: string }) => { +export const deleteMembership = async ({ membershipId }: { membershipId: string }) => { let deletedMembership; try { deletedMembership = await Membership.findOneAndDelete({ @@ -134,11 +134,4 @@ const deleteMembership = async ({ membershipId }: { membershipId: string }) => { } return deletedMembership; -}; - -export { - validateMembership, - addMemberships, - findMembership, - deleteMembership -}; +}; \ No newline at end of file diff --git a/backend/src/helpers/membershipOrg.ts b/backend/src/helpers/membershipOrg.ts index b5f4bb3663..f29f3cec02 100644 --- a/backend/src/helpers/membershipOrg.ts +++ b/backend/src/helpers/membershipOrg.ts @@ -18,7 +18,7 @@ import { * @param {Types.ObjectId} obj.organizationId * @param {String[]} obj.acceptedRoles */ -const validateMembershipOrg = async ({ +export const validateMembershipOrg = async ({ userId, organizationId, acceptedRoles, @@ -59,7 +59,7 @@ const validateMembershipOrg = async ({ * @param {Object} queryObj - query object * @return {Object} membershipOrg - membership */ -const findMembershipOrg = (queryObj: any) => { +export const findMembershipOrg = (queryObj: any) => { const membershipOrg = MembershipOrg.findOne(queryObj); return membershipOrg; }; @@ -72,7 +72,7 @@ const findMembershipOrg = (queryObj: any) => { * @param {String} obj.organizationId - id of organization. * @param {String[]} obj.roles - roles of users. */ -const addMembershipsOrg = async ({ +export const addMembershipsOrg = async ({ userIds, organizationId, roles, @@ -111,7 +111,7 @@ const addMembershipsOrg = async ({ * @param {Object} obj * @param {String} obj.membershipOrgId - id of organization membership to delete */ -const deleteMembershipOrg = async ({ +export const deleteMembershipOrg = async ({ membershipOrgId }: { membershipOrgId: string; @@ -148,11 +148,4 @@ const deleteMembershipOrg = async ({ } return deletedMembershipOrg; -}; - -export { - validateMembershipOrg, - findMembershipOrg, - addMembershipsOrg, - deleteMembershipOrg -}; +}; \ No newline at end of file diff --git a/backend/src/helpers/nodemailer.ts b/backend/src/helpers/nodemailer.ts index 78e8a12a03..c4f3de9b72 100644 --- a/backend/src/helpers/nodemailer.ts +++ b/backend/src/helpers/nodemailer.ts @@ -14,7 +14,7 @@ let smtpTransporter: nodemailer.Transporter; * @param {String[]} obj.recipients - email addresses of people to send email to * @param {Object} obj.substitutions - object containing template substitutions */ -const sendMail = async ({ +export const sendMail = async ({ template, subjectLine, recipients, @@ -48,8 +48,6 @@ const sendMail = async ({ } }; -const setTransporter = (transporter: nodemailer.Transporter) => { +export const setTransporter = (transporter: nodemailer.Transporter) => { smtpTransporter = transporter; -}; - -export { sendMail, setTransporter }; +}; \ No newline at end of file diff --git a/backend/src/helpers/organization.ts b/backend/src/helpers/organization.ts index 74c5df71d8..71e8c15ce1 100644 --- a/backend/src/helpers/organization.ts +++ b/backend/src/helpers/organization.ts @@ -28,7 +28,7 @@ import { * @param {String} obj.email - POC email that will receive invoice info * @param {Object} organization - new organization */ -const createOrganization = async ({ +export const createOrganization = async ({ name, email, }: { @@ -70,7 +70,7 @@ const createOrganization = async ({ * @return {Object} obj.stripeSubscription - new stripe subscription * @return {Subscription} obj.subscription - new subscription */ -const initSubscriptionOrg = async ({ +export const initSubscriptionOrg = async ({ organizationId, }: { organizationId: Types.ObjectId; @@ -125,7 +125,7 @@ const initSubscriptionOrg = async ({ * @param {Object} obj * @param {Number} obj.organizationId - id of subscription's organization */ -const updateSubscriptionOrgQuantity = async ({ +export const updateSubscriptionOrgQuantity = async ({ organizationId, }: { organizationId: string; @@ -171,10 +171,4 @@ const updateSubscriptionOrgQuantity = async ({ } return stripeSubscription; -}; - -export { - createOrganization, - initSubscriptionOrg, - updateSubscriptionOrgQuantity -}; +}; \ No newline at end of file diff --git a/backend/src/helpers/rateLimiter.ts b/backend/src/helpers/rateLimiter.ts index b082bceb3c..97921d8a3c 100644 --- a/backend/src/helpers/rateLimiter.ts +++ b/backend/src/helpers/rateLimiter.ts @@ -1,7 +1,7 @@ import rateLimit from 'express-rate-limit'; // 120 requests per minute -const apiLimiter = rateLimit({ +export const apiLimiter = rateLimit({ windowMs: 60 * 1000, max: 240, standardHeaders: true, @@ -20,23 +20,17 @@ const authLimit = rateLimit({ }); // 10 requests per hour -const passwordLimiter = rateLimit({ +export const passwordLimiter = rateLimit({ windowMs: 60 * 60 * 1000, max: 10, standardHeaders: true, legacyHeaders: false }); -const authLimiter = (req: any, res: any, next: any) => { +export const authLimiter = (req: any, res: any, next: any) => { if (process.env.NODE_ENV === 'production') { authLimit(req, res, next); } else { next(); } -}; - -export { - apiLimiter, - authLimiter, - passwordLimiter -}; +}; \ No newline at end of file diff --git a/backend/src/helpers/secret.ts b/backend/src/helpers/secret.ts index 9b81d79c9e..d6fcb873f5 100644 --- a/backend/src/helpers/secret.ts +++ b/backend/src/helpers/secret.ts @@ -62,7 +62,7 @@ interface Update { * @param {String} obj.environment - environment for secrets * @param {Object[]} obj.secrets - secrets to push */ -const v1PushSecrets = async ({ +export const v1PushSecrets = async ({ userId, workspaceId, environment, @@ -305,7 +305,7 @@ const v1PushSecrets = async ({ * @param {String} obj.channel - channel (web/cli/auto) * @param {String} obj.ipAddress - ip address of request to push secrets */ -const v2PushSecrets = async ({ +export const v2PushSecrets = async ({ userId, workspaceId, environment, @@ -530,7 +530,7 @@ const v2PushSecrets = async ({ * @param {String} obj.workspaceId - id of workspace to pull from * @param {String} obj.environment - environment for secrets */ -const getSecrets = async ({ +export const getSecrets = async ({ userId, workspaceId, environment, @@ -570,7 +570,7 @@ const getSecrets = async ({ * @param {String} obj.channel - channel (web/cli/auto) * @param {String} obj.ipAddress - ip address of request to push secrets */ -const pullSecrets = async ({ +export const pullSecrets = async ({ userId, workspaceId, environment, @@ -614,7 +614,7 @@ const pullSecrets = async ({ * @param {Object} obj * @param {Object} obj.secrets */ -const reformatPullSecrets = ({ secrets }: { secrets: ISecret[] }) => { +export const reformatPullSecrets = ({ secrets }: { secrets: ISecret[] }) => { const reformatedSecrets = secrets.map((s) => ({ _id: s._id, workspace: s.workspace, @@ -644,6 +644,4 @@ const reformatPullSecrets = ({ secrets }: { secrets: ISecret[] }) => { })); return reformatedSecrets; -}; - -export { v1PushSecrets, v2PushSecrets, pullSecrets, reformatPullSecrets }; +}; \ No newline at end of file diff --git a/backend/src/helpers/secrets.ts b/backend/src/helpers/secrets.ts index 562c173fa5..8042b2c7e9 100644 --- a/backend/src/helpers/secrets.ts +++ b/backend/src/helpers/secrets.ts @@ -52,7 +52,7 @@ import { * @param {Object} obj * @param {Types.ObjectId} obj.workspaceId */ -const createSecretBlindIndexDataHelper = async ({ +export const createSecretBlindIndexDataHelper = async ({ workspaceId }: { workspaceId: Types.ObjectId; @@ -106,7 +106,7 @@ const createSecretBlindIndexDataHelper = async ({ * @param {Types.ObjectId} obj.workspaceId - id of workspace to get salt for * @returns */ -const getSecretBlindIndexSaltHelper = async ({ +export const getSecretBlindIndexSaltHelper = async ({ workspaceId }: { workspaceId: Types.ObjectId; @@ -150,7 +150,7 @@ const getSecretBlindIndexSaltHelper = async ({ * @param {String} obj.secretName - name of secret to generate blind index for * @param {String} obj.salt - base64-salt */ - const generateSecretBlindIndexWithSaltHelper = async ({ +export const generateSecretBlindIndexWithSaltHelper = async ({ secretName, salt }: { @@ -179,7 +179,7 @@ const getSecretBlindIndexSaltHelper = async ({ * @param {Stringj} obj.secretName - name of secret to generate blind index for * @param {Types.ObjectId} obj.workspaceId - id of workspace that secret belongs to */ -const generateSecretBlindIndexHelper = async ({ +export const generateSecretBlindIndexHelper = async ({ secretName, workspaceId }: { @@ -220,7 +220,7 @@ const generateSecretBlindIndexHelper = async ({ * @param {AuthData} obj.authData - authentication data on request * @returns */ -const createSecretHelper = async ({ +export const createSecretHelper = async ({ secretName, workspaceId, environment, @@ -362,7 +362,7 @@ const createSecretHelper = async ({ * @param {AuthData} obj.authData - authentication data on request * @returns */ -const getSecretsHelper = async ({ +export const getSecretsHelper = async ({ workspaceId, environment, authData @@ -434,7 +434,7 @@ const getSecretsHelper = async ({ * @param {AuthData} obj.authData - authentication data on request * @returns */ -const getSecretHelper = async ({ +export const getSecretHelper = async ({ secretName, workspaceId, environment, @@ -519,7 +519,7 @@ const getSecretHelper = async ({ * @param {AuthData} obj.authData - authentication data on request * @returns */ -const updateSecretHelper = async ({ +export const updateSecretHelper = async ({ secretName, workspaceId, environment, @@ -656,7 +656,7 @@ const updateSecretHelper = async ({ * @param {AuthData} obj.authData - authentication data on request * @returns */ -const deleteSecretHelper = async ({ +export const deleteSecretHelper = async ({ secretName, workspaceId, environment, @@ -754,16 +754,4 @@ const deleteSecretHelper = async ({ secrets, secret }); -} - -export { - createSecretBlindIndexDataHelper, - getSecretBlindIndexSaltHelper, - generateSecretBlindIndexWithSaltHelper, - generateSecretBlindIndexHelper, - createSecretHelper, - getSecretsHelper, - getSecretHelper, - updateSecretHelper, - deleteSecretHelper } \ No newline at end of file diff --git a/backend/src/helpers/signup.ts b/backend/src/helpers/signup.ts index dfca967369..7a97463b24 100644 --- a/backend/src/helpers/signup.ts +++ b/backend/src/helpers/signup.ts @@ -14,7 +14,7 @@ import { TOKEN_EMAIL_CONFIRMATION } from '../variables'; * @param {String} obj.email - email * @returns {Boolean} success - whether or not operation was successful */ -const sendEmailVerification = async ({ email }: { email: string }) => { +export const sendEmailVerification = async ({ email }: { email: string }) => { try { const token = await TokenService.createToken({ type: TOKEN_EMAIL_CONFIRMATION, @@ -45,7 +45,7 @@ const sendEmailVerification = async ({ email }: { email: string }) => { * @param {String} obj.email - emai * @param {String} obj.code - code that was sent to [email] */ -const checkEmailVerification = async ({ +export const checkEmailVerification = async ({ email, code }: { @@ -72,7 +72,7 @@ const checkEmailVerification = async ({ * @param {String} obj.organizationName - name of organization to initialize * @param {IUser} obj.user - user who we are initializing for */ -const initializeDefaultOrg = async ({ +export const initializeDefaultOrg = async ({ organizationName, user }: { @@ -96,6 +96,4 @@ const initializeDefaultOrg = async ({ } catch (err) { throw new Error(`Failed to initialize default organization and workspace [err=${err}]`); } -}; - -export { sendEmailVerification, checkEmailVerification, initializeDefaultOrg }; +}; \ No newline at end of file diff --git a/backend/src/helpers/telemetry.ts b/backend/src/helpers/telemetry.ts deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/backend/src/helpers/token.ts b/backend/src/helpers/token.ts index b44641daea..66bae1a153 100644 --- a/backend/src/helpers/token.ts +++ b/backend/src/helpers/token.ts @@ -20,7 +20,7 @@ import { getSaltRounds } from "../config"; * @param {Types.ObjectId} obj.organizationId * @returns {String} token - the created token */ -const createTokenHelper = async ({ +export const createTokenHelper = async ({ type, email, phoneNumber, @@ -121,7 +121,7 @@ const createTokenHelper = async ({ * @param {String} obj.email - email associated with the token * @param {String} obj.token - value of the token */ -const validateTokenHelper = async ({ +export const validateTokenHelper = async ({ type, email, phoneNumber, @@ -212,6 +212,4 @@ const validateTokenHelper = async ({ // case: token is valid await TokenData.findByIdAndDelete(tokenData._id); -}; - -export { createTokenHelper, validateTokenHelper }; +}; \ No newline at end of file diff --git a/backend/src/helpers/workspace.ts b/backend/src/helpers/workspace.ts index 6bc8809812..701bc94bf2 100644 --- a/backend/src/helpers/workspace.ts +++ b/backend/src/helpers/workspace.ts @@ -16,7 +16,7 @@ import { SecretService } from '../services'; * @param {String} organizationId - id of organization to create workspace in * @param {Object} workspace - new workspace */ -const createWorkspace = async ({ +export const createWorkspace = async ({ name, organizationId }: { @@ -58,7 +58,7 @@ const createWorkspace = async ({ * @param {Object} obj * @param {String} obj.id - id of workspace to delete */ -const deleteWorkspace = async ({ id }: { id: string }) => { +export const deleteWorkspace = async ({ id }: { id: string }) => { try { await Workspace.deleteOne({ _id: id }); await Bot.deleteOne({ @@ -78,9 +78,4 @@ const deleteWorkspace = async ({ id }: { id: string }) => { Sentry.captureException(err); throw new Error('Failed to delete workspace'); } -}; - -export { - createWorkspace, - deleteWorkspace -}; +}; \ No newline at end of file diff --git a/backend/src/models/user.ts b/backend/src/models/user.ts index 4059ce8e0c..45f248924a 100644 --- a/backend/src/models/user.ts +++ b/backend/src/models/user.ts @@ -15,7 +15,7 @@ export interface IUser extends Document { tag?: string; salt?: string; verifier?: string; - refreshVersion?: number; + refreshVersion: number; isMfaEnabled: boolean; mfaMethods: boolean; devices: { diff --git a/backend/src/services/BotService.ts b/backend/src/services/BotService.ts index 4e8118fbea..2c0db03550 100644 --- a/backend/src/services/BotService.ts +++ b/backend/src/services/BotService.ts @@ -1,6 +1,6 @@ import { Types } from 'mongoose'; import { - getSecretsHelper, + getSecretsBotHelper, encryptSymmetricHelper, decryptSymmetricHelper } from '../helpers/bot'; @@ -25,7 +25,7 @@ class BotService { workspaceId: Types.ObjectId; environment: string; }) { - return await getSecretsHelper({ + return await getSecretsBotHelper({ workspaceId, environment });