accounts-frontend/src/services/api/authentication.js

// @flow
import request from 'services/request';
import accounts from 'services/api/accounts';

const authentication = {
    login({
        login,
        password,
        totp,
        rememberMe = false
    }: {
        login: string,
        password?: string,
        totp?: string,
        rememberMe: bool
    }) {
        return request.post(
            '/api/authentication/login',
            {login, password, totp, rememberMe},
            {token: null}
        );
    },

    /**
     * @param {object} options
     * @param {string} [options.token] - an optional token to overwrite headers
     *                                   in middleware and disable token auto-refresh
     *
     * @return {Promise}
     */
    logout(options: {
        token?: string
    } = {}) {
        return request.post('/api/authentication/logout', {}, {
            token: options.token
        });
    },

    forgotPassword({
        login,
        captcha
    }: {
        login: string,
        captcha: string
    }) {
        return request.post(
            '/api/authentication/forgot-password',
            {login, captcha},
            {token: null}
        );
    },

    recoverPassword({
        key,
        newPassword,
        newRePassword
    }: {
        key: string,
        newPassword: string,
        newRePassword: string
    }) {
        return request.post(
            '/api/authentication/recover-password',
            {key, newPassword, newRePassword},
            {token: null}
        );
    },

    /**
     * Resolves if token is valid
     *
     * @param {object} options
     * @param {string} options.token
     * @param {string} options.refreshToken
     *
     * @return {Promise} - resolves with options.token or with a new token
     *                     if it was refreshed. As a side effect the response
     *                     will have a `user` field with current user data
     */
    validateToken({token, refreshToken}: {
        token: string,
        refreshToken: string
    }) {
        return new Promise((resolve) => {
            if (typeof token !== 'string') {
                throw new Error('token must be a string');
            }

            resolve();
        })
            .then(() => accounts.current({token}))
            .then((user) => ({token, refreshToken, user}))
            .catch((resp) => {
                if (resp.message === 'Token expired') {
                    return authentication.requestToken(refreshToken)
                        .then(({token}) =>
                            accounts.current({token})
                                .then((user) => ({token, refreshToken, user}))
                        );
                }

                return Promise.reject(resp);
            });
    },

    /**
     * Request new access token using a refreshToken
     *
     * @param {string} refreshToken
     *
     * @return {Promise} - resolves to {token}
     */
    requestToken(refreshToken: string): Promise<{token: string}> {
        return request.post(
            '/api/authentication/refresh-token',
            {refresh_token: refreshToken}, // eslint-disable-line
            {token: null}
        ).then((resp: {access_token: string}) => ({
            token: resp.access_token
        }));
    }
};

export default authentication;
#305: add mfa step during auth 2017-08-23 00:09:08 +05:30			`// @flow`
#126: slightly refactored login and jwt token logic 2016-06-04 19:16:39 +05:30			`import request from 'services/request';`
#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30			`import accounts from 'services/api/accounts';`
#126: slightly refactored login and jwt token logic 2016-06-04 19:16:39 +05:30
#48: integrate accounts with app 2016-11-05 15:41:41 +05:30			`const authentication = {`
#126: slightly refactored login and jwt token logic 2016-06-04 19:16:39 +05:30			`login({`
#305: add mfa step during auth 2017-08-23 00:09:08 +05:30			`login,`
			`password,`
			`totp,`
#126: slightly refactored login and jwt token logic 2016-06-04 19:16:39 +05:30			`rememberMe = false`
#305: add mfa step during auth 2017-08-23 00:09:08 +05:30			`}: {`
			`login: string,`
			`password?: string,`
			`totp?: string,`
			`rememberMe: bool`
#126: slightly refactored login and jwt token logic 2016-06-04 19:16:39 +05:30			`}) {`
			`return request.post(`
			`'/api/authentication/login',`
#305: implement disable mfa form 2017-09-09 19:52:19 +05:30			`{login, password, totp, rememberMe},`
Ignore token for some guest-specific requests 2016-12-25 23:39:47 +05:30			`{token: null}`
#305: implement disable mfa form 2017-09-09 19:52:19 +05:30			`);`
#126: added refresh token support on frontend 2016-06-04 20:28:29 +05:30			`},`

#48: call authentication.logout for each revoked account 2016-11-15 11:25:15 +05:30			`/**`
			`* @param {object} options`
#305: add mfa step during auth 2017-08-23 00:09:08 +05:30			`* @param {string} [options.token] - an optional token to overwrite headers`
#48: call authentication.logout for each revoked account 2016-11-15 11:25:15 +05:30			`* in middleware and disable token auto-refresh`
			`*`
			`* @return {Promise}`
			`*/`
#305: add mfa step during auth 2017-08-23 00:09:08 +05:30			`logout(options: {`
			`token?: string`
			`} = {}) {`
#48: call authentication.logout for each revoked account 2016-11-15 11:25:15 +05:30			`return request.post('/api/authentication/logout', {}, {`
			`token: options.token`
			`});`
#151: notify an api about user being logged out 2016-06-28 15:43:27 +05:30			`},`

Decouple the rest of an api calls 2016-07-28 10:33:30 +05:30			`forgotPassword({`
#305: add mfa step during auth 2017-08-23 00:09:08 +05:30			`login,`
			`captcha`
			`}: {`
			`login: string,`
			`captcha: string`
Decouple the rest of an api calls 2016-07-28 10:33:30 +05:30			`}) {`
			`return request.post(`
			`'/api/authentication/forgot-password',`
Попытка сделать frontend для отображения капчи на странице запроса восстановления пароля 2017-04-18 22:17:46 +05:30			`{login, captcha},`
Отключена передача токена авторизации при выполнении запросов в сторону формы восстановления пароля 2017-02-24 02:51:24 +05:30			`{token: null}`
Decouple the rest of an api calls 2016-07-28 10:33:30 +05:30			`);`
			`},`

			`recoverPassword({`
#305: add mfa step during auth 2017-08-23 00:09:08 +05:30			`key,`
			`newPassword,`
			`newRePassword`
			`}: {`
			`key: string,`
			`newPassword: string,`
			`newRePassword: string`
Decouple the rest of an api calls 2016-07-28 10:33:30 +05:30			`}) {`
			`return request.post(`
			`'/api/authentication/recover-password',`
Отключена передача токена авторизации при выполнении запросов в сторону формы восстановления пароля 2017-02-24 02:51:24 +05:30			`{key, newPassword, newRePassword},`
			`{token: null}`
Decouple the rest of an api calls 2016-07-28 10:33:30 +05:30			`);`
			`},`

#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30			`/**`
			`* Resolves if token is valid`
			`*`
			`* @param {object} options`
			`* @param {string} options.token`
			`* @param {string} options.refreshToken`
			`*`
			`* @return {Promise} - resolves with options.token or with a new token`
#246: remove redundant /current calls during account authentication 2017-01-06 11:34:14 +05:30			`* if it was refreshed. As a side effect the response`
			* will have a `user` field with current user data
#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30			`*/`
#305: add mfa step during auth 2017-08-23 00:09:08 +05:30			`validateToken({token, refreshToken}: {`
			`token: string,`
			`refreshToken: string`
			`}) {`
#48: integrate accounts with app 2016-11-05 15:41:41 +05:30			`return new Promise((resolve) => {`
			`if (typeof token !== 'string') {`
			`throw new Error('token must be a string');`
			`}`

			`resolve();`
			`})`
#305: fix linting errors after upgrading to eslint 4 2017-08-23 02:30:10 +05:30			`.then(() => accounts.current({token}))`
			`.then((user) => ({token, refreshToken, user}))`
			`.catch((resp) => {`
			`if (resp.message === 'Token expired') {`
			`return authentication.requestToken(refreshToken)`
			`.then(({token}) =>`
			`accounts.current({token})`
			`.then((user) => ({token, refreshToken, user}))`
			`);`
			`}`
#48: integrate accounts with app 2016-11-05 15:41:41 +05:30
#305: fix linting errors after upgrading to eslint 4 2017-08-23 02:30:10 +05:30			`return Promise.reject(resp);`
			`});`
#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30			`},`

Add tests for auth middlewares 2016-08-10 00:47:49 +05:30			`/**`
			`* Request new access token using a refreshToken`
			`*`
			`* @param {string} refreshToken`
			`*`
			`* @return {Promise} - resolves to {token}`
			`*/`
#305: add mfa step during auth 2017-08-23 00:09:08 +05:30			`requestToken(refreshToken: string): Promise<{token: string}> {`
#126: added refresh token support on frontend 2016-06-04 20:28:29 +05:30			`return request.post(`
			`'/api/authentication/refresh-token',`
Disable bearer header for refresh-token request 2016-12-13 01:37:49 +05:30			`{refresh_token: refreshToken}, // eslint-disable-line`
			`{token: null}`
#305: add mfa step during auth 2017-08-23 00:09:08 +05:30			`).then((resp: {access_token: string}) => ({`
Add tests for auth middlewares 2016-08-10 00:47:49 +05:30			`token: resp.access_token`
			`}));`
#126: slightly refactored login and jwt token logic 2016-06-04 19:16:39 +05:30			`}`
			`};`
#48: integrate accounts with app 2016-11-05 15:41:41 +05:30
			`export default authentication;`