accounts-frontend/src/services/api/authentication.js

// @flow
import type { UserResponse } from 'services/api/accounts';
import logger from 'services/logger';
import request, { InternalServerError } from 'services/request';
import { getInfo as getInfoEndpoint } from 'services/api/accounts';

const authentication = {
    login({
        login,
        password,
        totp,
        rememberMe = false
    }: {
        login: string,
        password?: string,
        totp?: string,
        rememberMe: bool
    }) {
        return request.post(
            '/api/authentication/login',
            {login, password, totp, rememberMe},
            {token: null}
        );
    },

    /**
     * @param {object} options
     * @param {string} [options.token] - an optional token to overwrite headers
     *                                   in middleware and disable token auto-refresh
     *
     * @return {Promise}
     */
    logout(options: ?{
        token: string
    }) {
        return request.post('/api/authentication/logout', {}, {
            token: options && options.token
        });
    },

    forgotPassword({
        login,
        captcha
    }: {
        login: string,
        captcha: string
    }) {
        return request.post(
            '/api/authentication/forgot-password',
            {login, captcha},
            {token: null}
        );
    },

    recoverPassword({
        key,
        newPassword,
        newRePassword
    }: {
        key: string,
        newPassword: string,
        newRePassword: string
    }) {
        return request.post(
            '/api/authentication/recover-password',
            {key, newPassword, newRePassword},
            {token: null}
        );
    },

    /**
     * Resolves if token is valid
     *
     * @param {string} token
     * @param {string} refreshToken
     *
     * @return {Promise} - resolves with options.token or with a new token
     *                     if it was refreshed. As a side effect the response
     *                     will have a `user` field with current user data
     *
     */
    async validateToken(token: string, refreshToken: ?string): Promise<{
        token: string,
        refreshToken: ?string,
        user: UserResponse,
    }> {
        if (typeof token !== 'string') {
            throw new Error('token must be a string');
        }

        // TODO: decode token to extract information about user id

        let user: UserResponse;
        try {
            user = await getInfoEndpoint(0, { token });
        } catch (resp) {
            const { token } = await this.handleTokenError(resp, refreshToken);
            user = await getInfoEndpoint(0, { token }); // TODO: replace with recursive call
        }

        return {
            token,
            refreshToken,
            user,
        };
    },

    handleTokenError(resp: Error | { message: string }, refreshToken: ?string): Promise<{
        token: string,
    }> {
        if (resp instanceof InternalServerError) {
            // delegate error recovering to the bsod middleware
            return new Promise(() => {});
        }

        if (refreshToken) {
            if ([
                'Token expired',
                'Incorrect token',
                'You are requesting with an invalid credential.'
            ].includes(resp.message)) {
                return authentication.requestToken(refreshToken);
            }

            logger.error('Unexpected error during token validation', {
                resp
            });
        }

        return Promise.reject(resp);
    },

    /**
     * Request new access token using a refreshToken
     *
     * @param {string} refreshToken
     *
     * @return {Promise} - resolves to {token}
     */
    requestToken(refreshToken: string): Promise<{token: string}> {
        return request.post(
            '/api/authentication/refresh-token',
            {refresh_token: refreshToken}, // eslint-disable-line
            {token: null}
        )
            .then((resp: {access_token: string}) => ({
                token: resp.access_token
            }))
            .catch((resp) => {
                const errors = resp.errors || {};

                if (errors.refresh_token !== 'error.refresh_token_not_exist') {
                    logger.error('Failed refreshing token: unknown error', {
                        resp
                    });
                }

                return Promise.reject(resp);
            });
    }
};

export default authentication;
#305: add mfa step during auth 2017-08-23 00:09:08 +05:30			`// @flow`
Little refactoring of the accounts API for the frontend application 2019-01-25 22:59:32 +05:30			`import type { UserResponse } from 'services/api/accounts';`
#365: improve token api errors handling 2017-12-26 01:33:21 +05:30			`import logger from 'services/logger';`
			`import request, { InternalServerError } from 'services/request';`
Little refactoring of the accounts API for the frontend application 2019-01-25 22:59:32 +05:30			`import { getInfo as getInfoEndpoint } from 'services/api/accounts';`
#126: slightly refactored login and jwt token logic 2016-06-04 19:16:39 +05:30
#48: integrate accounts with app 2016-11-05 15:41:41 +05:30			`const authentication = {`
#126: slightly refactored login and jwt token logic 2016-06-04 19:16:39 +05:30			`login({`
#305: add mfa step during auth 2017-08-23 00:09:08 +05:30			`login,`
			`password,`
			`totp,`
#126: slightly refactored login and jwt token logic 2016-06-04 19:16:39 +05:30			`rememberMe = false`
#305: add mfa step during auth 2017-08-23 00:09:08 +05:30			`}: {`
			`login: string,`
			`password?: string,`
			`totp?: string,`
			`rememberMe: bool`
#126: slightly refactored login and jwt token logic 2016-06-04 19:16:39 +05:30			`}) {`
			`return request.post(`
			`'/api/authentication/login',`
#305: implement disable mfa form 2017-09-09 19:52:19 +05:30			`{login, password, totp, rememberMe},`
Ignore token for some guest-specific requests 2016-12-25 23:39:47 +05:30			`{token: null}`
#305: implement disable mfa form 2017-09-09 19:52:19 +05:30			`);`
#126: added refresh token support on frontend 2016-06-04 20:28:29 +05:30			`},`

#48: call authentication.logout for each revoked account 2016-11-15 11:25:15 +05:30			`/**`
			`* @param {object} options`
#305: add mfa step during auth 2017-08-23 00:09:08 +05:30			`* @param {string} [options.token] - an optional token to overwrite headers`
#48: call authentication.logout for each revoked account 2016-11-15 11:25:15 +05:30			`* in middleware and disable token auto-refresh`
			`*`
			`* @return {Promise}`
			`*/`
#365: Redirect user to login page, when token can not be refreshed. Further improvement of auth errors handling 2017-12-31 00:34:31 +05:30			`logout(options: ?{`
			`token: string`
			`}) {`
#48: call authentication.logout for each revoked account 2016-11-15 11:25:15 +05:30			`return request.post('/api/authentication/logout', {}, {`
#365: Redirect user to login page, when token can not be refreshed. Further improvement of auth errors handling 2017-12-31 00:34:31 +05:30			`token: options && options.token`
#48: call authentication.logout for each revoked account 2016-11-15 11:25:15 +05:30			`});`
#151: notify an api about user being logged out 2016-06-28 15:43:27 +05:30			`},`

Decouple the rest of an api calls 2016-07-28 10:33:30 +05:30			`forgotPassword({`
#305: add mfa step during auth 2017-08-23 00:09:08 +05:30			`login,`
			`captcha`
			`}: {`
			`login: string,`
			`captcha: string`
Decouple the rest of an api calls 2016-07-28 10:33:30 +05:30			`}) {`
			`return request.post(`
			`'/api/authentication/forgot-password',`
Попытка сделать frontend для отображения капчи на странице запроса восстановления пароля 2017-04-18 22:17:46 +05:30			`{login, captcha},`
Отключена передача токена авторизации при выполнении запросов в сторону формы восстановления пароля 2017-02-24 02:51:24 +05:30			`{token: null}`
Decouple the rest of an api calls 2016-07-28 10:33:30 +05:30			`);`
			`},`

			`recoverPassword({`
#305: add mfa step during auth 2017-08-23 00:09:08 +05:30			`key,`
			`newPassword,`
			`newRePassword`
			`}: {`
			`key: string,`
			`newPassword: string,`
			`newRePassword: string`
Decouple the rest of an api calls 2016-07-28 10:33:30 +05:30			`}) {`
			`return request.post(`
			`'/api/authentication/recover-password',`
Отключена передача токена авторизации при выполнении запросов в сторону формы восстановления пароля 2017-02-24 02:51:24 +05:30			`{key, newPassword, newRePassword},`
			`{token: null}`
Decouple the rest of an api calls 2016-07-28 10:33:30 +05:30			`);`
			`},`

#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30			`/**`
			`* Resolves if token is valid`
			`*`
Little refactoring of the accounts API for the frontend application 2019-01-25 22:59:32 +05:30			`* @param {string} token`
			`* @param {string} refreshToken`
#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30			`*`
			`* @return {Promise} - resolves with options.token or with a new token`
#246: remove redundant /current calls during account authentication 2017-01-06 11:34:14 +05:30			`* if it was refreshed. As a side effect the response`
			* will have a `user` field with current user data
Little refactoring of the accounts API for the frontend application 2019-01-25 22:59:32 +05:30			`*`
#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30			`*/`
Little refactoring of the accounts API for the frontend application 2019-01-25 22:59:32 +05:30			`async validateToken(token: string, refreshToken: ?string): Promise<{`
#305: add mfa step during auth 2017-08-23 00:09:08 +05:30			`token: string,`
Little refactoring of the accounts API for the frontend application 2019-01-25 22:59:32 +05:30			`refreshToken: ?string,`
			`user: UserResponse,`
			`}> {`
			`if (typeof token !== 'string') {`
			`throw new Error('token must be a string');`
			`}`

			`// TODO: decode token to extract information about user id`

			`let user: UserResponse;`
			`try {`
			`user = await getInfoEndpoint(0, { token });`
			`} catch (resp) {`
			`const { token } = await this.handleTokenError(resp, refreshToken);`
			`user = await getInfoEndpoint(0, { token }); // TODO: replace with recursive call`
			`}`
#48: integrate accounts with app 2016-11-05 15:41:41 +05:30
Little refactoring of the accounts API for the frontend application 2019-01-25 22:59:32 +05:30			`return {`
			`token,`
			`refreshToken,`
			`user,`
			`};`
#365: Redirect user to login page, when token can not be refreshed. Further improvement of auth errors handling 2017-12-31 00:34:31 +05:30			`},`
#365: improve token api errors handling 2017-12-26 01:33:21 +05:30
#365: Redirect user to login page, when token can not be refreshed. Further improvement of auth errors handling 2017-12-31 00:34:31 +05:30			`handleTokenError(resp: Error \| { message: string }, refreshToken: ?string): Promise<{`
			`token: string,`
			`}> {`
			`if (resp instanceof InternalServerError) {`
			`// delegate error recovering to the bsod middleware`
			`return new Promise(() => {});`
			`}`
#365: improve token api errors handling 2017-12-26 01:33:21 +05:30
#365: Redirect user to login page, when token can not be refreshed. Further improvement of auth errors handling 2017-12-31 00:34:31 +05:30			`if (refreshToken) {`
			`if ([`
			`'Token expired',`
			`'Incorrect token',`
			`'You are requesting with an invalid credential.'`
			`].includes(resp.message)) {`
			`return authentication.requestToken(refreshToken);`
			`}`
#48: integrate accounts with app 2016-11-05 15:41:41 +05:30
#365: Redirect user to login page, when token can not be refreshed. Further improvement of auth errors handling 2017-12-31 00:34:31 +05:30			`logger.error('Unexpected error during token validation', {`
			`resp`
#305: fix linting errors after upgrading to eslint 4 2017-08-23 02:30:10 +05:30			`});`
#365: Redirect user to login page, when token can not be refreshed. Further improvement of auth errors handling 2017-12-31 00:34:31 +05:30			`}`

			`return Promise.reject(resp);`
#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30			`},`

Add tests for auth middlewares 2016-08-10 00:47:49 +05:30			`/**`
			`* Request new access token using a refreshToken`
			`*`
			`* @param {string} refreshToken`
			`*`
			`* @return {Promise} - resolves to {token}`
			`*/`
#305: add mfa step during auth 2017-08-23 00:09:08 +05:30			`requestToken(refreshToken: string): Promise<{token: string}> {`
#126: added refresh token support on frontend 2016-06-04 20:28:29 +05:30			`return request.post(`
			`'/api/authentication/refresh-token',`
Disable bearer header for refresh-token request 2016-12-13 01:37:49 +05:30			`{refresh_token: refreshToken}, // eslint-disable-line`
			`{token: null}`
#365: Redirect user to login page, when token can not be refreshed. Further improvement of auth errors handling 2017-12-31 00:34:31 +05:30			`)`
			`.then((resp: {access_token: string}) => ({`
			`token: resp.access_token`
			`}))`
			`.catch((resp) => {`
			`const errors = resp.errors \|\| {};`

			`if (errors.refresh_token !== 'error.refresh_token_not_exist') {`
			`logger.error('Failed refreshing token: unknown error', {`
			`resp`
			`});`
			`}`

			`return Promise.reject(resp);`
			`});`
#126: slightly refactored login and jwt token logic 2016-06-04 19:16:39 +05:30			`}`
			`};`
#48: integrate accounts with app 2016-11-05 15:41:41 +05:30
			`export default authentication;`