1 | const { HttpStatusError } = require('common-errors');
|
2 |
|
3 | module.exports = exports = {
|
4 |
|
5 | USERS_INDEX: 'user-iterator-set',
|
6 | USERS_PUBLIC_INDEX: 'users-public',
|
7 | USERS_REFERRAL_INDEX: 'users-referral',
|
8 | ORGANIZATIONS_INDEX: 'organization-iterator-set',
|
9 |
|
10 | USERS_ALIAS_TO_ID: 'users-alias',
|
11 | USERS_SSO_TO_ID: 'users-sso-hash',
|
12 | USERS_USERNAME_TO_ID: 'users-username',
|
13 | ORGANIZATIONS_NAME_TO_ID: 'organization-name',
|
14 |
|
15 |
|
16 | USERS_REF: 'users-ref',
|
17 |
|
18 |
|
19 | USERS_DATA: 'data',
|
20 | USERS_METADATA: 'metadata',
|
21 | USERS_TOKENS: 'tokens',
|
22 | USERS_API_TOKENS: 'api-tokens',
|
23 | USERS_API_TOKENS_ZSET: 'api-tokens-set',
|
24 | USERS_MFA_FLAG: 'mfa',
|
25 | USERS_MFA_RECOVERY: 'mfa-recovery',
|
26 | USERS_ORGANIZATIONS: 'user-organizations',
|
27 | ORGANIZATIONS_DATA: 'data',
|
28 | ORGANIZATIONS_METADATA: 'metadata',
|
29 | ORGANIZATIONS_MEMBERS: 'members',
|
30 |
|
31 |
|
32 | USERS_ID_FIELD: 'id',
|
33 | USERS_ALIAS_FIELD: 'alias',
|
34 | USERS_BANNED_FLAG: 'ban',
|
35 | USERS_ACTIVE_FLAG: 'active',
|
36 | USERS_ADMIN_ROLE: 'admin',
|
37 | USERS_SUPER_ADMIN_ROLE: 'root',
|
38 | USERS_TESTER_ROLE: 'tester',
|
39 | USERS_BANNED_DATA: 'bannedData',
|
40 | USERS_CREATED_FIELD: 'created',
|
41 | USERS_ACTIVATED_FIELD: 'aa',
|
42 | USERS_USERNAME_FIELD: 'username',
|
43 | USERS_IS_ORG_FIELD: 'org',
|
44 | USERS_PASSWORD_FIELD: 'password',
|
45 | USERS_NEXT_CYCLE_FIELD: 'nextCycle',
|
46 | USERS_REFERRAL_FIELD: 'referral',
|
47 | USERS_SSO_FACEBOOK_FIELD: 'facebook',
|
48 | ORGANIZATIONS_ID_FIELD: 'id',
|
49 | ORGANIZATIONS_CREATED_FIELD: 'created',
|
50 | ORGANIZATIONS_NAME_FIELD: 'name',
|
51 | ORGANIZATIONS_ACTIVE_FLAG: 'active',
|
52 |
|
53 |
|
54 | BEARER_USERNAME_FIELD: 'userId',
|
55 | BEARER_LEGACY_USERNAME_FIELD: 'username',
|
56 |
|
57 |
|
58 | ERROR_AUTH_REQUIRED: new HttpStatusError(401, 'authentication required'),
|
59 | USERS_CREDENTIALS_REQUIRED_ERROR: new HttpStatusError(401, 'Credentials Required'),
|
60 | USERS_DISPOSABLE_PASSWORD_MIA: new HttpStatusError(403, 'Invalid or Expired Password'),
|
61 | USERS_INCORRECT_PASSWORD: new HttpStatusError(403, 'incorrect password'),
|
62 | USERS_AUDIENCE_MISMATCH: new HttpStatusError(403, 'audience mismatch'),
|
63 | USERS_INVALID_TOKEN: new HttpStatusError(403, 'invalid token'),
|
64 | USERS_MALFORMED_TOKEN: new HttpStatusError(403, 'malformed token'),
|
65 | USER_ALREADY_ACTIVE: new HttpStatusError(417, 'this user is already active'),
|
66 | ErrorAccountLocked: new HttpStatusError(423, 'Account has been locked'),
|
67 | ErrorConflictUserExists: new HttpStatusError(409, 'user already exists'),
|
68 | ErrorConflictOrganizationExists: new HttpStatusError(409, 'organization already exists'),
|
69 | ErrorOrganizationNotFound: new HttpStatusError(404, 'organization not found'),
|
70 | ErrorTotpRequired: Object.defineProperty(
|
71 | new HttpStatusError(403, 'TOTP required'),
|
72 | 'credentials',
|
73 | { enumerable: false, writable: true }
|
74 | ),
|
75 | ErrorTotpInvalid: new HttpStatusError(403, 'TOTP invalid'),
|
76 | ErrorSecretRequired: new HttpStatusError(403, 'Secret required'),
|
77 | ErrorUserNotFound: new HttpStatusError(404, 'username not found'),
|
78 | ErrorUserNotMember: new HttpStatusError(404, 'username not member of organization'),
|
79 | ErrorInvitationExpiredOrUsed: new HttpStatusError(400, 'Invitation has expired or already been used'),
|
80 |
|
81 |
|
82 | USERS_ACTION_ACTIVATE: 'activate',
|
83 | USERS_ACTION_DISPOSABLE_PASSWORD: 'disposable-password',
|
84 | USERS_ACTION_PASSWORD: 'password',
|
85 | USERS_ACTION_RESET: 'reset',
|
86 | USERS_ACTION_REGISTER: 'register',
|
87 | USERS_ACTION_INVITE: 'invite',
|
88 | USERS_ACTION_ORGANIZATION_INVITE: 'organization-user-invite',
|
89 | USERS_ACTION_ORGANIZATION_REGISTER: 'organization-user-register',
|
90 |
|
91 |
|
92 | INVITATIONS_INDEX: 'user-invitations',
|
93 | ORGANIZATIONS_INVITATIONS_INDEX: 'organization-invitations',
|
94 |
|
95 |
|
96 | TOKEN_METADATA_FIELD_METADATA: '1',
|
97 | TOKEN_METADATA_FIELD_SENDED_AT: '2',
|
98 | TOKEN_METADATA_FIELD_CONTEXT: '3',
|
99 |
|
100 |
|
101 | CHALLENGE_TYPE_EMAIL: 'email',
|
102 | CHALLENGE_TYPE_PHONE: 'phone',
|
103 |
|
104 |
|
105 | MFA_TYPE_REQUIRED: Symbol('required'),
|
106 | MFA_TYPE_OPTIONAL: Symbol('optional'),
|
107 | MFA_TYPE_DISABLED: Symbol('disabled'),
|
108 |
|
109 |
|
110 | lockAlias: (alias) => `users:alias:${alias}`,
|
111 | lockRegister: (username) => `users:register:${username}`,
|
112 | lockOrganization: (organizationName) => `organizations:create:${organizationName}`,
|
113 | };
|
114 |
|
115 |
|
116 | exports.ErrorConflictUserExists.code = 'E_USERNAME_CONFLICT';
|
117 | exports.ErrorTotpRequired.code = 'E_TOTP_REQUIRED';
|
118 | exports.ErrorTotpInvalid.code = 'E_TOTP_INVALID';
|
119 | exports.ErrorSecretRequired.code = 'E_TOTP_NOSECRET';
|
120 |
|
121 | exports.SSO_PROVIDERS = [
|
122 | exports.USERS_SSO_FACEBOOK_FIELD,
|
123 | ];
|
124 |
|
125 | exports.FIELDS_TO_STRINGIFY = [
|
126 | exports.USERS_SSO_FACEBOOK_FIELD,
|
127 | ];
|