richard
/
wiki
mirror of https://github.com/Requarks/wiki.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1530 Commits
3 Branches
120 Tags
80 MiB
Tree: 2fe2e6210d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2fe2e6210d'
${ noResults }
wiki/server/graph/resolvers/authentication.js

242 lines
7.0 KiB
Raw Normal View History

feat: auth strategies over GraphQL + svg loading
7 years ago
feat: authentication providers resolver - filter + orderBy
6 years ago
refactor: global namespace + admin pages UI
6 years ago
feat: auth strategies over GraphQL + svg loading
7 years ago
feat: mandatory password change on login + UI fixes
5 years ago
refactor: global namespace + admin pages UI
6 years ago
feat: mandatory password change on login + UI fixes
5 years ago
refactor: global namespace + admin pages UI
6 years ago
feat: manage / create API keys (#1516) * fix: admin api UI update * feat: admin api - create dialog UI * feat: admin api - create + list keys * feat: admin api localization (wip) * feat: admin api localization * feat: admin api - toggle state * feat: process API keys + format gql request errors to json
4 years ago
feat: utilities section (wip) + auth utilities
5 years ago
feat: mandatory password change on login + UI fixes
5 years ago
feat: auth jwt, permissions, login ui (wip)
6 years ago
feat: authentication improvements
6 years ago
feat: gitlab auth module + storage locale namespacing fix
5 years ago
feat: authentication improvements
6 years ago
feat: gitlab auth module + storage locale namespacing fix
5 years ago
feat: authentication improvements
6 years ago
feat: locale namespacing save + auth fetch fix
6 years ago
feat: auth strategies over GraphQL + svg loading
7 years ago
refactor: webpack fixes, missing auth icons, auth resolvers
6 years ago
feat: manage / create API keys (#1516) * fix: admin api UI update * feat: admin api - create dialog UI * feat: admin api - create + list keys * feat: admin api localization (wip) * feat: admin api localization * feat: admin api - toggle state * feat: process API keys + format gql request errors to json
4 years ago
feat: HA event handling + emitting
4 years ago
feat: manage / create API keys (#1516) * fix: admin api UI update * feat: admin api - create dialog UI * feat: admin api - create + list keys * feat: admin api localization (wip) * feat: admin api localization * feat: admin api - toggle state * feat: process API keys + format gql request errors to json
4 years ago
feat: HA event handling + emitting
4 years ago
feat: manage / create API keys (#1516) * fix: admin api UI update * feat: admin api - create dialog UI * feat: admin api - create + list keys * feat: admin api localization (wip) * feat: admin api localization * feat: admin api - toggle state * feat: process API keys + format gql request errors to json
4 years ago
feat: utilities section (wip) + auth utilities
5 years ago
feat: mandatory password change on login + UI fixes
5 years ago
refactor: webpack fixes, missing auth icons, auth resolvers
6 years ago
feat: register validation + create + admin improvements
6 years ago
refactor: webpack fixes, missing auth icons, auth resolvers
6 years ago
feat: admin groups - list + create, gql refactoring
6 years ago
refactor: webpack fixes, missing auth icons, auth resolvers
6 years ago
feat: LDAP debug flag
5 years ago
refactor: webpack fixes, missing auth icons, auth resolvers
6 years ago
feat: utilities section (wip) + auth utilities
5 years ago
feat: mandatory password change on login + UI fixes
5 years ago
refactor: webpack fixes, missing auth icons, auth resolvers
6 years ago
feat: register validation + create + admin improvements
6 years ago
refactor: webpack fixes, missing auth icons, auth resolvers
6 years ago
feat: admin groups - list + create, gql refactoring
6 years ago
refactor: webpack fixes, missing auth icons, auth resolvers
6 years ago
feat: admin auth - save config
6 years ago
feat: mandatory password change on login + UI fixes
5 years ago
feat: utilities section (wip) + auth utilities
5 years ago
feat: mandatory password change on login + UI fixes
5 years ago
feat: register validation + create + admin improvements
6 years ago
fix: setup https support + various fixes
5 years ago
feat: register validation + create + admin improvements
6 years ago
feat: manage / create API keys (#1516) * fix: admin api UI update * feat: admin api - create dialog UI * feat: admin api - create + list keys * feat: admin api localization (wip) * feat: admin api localization * feat: admin api - toggle state * feat: process API keys + format gql request errors to json
4 years ago
feat: HA event handling + emitting
4 years ago
feat: manage / create API keys (#1516) * fix: admin api UI update * feat: admin api - create dialog UI * feat: admin api - create + list keys * feat: admin api localization (wip) * feat: admin api localization * feat: admin api - toggle state * feat: process API keys + format gql request errors to json
4 years ago
feat: utilities section (wip) + auth utilities
5 years ago
feat: mandatory password change on login + UI fixes
5 years ago
feat: admin auth - save config
6 years ago
feat: guest + user permissions
5 years ago
feat: admin auth - save config
6 years ago
feat: core improvements + local fs provider + UI fixes
6 years ago
feat: admin auth - save config
6 years ago
fix: modules non-string config + live trail logging
6 years ago
feat: admin auth - save config
6 years ago
feat: auth advanced settings UI + reload auth on save
6 years ago
feat: HA event handling + emitting
4 years ago
feat: admin auth - save config
6 years ago
feat: utilities section (wip) + auth utilities
5 years ago
feat: mandatory password change on login + UI fixes
5 years ago
feat: utilities section (wip) + auth utilities
5 years ago
feat: mandatory password change on login + UI fixes
5 years ago
feat: utilities section (wip) + auth utilities
5 years ago
refactor: webpack fixes, missing auth icons, auth resolvers
6 years ago
feat: admin auth UI + fetch
6 years ago
feat: auth strategies over GraphQL + svg loading
7 years ago
feat: vue-apollo + auth providers resolver (wip)
6 years ago
feat: auth strategies over GraphQL + svg loading
7 years ago
  1. const _ = require('lodash')
  2. const fs = require('fs-extra')
  3. const path = require('path')
  4. const graphHelper = require('../../helpers/graph')
  6. /* global WIKI */
  8. module.exports = {
  9. Query: {
  10. async authentication () { return {} }
  11. },
  12. Mutation: {
  13. async authentication () { return {} }
  14. },
  15. AuthenticationQuery: {
  16. /**
  17. * List of API Keys
  18. */
  19. async apiKeys (obj, args, context) {
  20. const keys = await WIKI.models.apiKeys.query().orderBy(['isRevoked', 'name'])
  21. return keys.map(k => ({
  22. id: k.id,
  23. name: k.name,
  24. keyShort: '...' + k.key.substring(k.key.length - 20),
  25. isRevoked: k.isRevoked,
  26. expiration: k.expiration,
  27. createdAt: k.createdAt,
  28. updatedAt: k.updatedAt
  29. }))
  30. },
  31. /**
  32. * Current API State
  33. */
  34. apiState () {
  35. return WIKI.config.api.isEnabled
  36. },
  37. /**
  38. * Fetch active authentication strategies
  39. */
  40. async strategies (obj, args, context, info) {
  41. let strategies = await WIKI.models.authentication.getStrategies(args.isEnabled)
  42. strategies = strategies.map(stg => {
  43. const strategyInfo = _.find(WIKI.data.authentication, ['key', stg.key]) || {}
  44. return {
  45. ...strategyInfo,
  46. ...stg,
  47. config: _.sortBy(_.transform(stg.config, (res, value, key) => {
  48. const configData = _.get(strategyInfo.props, key, false)
  49. if (configData) {
  50. res.push({
  51. key,
  52. value: JSON.stringify({
  53. ...configData,
  54. value
  55. })
  56. })
  57. }
  58. }, []), 'key')
  59. }
  60. })
  61. return strategies
  62. }
  63. },
  64. AuthenticationMutation: {
  65. /**
  66. * Create New API Key
  67. */
  68. async createApiKey (obj, args, context) {
  69. try {
  70. const key = await WIKI.models.apiKeys.createNewKey(args)
  71. await WIKI.auth.reloadApiKeys()
  72. WIKI.events.outbound.emit('reloadApiKeys')
  73. return {
  74. key,
  75. responseResult: graphHelper.generateSuccess('API Key created successfully')
  76. }
  77. } catch (err) {
  78. return graphHelper.generateError(err)
  79. }
  80. },
  81. /**
  82. * Perform Login
  83. */
  84. async login (obj, args, context) {
  85. try {
  86. const authResult = await WIKI.models.users.login(args, context)
  87. return {
  88. ...authResult,
  89. responseResult: graphHelper.generateSuccess('Login success')
  90. }
  91. } catch (err) {
  92. // LDAP Debug Flag
  93. if (args.strategy === 'ldap' && WIKI.config.flags.ldapdebug) {
  94. WIKI.logger.warn('LDAP LOGIN ERROR (c1): ', err)
  95. }
  97. return graphHelper.generateError(err)
  98. }
  99. },
  100. /**
  101. * Perform 2FA Login
  102. */
  103. async loginTFA (obj, args, context) {
  104. try {
  105. const authResult = await WIKI.models.users.loginTFA(args, context)
  106. return {
  107. ...authResult,
  108. responseResult: graphHelper.generateSuccess('TFA success')
  109. }
  110. } catch (err) {
  111. return graphHelper.generateError(err)
  112. }
  113. },
  114. /**
  115. * Perform Mandatory Password Change after Login
  116. */
  117. async loginChangePassword (obj, args, context) {
  118. try {
  119. const authResult = await WIKI.models.users.loginChangePassword(args, context)
  120. return {
  121. ...authResult,
  122. responseResult: graphHelper.generateSuccess('Password changed successfully')
  123. }
  124. } catch (err) {
  125. return graphHelper.generateError(err)
  126. }
  127. },
  128. /**
  129. * Register a new account
  130. */
  131. async register (obj, args, context) {
  132. try {
  133. await WIKI.models.users.register({ ...args, verify: true }, context)
  134. return {
  135. responseResult: graphHelper.generateSuccess('Registration success')
  136. }
  137. } catch (err) {
  138. return graphHelper.generateError(err)
  139. }
  140. },
  141. /**
  142. * Set API state
  143. */
  144. async setApiState (obj, args, context) {
  145. try {
  146. WIKI.config.api.isEnabled = args.enabled
  147. await WIKI.configSvc.saveToDb(['api'])
  148. return {
  149. responseResult: graphHelper.generateSuccess('API State changed successfully')
  150. }
  151. } catch (err) {
  152. return graphHelper.generateError(err)
  153. }
  154. },
  155. /**
  156. * Revoke an API key
  157. */
  158. async revokeApiKey (obj, args, context) {
  159. try {
  160. await WIKI.models.apiKeys.query().findById(args.id).patch({
  161. isRevoked: true
  162. })
  163. await WIKI.auth.reloadApiKeys()
  164. WIKI.events.outbound.emit('reloadApiKeys')
  165. return {
  166. responseResult: graphHelper.generateSuccess('API Key revoked successfully')
  167. }
  168. } catch (err) {
  169. return graphHelper.generateError(err)
  170. }
  171. },
  172. /**
  173. * Update Authentication Strategies
  174. */
  175. async updateStrategies (obj, args, context) {
  176. try {
  177. WIKI.config.auth = {
  178. audience: _.get(args, 'config.audience', WIKI.config.auth.audience),
  179. tokenExpiration: _.get(args, 'config.tokenExpiration', WIKI.config.auth.tokenExpiration),
  180. tokenRenewal: _.get(args, 'config.tokenRenewal', WIKI.config.auth.tokenRenewal)
  181. }
  182. await WIKI.configSvc.saveToDb(['auth'])
  184. for (let str of args.strategies) {
  185. await WIKI.models.authentication.query().patch({
  186. isEnabled: str.isEnabled,
  187. config: _.reduce(str.config, (result, value, key) => {
  188. _.set(result, `${value.key}`, _.get(JSON.parse(value.value), 'v', null))
  189. return result
  190. }, {}),
  191. selfRegistration: str.selfRegistration,
  192. domainWhitelist: { v: str.domainWhitelist },
  193. autoEnrollGroups: { v: str.autoEnrollGroups }
  194. }).where('key', str.key)
  195. }
  196. await WIKI.auth.activateStrategies()
  197. WIKI.events.outbound.emit('reloadAuthStrategies')
  198. return {
  199. responseResult: graphHelper.generateSuccess('Strategies updated successfully')
  200. }
  201. } catch (err) {
  202. return graphHelper.generateError(err)
  203. }
  204. },
  205. /**
  206. * Generate New Authentication Public / Private Key Certificates
  207. */
  208. async regenerateCertificates (obj, args, context) {
  209. try {
  210. await WIKI.auth.regenerateCertificates()
  211. return {
  212. responseResult: graphHelper.generateSuccess('Certificates have been regenerated successfully.')
  213. }
  214. } catch (err) {
  215. return graphHelper.generateError(err)
  216. }
  217. },
  218. /**
  219. * Reset Guest User
  220. */
  221. async resetGuestUser (obj, args, context) {
  222. try {
  223. await WIKI.auth.resetGuestUser()
  224. return {
  225. responseResult: graphHelper.generateSuccess('Guest user has been reset successfully.')
  226. }
  227. } catch (err) {
  228. return graphHelper.generateError(err)
  229. }
  230. }
  231. },
  232. AuthenticationStrategy: {
  233. icon (ap, args) {
  234. return fs.readFile(path.join(WIKI.ROOTPATH, `assets/svg/auth-icon-${ap.key}.svg`), 'utf8').catch(err => {
  235. if (err.code === 'ENOENT') {
  236. return null
  237. }
  238. throw err
  239. })
  240. }
  241. }
  242. }