ITCSsDeveloper
diff --git a/‎OpenFlow/src/Ace.ts‎
Lines changed: 0 additions & 77 deletions b/‎OpenFlow/src/Ace.ts‎
Lines changed: 0 additions & 77 deletions
diff --git a/‎OpenFlow/src/Audit.ts‎
Lines changed: 6 additions & 6 deletions b/‎OpenFlow/src/Audit.ts‎
Lines changed: 6 additions & 6 deletions
diff --git a/‎OpenFlow/src/Auth.ts‎
Lines changed: 8 additions & 11 deletions b/‎OpenFlow/src/Auth.ts‎
Lines changed: 8 additions & 11 deletions
diff --git a/‎OpenFlow/src/Config.ts‎
Lines changed: 3 additions & 5 deletions b/‎OpenFlow/src/Config.ts‎
Lines changed: 3 additions & 5 deletions
diff --git a/‎OpenFlow/src/Crypt.ts‎
Lines changed: 27 additions & 11 deletions b/‎OpenFlow/src/Crypt.ts‎
Lines changed: 27 additions & 11 deletions
@@ -1,6 +1,6 @@
-import { Base, Rights } from "./base";
 import { Config } from "./Config";
-import { TokenUser } from "./TokenUser";
+import { TokenUser, Base, Rights } from "openflow-api";
+import { Crypt } from "./Crypt";
 
 export class Audit {
     public static LoginSuccess(user: TokenUser, type: string, provider: string, remoteip: string, clientagent: string, clientversion: string) {
@@ -15,7 +15,7 @@ export class Audit {
         log.username = user.username;
         log.clientagent = clientagent;
         log.clientversion = clientversion;
-        Config.db.InsertOne(log, "audit", 0, false, TokenUser.rootToken())
+        Config.db.InsertOne(log, "audit", 0, false, Crypt.rootToken())
             .catch((error) => console.error("failed InsertOne in LoginSuccess: " + error));
     }
     public static ImpersonateSuccess(user: TokenUser, impostor: TokenUser, clientagent: string, clientversion: string) {
@@ -32,7 +32,7 @@ export class Audit {
         log.impostorusername = impostor.username;
         log.clientagent = clientagent;
         log.clientversion = clientversion;
-        Config.db.InsertOne(log, "audit", 0, false, TokenUser.rootToken())
+        Config.db.InsertOne(log, "audit", 0, false, Crypt.rootToken())
             .catch((error) => console.error("failed InsertOne in ImpersonateSuccess: " + error));
     }
     public static ImpersonateFailed(user: TokenUser, impostor: TokenUser, clientagent: string, clientversion: string) {
@@ -48,7 +48,7 @@ export class Audit {
         log.impostorname = impostor.name;
         log.clientagent = clientagent;
         log.clientversion = clientversion;
-        Config.db.InsertOne(log, "audit", 0, false, TokenUser.rootToken())
+        Config.db.InsertOne(log, "audit", 0, false, Crypt.rootToken())
             .catch((error) => console.error("failed InsertOne in ImpersonateFailed: " + error));
     }
     public static LoginFailed(username: string, type: string, provider: string, remoteip: string, clientagent: string, clientversion: string) {
@@ -61,7 +61,7 @@ export class Audit {
         log.username = username;
         log.clientagent = clientagent;
         log.clientversion = clientversion;
-        Config.db.InsertOne(log, "audit", 0, false, TokenUser.rootToken())
+        Config.db.InsertOne(log, "audit", 0, false, Crypt.rootToken())
             .catch((error) => console.error("failed InsertOne in LoginFailed: " + error));
     }
 }
 
@@ -1,16 +1,13 @@
-import { User } from "./User";
-import { DatabaseConnection } from "./DatabaseConnection";
-import { TokenUser } from "./TokenUser";
 import { Crypt } from "./Crypt";
-
+import { User } from "openflow-api";
+import { DBHelper } from "./DBHelper";
 export class Auth {
-
-    public static async ValidateByPassword(username:string, password:string): Promise<User> {
-        if(username===null||username===undefined||username==="") { throw Error("Username cannot be null"); }
-        if(password===null||password===undefined||password==="") { throw Error("Password cannot be null"); }
-        var user: User = await User.FindByUsername(username);
-        if(user===null || user===undefined) { return null; }
-        if((await Crypt.compare(password, user.passwordhash)) !== true) { return null; }
+    public static async ValidateByPassword(username: string, password: string): Promise<User> {
+        if (username === null || username === undefined || username === "") { throw Error("Username cannot be null"); }
+        if (password === null || password === undefined || password === "") { throw Error("Password cannot be null"); }
+        var user: User = await DBHelper.FindByUsername(username);
+        if (user === null || user === undefined) { return null; }
+        if ((await Crypt.compare(password, user.passwordhash)) !== true) { return null; }
         return user;
     }
 }
@@ -3,10 +3,8 @@ import * as fs from "fs";
 import * as retry from "async-retry";
 import { json } from "body-parser";
 import { DatabaseConnection } from "./DatabaseConnection";
-import { Provider } from "./LoginProvider";
-import { TokenUser } from "./TokenUser";
 import { Logger } from "./Logger";
-import { Util } from "./Util";
+import { NoderedUtil } from "openflow-api";
 
 export class Config {
     public static reload(): void {
@@ -166,7 +164,7 @@ export class Config {
         return result;
     }
     // public static async get_login_providers():Promise<void> {
-    //     this.login_providers = await Config.db.query<Provider>({_type: "provider"}, null, 1, 0, null, "config", TokenUser.rootToken());
+    //     this.login_providers = await Config.db.query<Provider>({_type: "provider"}, null, 1, 0, null, "config", Crypt.rootToken());
     //     // if(this.login_providers.length > 0) { return; }
     //     if(fs.existsSync("config/login_providers.json")) {
     //         // this.login_providers = JSON.parse(fs.readFileSync("config/login_providers.json", "utf8"));
@@ -181,7 +179,7 @@ export class Config {
         // if anything throws, we retry
         var metadata: any = await retry(async bail => {
             var reader: any = await fetch({ url });
-            if (Util.IsNullUndefinded(reader)) { bail(new Error("Failed getting result")); return; }
+            if (NoderedUtil.IsNullUndefinded(reader)) { bail(new Error("Failed getting result")); return; }
             var config: any = toPassportConfig(reader);
             // we need this, for Office 365 :-/
             if (reader.signingCerts && reader.signingCerts.length > 1) {
 
@@ -1,25 +1,35 @@
 import * as crypto from "crypto";
 import * as bcrypt from "bcryptjs";
 import * as jsonwebtoken from "jsonwebtoken";
-import { Base } from "./base";
-import { TokenUser } from "./TokenUser";
-import { User } from "./User";
 import { Config } from "./Config";
-import { Util } from "./Util";
-
+import { NoderedUtil, TokenUser, WellknownIds, Rolemember, User } from "openflow-api";
 export class Crypt {
     static encryption_key: string = Config.aes_secret.substr(0, 32); // must be 256 bytes (32 characters)
     static iv_length: number = 16; // for AES, this is always 16
     static bcrypt_salt_rounds: number = 12;
-
+    static rootUser(): User {
+        var result: User = new User();
+        result._type = "user"; result.name = "root"; result.username = "root"; result._id = WellknownIds.root;
+        result.roles = []; result.roles.push(new Rolemember("admins", WellknownIds.admins));
+        return result;
+    }
+    static rootToken(): string {
+        return Crypt.createToken(this.rootUser(), Config.shorttoken_expires_in);
+    }
+    public static async SetPassword(user: User, password: string): Promise<void> {
+        user.passwordhash = await Crypt.hash(password);
+        if (!(this.ValidatePassword(user, password))) { throw new Error("Failed validating password after hasing"); }
+    }
+    public static async ValidatePassword(user: User, password: string): Promise<boolean> {
+        return await Crypt.compare(password, user.passwordhash);
+    }
     static encrypt(text: string): string {
         let iv: Buffer = crypto.randomBytes(Crypt.iv_length);
         let cipher: crypto.Cipher = crypto.createCipheriv("aes-256-cbc", Buffer.from(Crypt.encryption_key), iv);
         let encrypted: Buffer = cipher.update((text as any));
         encrypted = Buffer.concat([encrypted, cipher.final()]);
         return iv.toString("hex") + ":" + encrypted.toString("hex");
     }
-
     static decrypt(text: string): string {
         let textParts: string[] = text.split(":");
         let iv: Buffer = Buffer.from(textParts.shift(), "hex");
@@ -29,7 +39,6 @@ export class Crypt {
         decrypted = Buffer.concat([decrypted, decipher.final()]);
         return decrypted.toString();
     }
-
     static async hash(password: string): Promise<string> {
         return new Promise<string>(async (resolve, reject) => {
             try {
@@ -45,8 +54,8 @@ export class Crypt {
     static async compare(password: string, passwordhash: string): Promise<boolean> {
         return new Promise<boolean>(async (resolve, reject) => {
             try {
-                if (Util.IsNullEmpty(password)) { return reject("Password cannot be empty"); }
-                if (Util.IsNullEmpty(passwordhash)) { return reject("Passwordhash cannot be empty"); }
+                if (NoderedUtil.IsNullEmpty(password)) { return reject("Password cannot be empty"); }
+                if (NoderedUtil.IsNullEmpty(passwordhash)) { return reject("Passwordhash cannot be empty"); }
                 bcrypt.compare(password, passwordhash, async (error, res) => {
                     if (error) { return reject(error); }
                     resolve(res);
@@ -57,7 +66,14 @@ export class Crypt {
         });
     }
     static createToken(item: User | TokenUser, expiresIn: string): string {
-        var user: TokenUser = new TokenUser(item);
+        var user: TokenUser = new TokenUser();
+        user._type = (item as User)._type;
+        user._id = item._id;
+        user.impostor = (item as TokenUser).impostor;
+        user.name = item.name;
+        user.username = item.username;
+        user.roles = item.roles;
+
         var token: string = jsonwebtoken.sign({ data: user }, Crypt.encryption_key,
             { expiresIn: expiresIn }); // 60 (seconds), "2 days", "10h", "7d"
         return token;