diff --git a/backend/src/app.controller.ts b/backend/src/app.controller.ts index 27bf3427..f7b3bc9c 100644 --- a/backend/src/app.controller.ts +++ b/backend/src/app.controller.ts @@ -4,7 +4,7 @@ import { PrismaService } from "./prisma/prisma.service"; @Controller("/") export class AppController { - constructor(private prismaService: PrismaService) { } + constructor(private prismaService: PrismaService) {} @Get("health") async health(@Res({ passthrough: true }) res: Response) { diff --git a/backend/src/auth/auth.service.ts b/backend/src/auth/auth.service.ts index 5d5de704..20c78867 100644 --- a/backend/src/auth/auth.service.ts +++ b/backend/src/auth/auth.service.ts @@ -29,7 +29,7 @@ export class AuthService { private emailService: EmailService, private ldapService: LdapService, private userService: UserSevice, - ) { } + ) {} private readonly logger = new Logger(AuthService.name); async signUp(dto: AuthRegisterDTO, ip: string, isAdmin?: boolean) { @@ -88,8 +88,8 @@ export class AuthService { if (this.config.get("ldap.enabled")) { /* * E-mail-like user credentials are passed as the email property - * instead of the username. Since the username format does not matter - * when searching for users in LDAP, we simply use the username + * instead of the username. Since the username format does not matter + * when searching for users in LDAP, we simply use the username * in whatever format it is provided. */ const ldapUsername = dto.username || dto.email; @@ -99,10 +99,7 @@ export class AuthService { dto.password, ); if (ldapUser) { - const user = await this.userService.findOrCreateFromLDAP( - dto, - ldapUser, - ); + const user = await this.userService.findOrCreateFromLDAP(dto, ldapUser); this.logger.log( `Successful LDAP login for user ${ldapUsername} (${user.id}) from IP ${ip}`, ); diff --git a/backend/src/auth/ldap.service.ts b/backend/src/auth/ldap.service.ts index 866db188..bfae7329 100644 --- a/backend/src/auth/ldap.service.ts +++ b/backend/src/auth/ldap.service.ts @@ -9,7 +9,7 @@ export class LdapService { constructor( @Inject(ConfigService) private readonly serviceConfig: ConfigService, - ) { } + ) {} private async createLdapConnection(): Promise { const ldapUrl = this.serviceConfig.get("ldap.url"); @@ -26,7 +26,10 @@ export class LdapService { const bindDn = this.serviceConfig.get("ldap.bindDn") || null; if (bindDn) { try { - await ldapClient.bind(bindDn, this.serviceConfig.get("ldap.bindPassword")); + await ldapClient.bind( + bindDn, + this.serviceConfig.get("ldap.bindPassword"), + ); } catch (error) { this.logger.warn(`Failed to bind to default user: ${error}`); throw new Error("failed to bind to default user"); @@ -41,7 +44,9 @@ export class LdapService { password: string, ): Promise { if (!username.match(/^[a-zA-Z0-9-_.@]+$/)) { - this.logger.verbose(`Username ${username} does not match username pattern. Authentication failed.`); + this.logger.verbose( + `Username ${username} does not match username pattern. Authentication failed.`, + ); return null; } @@ -57,27 +62,35 @@ export class LdapService { scope: "sub", attributes: ["*"], - returnAttributeValues: true + returnAttributeValues: true, }); if (searchEntries.length > 1) { /* too many users found */ - this.logger.verbose(`Authentication for username ${username} failed. Too many users found with query ${searchQuery}`); + this.logger.verbose( + `Authentication for username ${username} failed. Too many users found with query ${searchQuery}`, + ); return null; } else if (searchEntries.length == 0) { /* user not found */ - this.logger.verbose(`Authentication for username ${username} failed. No user found with query ${searchQuery}`); + this.logger.verbose( + `Authentication for username ${username} failed. No user found with query ${searchQuery}`, + ); return null; } const targetEntity = searchEntries[0]; - this.logger.verbose(`Trying to authenticate ${username} against LDAP user ${targetEntity.dn}`); + this.logger.verbose( + `Trying to authenticate ${username} against LDAP user ${targetEntity.dn}`, + ); try { await ldapClient.bind(targetEntity.dn, password); return targetEntity; } catch (error) { if (error instanceof InvalidCredentialsError) { - this.logger.verbose(`Failed to authenticate ${username} against ${targetEntity.dn}. Invalid credentials.`); + this.logger.verbose( + `Failed to authenticate ${username} against ${targetEntity.dn}. Invalid credentials.`, + ); return null; } diff --git a/backend/src/main.ts b/backend/src/main.ts index dd3a71b0..a9c2c771 100644 --- a/backend/src/main.ts +++ b/backend/src/main.ts @@ -13,7 +13,12 @@ import { NextFunction, Request, Response } from "express"; import * as fs from "fs"; import { AppModule } from "./app.module"; import { ConfigService } from "./config/config.service"; -import { DATA_DIRECTORY, LOG_LEVEL_AVAILABLE, LOG_LEVEL_DEFAULT, LOG_LEVEL_ENV } from "./constants"; +import { + DATA_DIRECTORY, + LOG_LEVEL_AVAILABLE, + LOG_LEVEL_DEFAULT, + LOG_LEVEL_ENV, +} from "./constants"; function generateNestJsLogLevels(): LogLevel[] { if (LOG_LEVEL_ENV) { @@ -34,7 +39,7 @@ async function bootstrap() { Logger.log(`Showing ${logLevels.join(", ")} messages`); const app = await NestFactory.create(AppModule, { - logger: logLevels + logger: logLevels, }); app.useGlobalPipes(new ValidationPipe({ whitelist: true })); diff --git a/backend/src/user/user.service.ts b/backend/src/user/user.service.ts index ad0cb63d..b2003ef2 100644 --- a/backend/src/user/user.service.ts +++ b/backend/src/user/user.service.ts @@ -21,7 +21,7 @@ export class UserSevice { private emailService: EmailService, private fileService: FileService, private configService: ConfigService, - ) { } + ) {} async list() { return await this.prisma.user.findMany(); @@ -96,27 +96,38 @@ export class UserSevice { return await this.prisma.user.delete({ where: { id } }); } - async findOrCreateFromLDAP(providedCredentials: AuthSignInDTO, ldapEntry: Entry) { + async findOrCreateFromLDAP( + providedCredentials: AuthSignInDTO, + ldapEntry: Entry, + ) { const fieldNameMemberOf = this.configService.get("ldap.fieldNameMemberOf"); const fieldNameEmail = this.configService.get("ldap.fieldNameEmail"); let isAdmin = false; if (fieldNameMemberOf in ldapEntry) { const adminGroup = this.configService.get("ldap.adminGroups"); - const entryGroups = Array.isArray(ldapEntry[fieldNameMemberOf]) ? ldapEntry[fieldNameMemberOf] : [ldapEntry[fieldNameMemberOf]]; + const entryGroups = Array.isArray(ldapEntry[fieldNameMemberOf]) + ? ldapEntry[fieldNameMemberOf] + : [ldapEntry[fieldNameMemberOf]]; isAdmin = entryGroups.includes(adminGroup) ?? false; } else { - this.logger.warn(`Trying to create/update a ldap user but the member field ${fieldNameMemberOf} is not present.`); + this.logger.warn( + `Trying to create/update a ldap user but the member field ${fieldNameMemberOf} is not present.`, + ); } let userEmail: string | null = null; if (fieldNameEmail in ldapEntry) { - const value = Array.isArray(ldapEntry[fieldNameEmail]) ? ldapEntry[fieldNameEmail][0] : ldapEntry[fieldNameEmail]; + const value = Array.isArray(ldapEntry[fieldNameEmail]) + ? ldapEntry[fieldNameEmail][0] + : ldapEntry[fieldNameEmail]; if (value) { userEmail = value.toString(); } } else { - this.logger.warn(`Trying to create/update a ldap user but the email field ${fieldNameEmail} is not present.`); + this.logger.warn( + `Trying to create/update a ldap user but the email field ${fieldNameEmail} is not present.`, + ); } if (providedCredentials.email) { @@ -149,35 +160,47 @@ export class UserSevice { if (user.username === placeholderUsername) { /* Give the user a human readable name if the user has been created with a placeholder username */ - await this.prisma.user.update({ - where: { - id: user.id, - }, - data: { - username: `user_${user.id}` - } - }).then(newUser => { - user.username = newUser.username; - }).catch(error => { - this.logger.warn(`Failed to update users ${user.id} placeholder username: ${inspect(error)}`); - }); + await this.prisma.user + .update({ + where: { + id: user.id, + }, + data: { + username: `user_${user.id}`, + }, + }) + .then((newUser) => { + user.username = newUser.username; + }) + .catch((error) => { + this.logger.warn( + `Failed to update users ${user.id} placeholder username: ${inspect(error)}`, + ); + }); } if (userEmail && userEmail !== user.email) { /* Sync users email if it has changed */ - await this.prisma.user.update({ - where: { - id: user.id, - }, - data: { - email: userEmail - } - }).then(newUser => { - this.logger.log(`Updated users ${user.id} email from ldap from ${user.email} to ${userEmail}.`); - user.email = newUser.email; - }).catch(error => { - this.logger.error(`Failed to update users ${user.id} email to ${userEmail}: ${inspect(error)}`); - }); + await this.prisma.user + .update({ + where: { + id: user.id, + }, + data: { + email: userEmail, + }, + }) + .then((newUser) => { + this.logger.log( + `Updated users ${user.id} email from ldap from ${user.email} to ${userEmail}.`, + ); + user.email = newUser.email; + }) + .catch((error) => { + this.logger.error( + `Failed to update users ${user.id} email to ${userEmail}: ${inspect(error)}`, + ); + }); } return user;