330 lines
12 KiB
JavaScript
330 lines
12 KiB
JavaScript
//////////////////////////////////////////////////////////////////////////
|
|
// //
|
|
// This is a generated file. You can view the original //
|
|
// source in your browser if your browser supports source maps. //
|
|
// Source maps are supported by all recent versions of Chrome, Safari, //
|
|
// and Firefox, and by Internet Explorer 11. //
|
|
// //
|
|
//////////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
(function () {
|
|
|
|
/* Imports */
|
|
var Meteor = Package.meteor.Meteor;
|
|
var global = Package.meteor.global;
|
|
var meteorEnv = Package.meteor.meteorEnv;
|
|
var Accounts = Package['accounts-base'].Accounts;
|
|
var SRP = Package.srp.SRP;
|
|
var SHA256 = Package.sha.SHA256;
|
|
var EJSON = Package.ejson.EJSON;
|
|
var DDP = Package['ddp-client'].DDP;
|
|
var check = Package.check.check;
|
|
var Match = Package.check.Match;
|
|
var _ = Package.underscore._;
|
|
var meteorInstall = Package.modules.meteorInstall;
|
|
var meteorBabelHelpers = Package['babel-runtime'].meteorBabelHelpers;
|
|
var Promise = Package.promise.Promise;
|
|
var Symbol = Package['ecmascript-runtime-client'].Symbol;
|
|
var Map = Package['ecmascript-runtime-client'].Map;
|
|
var Set = Package['ecmascript-runtime-client'].Set;
|
|
|
|
var require = meteorInstall({"node_modules":{"meteor":{"accounts-password":{"password_client.js":function(){
|
|
|
|
////////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
|
// //
|
|
// packages/accounts-password/password_client.js //
|
|
// //
|
|
////////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
|
//
|
|
// Used in the various functions below to handle errors consistently
|
|
function reportError(error, callback) {
|
|
if (callback) {
|
|
callback(error);
|
|
} else {
|
|
throw error;
|
|
}
|
|
}
|
|
|
|
; // Attempt to log in with a password.
|
|
//
|
|
// @param selector {String|Object} One of the following:
|
|
// - {username: (username)}
|
|
// - {email: (email)}
|
|
// - a string which may be a username or email, depending on whether
|
|
// it contains "@".
|
|
// @param password {String}
|
|
// @param callback {Function(error|undefined)}
|
|
|
|
/**
|
|
* @summary Log the user in with a password.
|
|
* @locus Client
|
|
* @param {Object | String} user
|
|
* Either a string interpreted as a username or an email; or an object with a
|
|
* single key: `email`, `username` or `id`. Username or email match in a case
|
|
* insensitive manner.
|
|
* @param {String} password The user's password.
|
|
* @param {Function} [callback] Optional callback.
|
|
* Called with no arguments on success, or with a single `Error` argument
|
|
* on failure.
|
|
* @importFromPackage meteor
|
|
*/
|
|
|
|
Meteor.loginWithPassword = function (selector, password, callback) {
|
|
if (typeof selector === 'string') if (selector.indexOf('@') === -1) selector = {
|
|
username: selector
|
|
};else selector = {
|
|
email: selector
|
|
};
|
|
Accounts.callLoginMethod({
|
|
methodArguments: [{
|
|
user: selector,
|
|
password: Accounts._hashPassword(password)
|
|
}],
|
|
userCallback: function (error, result) {
|
|
if (error && error.error === 400 && error.reason === 'old password format') {
|
|
// The "reason" string should match the error thrown in the
|
|
// password login handler in password_server.js.
|
|
// XXX COMPAT WITH 0.8.1.3
|
|
// If this user's last login was with a previous version of
|
|
// Meteor that used SRP, then the server throws this error to
|
|
// indicate that we should try again. The error includes the
|
|
// user's SRP identity. We provide a value derived from the
|
|
// identity and the password to prove to the server that we know
|
|
// the password without requiring a full SRP flow, as well as
|
|
// SHA256(password), which the server bcrypts and stores in
|
|
// place of the old SRP information for this user.
|
|
srpUpgradePath({
|
|
upgradeError: error,
|
|
userSelector: selector,
|
|
plaintextPassword: password
|
|
}, callback);
|
|
} else if (error) {
|
|
reportError(error, callback);
|
|
} else {
|
|
callback && callback();
|
|
}
|
|
}
|
|
});
|
|
};
|
|
|
|
Accounts._hashPassword = function (password) {
|
|
return {
|
|
digest: SHA256(password),
|
|
algorithm: "sha-256"
|
|
};
|
|
}; // XXX COMPAT WITH 0.8.1.3
|
|
// The server requested an upgrade from the old SRP password format,
|
|
// so supply the needed SRP identity to login. Options:
|
|
// - upgradeError: the error object that the server returned to tell
|
|
// us to upgrade from SRP to bcrypt.
|
|
// - userSelector: selector to retrieve the user object
|
|
// - plaintextPassword: the password as a string
|
|
|
|
|
|
var srpUpgradePath = function (options, callback) {
|
|
var details;
|
|
|
|
try {
|
|
details = EJSON.parse(options.upgradeError.details);
|
|
} catch (e) {}
|
|
|
|
if (!(details && details.format === 'srp')) {
|
|
reportError(new Meteor.Error(400, "Password is old. Please reset your " + "password."), callback);
|
|
} else {
|
|
Accounts.callLoginMethod({
|
|
methodArguments: [{
|
|
user: options.userSelector,
|
|
srp: SHA256(details.identity + ":" + options.plaintextPassword),
|
|
password: Accounts._hashPassword(options.plaintextPassword)
|
|
}],
|
|
userCallback: callback
|
|
});
|
|
}
|
|
}; // Attempt to log in as a new user.
|
|
|
|
/**
|
|
* @summary Create a new user.
|
|
* @locus Anywhere
|
|
* @param {Object} options
|
|
* @param {String} options.username A unique name for this user.
|
|
* @param {String} options.email The user's email address.
|
|
* @param {String} options.password The user's password. This is __not__ sent in plain text over the wire.
|
|
* @param {Object} options.profile The user's profile, typically including the `name` field.
|
|
* @param {Function} [callback] Client only, optional callback. Called with no arguments on success, or with a single `Error` argument on failure.
|
|
* @importFromPackage accounts-base
|
|
*/
|
|
|
|
|
|
Accounts.createUser = function (options, callback) {
|
|
options = _.clone(options); // we'll be modifying options
|
|
|
|
if (typeof options.password !== 'string') throw new Error("options.password must be a string");
|
|
|
|
if (!options.password) {
|
|
return reportError(new Meteor.Error(400, "Password may not be empty"), callback);
|
|
} // Replace password with the hashed password.
|
|
|
|
|
|
options.password = Accounts._hashPassword(options.password);
|
|
Accounts.callLoginMethod({
|
|
methodName: 'createUser',
|
|
methodArguments: [options],
|
|
userCallback: callback
|
|
});
|
|
}; // Change password. Must be logged in.
|
|
//
|
|
// @param oldPassword {String|null} By default servers no longer allow
|
|
// changing password without the old password, but they could so we
|
|
// support passing no password to the server and letting it decide.
|
|
// @param newPassword {String}
|
|
// @param callback {Function(error|undefined)}
|
|
|
|
/**
|
|
* @summary Change the current user's password. Must be logged in.
|
|
* @locus Client
|
|
* @param {String} oldPassword The user's current password. This is __not__ sent in plain text over the wire.
|
|
* @param {String} newPassword A new password for the user. This is __not__ sent in plain text over the wire.
|
|
* @param {Function} [callback] Optional callback. Called with no arguments on success, or with a single `Error` argument on failure.
|
|
* @importFromPackage accounts-base
|
|
*/
|
|
|
|
|
|
Accounts.changePassword = function (oldPassword, newPassword, callback) {
|
|
if (!Meteor.user()) {
|
|
return reportError(new Error("Must be logged in to change password."), callback);
|
|
}
|
|
|
|
check(newPassword, String);
|
|
|
|
if (!newPassword) {
|
|
return reportError(new Meteor.Error(400, "Password may not be empty"), callback);
|
|
}
|
|
|
|
Accounts.connection.apply('changePassword', [oldPassword ? Accounts._hashPassword(oldPassword) : null, Accounts._hashPassword(newPassword)], function (error, result) {
|
|
if (error || !result) {
|
|
if (error && error.error === 400 && error.reason === 'old password format') {
|
|
// XXX COMPAT WITH 0.8.1.3
|
|
// The server is telling us to upgrade from SRP to bcrypt, as
|
|
// in Meteor.loginWithPassword.
|
|
srpUpgradePath({
|
|
upgradeError: error,
|
|
userSelector: {
|
|
id: Meteor.userId()
|
|
},
|
|
plaintextPassword: oldPassword
|
|
}, function (err) {
|
|
if (err) {
|
|
reportError(err, callback);
|
|
} else {
|
|
// Now that we've successfully migrated from srp to
|
|
// bcrypt, try changing the password again.
|
|
Accounts.changePassword(oldPassword, newPassword, callback);
|
|
}
|
|
});
|
|
} else {
|
|
// A normal error, not an error telling us to upgrade to bcrypt
|
|
reportError(error || new Error("No result from changePassword."), callback);
|
|
}
|
|
} else {
|
|
callback && callback();
|
|
}
|
|
});
|
|
}; // Sends an email to a user with a link that can be used to reset
|
|
// their password
|
|
//
|
|
// @param options {Object}
|
|
// - email: (email)
|
|
// @param callback (optional) {Function(error|undefined)}
|
|
|
|
/**
|
|
* @summary Request a forgot password email.
|
|
* @locus Client
|
|
* @param {Object} options
|
|
* @param {String} options.email The email address to send a password reset link.
|
|
* @param {Function} [callback] Optional callback. Called with no arguments on success, or with a single `Error` argument on failure.
|
|
* @importFromPackage accounts-base
|
|
*/
|
|
|
|
|
|
Accounts.forgotPassword = function (options, callback) {
|
|
if (!options.email) {
|
|
return reportError(new Meteor.Error(400, "Must pass options.email"), callback);
|
|
}
|
|
|
|
if (callback) {
|
|
Accounts.connection.call("forgotPassword", options, callback);
|
|
} else {
|
|
Accounts.connection.call("forgotPassword", options);
|
|
}
|
|
}; // Resets a password based on a token originally created by
|
|
// Accounts.forgotPassword, and then logs in the matching user.
|
|
//
|
|
// @param token {String}
|
|
// @param newPassword {String}
|
|
// @param callback (optional) {Function(error|undefined)}
|
|
|
|
/**
|
|
* @summary Reset the password for a user using a token received in email. Logs the user in afterwards.
|
|
* @locus Client
|
|
* @param {String} token The token retrieved from the reset password URL.
|
|
* @param {String} newPassword A new password for the user. This is __not__ sent in plain text over the wire.
|
|
* @param {Function} [callback] Optional callback. Called with no arguments on success, or with a single `Error` argument on failure.
|
|
* @importFromPackage accounts-base
|
|
*/
|
|
|
|
|
|
Accounts.resetPassword = function (token, newPassword, callback) {
|
|
check(token, String);
|
|
check(newPassword, String);
|
|
|
|
if (!newPassword) {
|
|
return reportError(new Meteor.Error(400, "Password may not be empty"), callback);
|
|
}
|
|
|
|
Accounts.callLoginMethod({
|
|
methodName: 'resetPassword',
|
|
methodArguments: [token, Accounts._hashPassword(newPassword)],
|
|
userCallback: callback
|
|
});
|
|
}; // Verifies a user's email address based on a token originally
|
|
// created by Accounts.sendVerificationEmail
|
|
//
|
|
// @param token {String}
|
|
// @param callback (optional) {Function(error|undefined)}
|
|
|
|
/**
|
|
* @summary Marks the user's email address as verified. Logs the user in afterwards.
|
|
* @locus Client
|
|
* @param {String} token The token retrieved from the verification URL.
|
|
* @param {Function} [callback] Optional callback. Called with no arguments on success, or with a single `Error` argument on failure.
|
|
* @importFromPackage accounts-base
|
|
*/
|
|
|
|
|
|
Accounts.verifyEmail = function (token, callback) {
|
|
if (!token) {
|
|
return reportError(new Meteor.Error(400, "Need to pass token"), callback);
|
|
}
|
|
|
|
Accounts.callLoginMethod({
|
|
methodName: 'verifyEmail',
|
|
methodArguments: [token],
|
|
userCallback: callback
|
|
});
|
|
};
|
|
////////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
|
|
|
}}}}},{
|
|
"extensions": [
|
|
".js",
|
|
".json"
|
|
]
|
|
});
|
|
require("/node_modules/meteor/accounts-password/password_client.js");
|
|
|
|
/* Exports */
|
|
Package._define("accounts-password");
|
|
|
|
})();
|