269 lines
No EOL
9.1 KiB
JavaScript
269 lines
No EOL
9.1 KiB
JavaScript
const Service = require('../service.js');
|
|
|
|
class Auth extends Service {
|
|
|
|
/**
|
|
* Login
|
|
*
|
|
* Allow the user to login into his account by providing a valid email and
|
|
* password combination. Use the success and failure arguments to provide a
|
|
* redirect URL\'s back to your app when login is completed.
|
|
*
|
|
* Please notice that in order to avoid a [Redirect
|
|
* Attack](https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md)
|
|
* the only valid redirect URLs are the ones from domains you have set when
|
|
* adding your platforms in the console interface.
|
|
*
|
|
* When accessing this route using Javascript from the browser, success and
|
|
* failure parameter URLs are required. Appwrite server will respond with a
|
|
* 301 redirect status code and will set the user session cookie. This
|
|
* behavior is enforced because modern browsers are limiting 3rd party cookies
|
|
* in XHR of fetch requests to protect user privacy.
|
|
*
|
|
* @param string email
|
|
* @param string password
|
|
* @param string success
|
|
* @param string failure
|
|
* @throws Exception
|
|
* @return {}
|
|
*/
|
|
async login(email, password, success = '', failure = '') {
|
|
let path = '/auth/login';
|
|
|
|
return await this.client.call('post', path, {
|
|
'content-type': 'application/json',
|
|
},
|
|
{
|
|
'email': email,
|
|
'password': password,
|
|
'success': success,
|
|
'failure': failure
|
|
});
|
|
}
|
|
|
|
/**
|
|
* Login with OAuth
|
|
*
|
|
* @param string provider
|
|
* @param string success
|
|
* @param string failure
|
|
* @throws Exception
|
|
* @return {}
|
|
*/
|
|
async oauth(provider, success, failure) {
|
|
let path = '/auth/login/oauth/{provider}'.replace(new RegExp('{provider}', 'g'), provider);
|
|
|
|
return await this.client.call('get', path, {
|
|
'content-type': 'application/json',
|
|
},
|
|
{
|
|
'success': success,
|
|
'failure': failure
|
|
});
|
|
}
|
|
|
|
/**
|
|
* Logout Current Session
|
|
*
|
|
* Use this endpoint to log out the currently logged in user from his account.
|
|
* When successful this endpoint will delete the user session and remove the
|
|
* session secret cookie from the user client.
|
|
*
|
|
* @throws Exception
|
|
* @return {}
|
|
*/
|
|
async logout() {
|
|
let path = '/auth/logout';
|
|
|
|
return await this.client.call('delete', path, {
|
|
'content-type': 'application/json',
|
|
},
|
|
{
|
|
});
|
|
}
|
|
|
|
/**
|
|
* Logout Specific Session
|
|
*
|
|
* Use this endpoint to log out the currently logged in user from all his
|
|
* account sessions across all his different devices. When using the option id
|
|
* argument, only the session unique ID provider will be deleted.
|
|
*
|
|
* @param string id
|
|
* @throws Exception
|
|
* @return {}
|
|
*/
|
|
async logoutBySession(id) {
|
|
let path = '/auth/logout/{id}'.replace(new RegExp('{id}', 'g'), id);
|
|
|
|
return await this.client.call('delete', path, {
|
|
'content-type': 'application/json',
|
|
},
|
|
{
|
|
});
|
|
}
|
|
|
|
/**
|
|
* Password Recovery
|
|
*
|
|
* Sends the user an email with a temporary secret token for password reset.
|
|
* When the user clicks the confirmation link he is redirected back to your
|
|
* app password reset redirect URL with a secret token and email address
|
|
* values attached to the URL query string. Use the query string params to
|
|
* submit a request to the /auth/password/reset endpoint to complete the
|
|
* process.
|
|
*
|
|
* @param string email
|
|
* @param string reset
|
|
* @throws Exception
|
|
* @return {}
|
|
*/
|
|
async recovery(email, reset) {
|
|
let path = '/auth/recovery';
|
|
|
|
return await this.client.call('post', path, {
|
|
'content-type': 'application/json',
|
|
},
|
|
{
|
|
'email': email,
|
|
'reset': reset
|
|
});
|
|
}
|
|
|
|
/**
|
|
* Password Reset
|
|
*
|
|
* Use this endpoint to complete the user account password reset. Both the
|
|
* **userId** and **token** arguments will be passed as query parameters to
|
|
* the redirect URL you have provided when sending your request to the
|
|
* /auth/recovery endpoint.
|
|
*
|
|
* Please notice that in order to avoid a [Redirect
|
|
* Attack](https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md)
|
|
* the only valid redirect URLs are the ones from domains you have set when
|
|
* adding your platforms in the console interface.
|
|
*
|
|
* @param string userId
|
|
* @param string token
|
|
* @param string passwordA
|
|
* @param string passwordB
|
|
* @throws Exception
|
|
* @return {}
|
|
*/
|
|
async recoveryReset(userId, token, passwordA, passwordB) {
|
|
let path = '/auth/recovery/reset';
|
|
|
|
return await this.client.call('put', path, {
|
|
'content-type': 'application/json',
|
|
},
|
|
{
|
|
'userId': userId,
|
|
'token': token,
|
|
'password-a': passwordA,
|
|
'password-b': passwordB
|
|
});
|
|
}
|
|
|
|
/**
|
|
* Register
|
|
*
|
|
* Use this endpoint to allow a new user to register an account in your
|
|
* project. Use the success and failure URLs to redirect users back to your
|
|
* application after signup completes.
|
|
*
|
|
* If registration completes successfully user will be sent with a
|
|
* confirmation email in order to confirm he is the owner of the account email
|
|
* address. Use the confirmation parameter to redirect the user from the
|
|
* confirmation email back to your app. When the user is redirected, use the
|
|
* /auth/confirm endpoint to complete the account confirmation.
|
|
*
|
|
* Please notice that in order to avoid a [Redirect
|
|
* Attack](https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md)
|
|
* the only valid redirect URLs are the ones from domains you have set when
|
|
* adding your platforms in the console interface.
|
|
*
|
|
* When accessing this route using Javascript from the browser, success and
|
|
* failure parameter URLs are required. Appwrite server will respond with a
|
|
* 301 redirect status code and will set the user session cookie. This
|
|
* behavior is enforced because modern browsers are limiting 3rd party cookies
|
|
* in XHR of fetch requests to protect user privacy.
|
|
*
|
|
* @param string email
|
|
* @param string password
|
|
* @param string confirm
|
|
* @param string success
|
|
* @param string failure
|
|
* @param string name
|
|
* @throws Exception
|
|
* @return {}
|
|
*/
|
|
async register(email, password, confirm, success = '', failure = '', name = '') {
|
|
let path = '/auth/register';
|
|
|
|
return await this.client.call('post', path, {
|
|
'content-type': 'application/json',
|
|
},
|
|
{
|
|
'email': email,
|
|
'password': password,
|
|
'confirm': confirm,
|
|
'success': success,
|
|
'failure': failure,
|
|
'name': name
|
|
});
|
|
}
|
|
|
|
/**
|
|
* Confirmation
|
|
*
|
|
* Use this endpoint to complete the confirmation of the user account email
|
|
* address. Both the **userId** and **token** arguments will be passed as
|
|
* query parameters to the redirect URL you have provided when sending your
|
|
* request to the /auth/register endpoint.
|
|
*
|
|
* @param string userId
|
|
* @param string token
|
|
* @throws Exception
|
|
* @return {}
|
|
*/
|
|
async confirm(userId, token) {
|
|
let path = '/auth/register/confirm';
|
|
|
|
return await this.client.call('post', path, {
|
|
'content-type': 'application/json',
|
|
},
|
|
{
|
|
'userId': userId,
|
|
'token': token
|
|
});
|
|
}
|
|
|
|
/**
|
|
* Resend Confirmation
|
|
*
|
|
* This endpoint allows the user to request your app to resend him his email
|
|
* confirmation message. The redirect arguments act the same way as in
|
|
* /auth/register endpoint.
|
|
*
|
|
* Please notice that in order to avoid a [Redirect
|
|
* Attack](https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md)
|
|
* the only valid redirect URLs are the ones from domains you have set when
|
|
* adding your platforms in the console interface.
|
|
*
|
|
* @param string confirm
|
|
* @throws Exception
|
|
* @return {}
|
|
*/
|
|
async confirmResend(confirm) {
|
|
let path = '/auth/register/confirm/resend';
|
|
|
|
return await this.client.call('post', path, {
|
|
'content-type': 'application/json',
|
|
},
|
|
{
|
|
'confirm': confirm
|
|
});
|
|
}
|
|
}
|
|
|
|
module.exports = Auth; |