106 lines
3.4 KiB
JavaScript
106 lines
3.4 KiB
JavaScript
/*
|
|
* This file is part of the authRxbn eco-system.
|
|
*
|
|
* (c) Ruben Meyer <contact@rxbn.de>
|
|
*
|
|
* For the full copyright and license information, please view the LICENSE
|
|
* file that was distributed with this source code.
|
|
*/
|
|
|
|
var mongoose = require('mongoose');
|
|
var models = {};
|
|
|
|
const Schema = mongoose.Schema;
|
|
const ObjectId = Schema.ObjectId;
|
|
|
|
// user
|
|
models.user = new Schema({
|
|
nickname: String, // Nickname
|
|
email: {
|
|
type: String,
|
|
validate: [
|
|
{ validator: function(value) {
|
|
// @url: http://emailregex.com/
|
|
let regex = /^(([^<>()\[\]\.,;:\s@\"]+(\.[^<>()\[\]\.,;:\s@\"]+)*)|(\".+\"))@(([^<>()[\]\.,;:\s@\"]+\.)+[^<>()[\]\.,;:\s@\"]{2,})$/i;
|
|
return regex.test(value);
|
|
}
|
|
}
|
|
]
|
|
},
|
|
passhash: String, // hashed password (String + separator + Salt)
|
|
token: { // last remember me cookie; removed feature
|
|
type: String,
|
|
default: ""
|
|
},
|
|
mfa: { // multi factor authentication
|
|
active: {type: Boolean, default: false},
|
|
data: {type: Array, default: [ // add each mfa type
|
|
//{
|
|
// no: 0,
|
|
// type: "TOTP"||"HOTP"||"WebAuthn",
|
|
// data: "32CharHex"||"32CharHex"||"UserPublicKey"
|
|
//}, ...
|
|
]}
|
|
},
|
|
settings: {type: Object, default: {}}, // custom settings (theme etc. pp.)
|
|
roles: {type: String, default: ""}, // user-defined roles and permissions
|
|
group: Schema.Types.ObjectId, // reference to group
|
|
reg_date: {type: Date, default: Date.now}, // registration date
|
|
last_action: {type: Date, default: Date.now}, // last action (activity date)
|
|
});
|
|
|
|
// group
|
|
models.group = new Schema({
|
|
name: String, // recognizable group name; ex. "Administration"
|
|
created: {type: Date, default: Date.now},
|
|
roles: {type: String, default: ""} // roles; separated by commas "a,b,a.b,c.*,d.z.*"
|
|
});
|
|
|
|
// pathRules for access management
|
|
models.pathRules = new Schema({
|
|
group: Schema.Types.ObjectId, // reference to group
|
|
expression: String, // path expression; e.g.: "(/blocks/.*)"
|
|
rule: String, // e.g.: block
|
|
type: String, // e.g: "404", "missing_permission", "login",
|
|
options: {type: Object, default: {}} // more options...
|
|
});
|
|
|
|
// application | service
|
|
models.application = new Schema({
|
|
name: String, // recognizable application name; ex. "passRXBN - Password Manager"
|
|
access: String, // redirected uri; do not trust user input
|
|
secret: String, // application secret; authorize requests
|
|
description: String // service description on dashboard; markdown support
|
|
});
|
|
|
|
// activities
|
|
models.activity = new Schema({
|
|
userId: Schema.Types.ObjectId, // reference to user
|
|
date: { type: Date, default: Date.now},
|
|
uri: { type: String, default: ""}, // full path url e.g. http://localhost/activity_url?a=s
|
|
state: { type: Boolean, default: false } // successed or failed
|
|
});
|
|
|
|
// used authcodes
|
|
models.authCode = new Schema({
|
|
applicationId: Schema.Types.ObjectId, // reference to application
|
|
userId: Schema.Types.ObjectId, // reference to user
|
|
token: String, // generated token, only usable in combination with userId and applicationId
|
|
timestamp: { type: Date, default: Date.now }
|
|
});
|
|
|
|
module.exports = (con) => {
|
|
let mdls = {};
|
|
|
|
// initialize models
|
|
mdls.user = con.model('User', models.user);
|
|
mdls.group = con.model('Group', models.group);
|
|
mdls.pathRules = con.model('PathRules', models.pathRules);
|
|
mdls.application = con.model('Application', models.application);
|
|
mdls.activity = con.model('Activity', models.activity);
|
|
mdls.authCode = con.model('AuthCode', models.authCode);
|
|
|
|
// return models for further processing
|
|
return mdls;
|
|
};
|