140 lines
		
	
	
		
			3.9 KiB
		
	
	
	
		
			TypeScript
		
	
	
	
	
	
			
		
		
	
	
			140 lines
		
	
	
		
			3.9 KiB
		
	
	
	
		
			TypeScript
		
	
	
	
	
	
| import { IsString } from 'class-validator';
 | |
| import { ForbiddenError, NotAcceptableError, NotFoundError, UnauthorizedError } from 'routing-controllers';
 | |
| 
 | |
| /**
 | |
|  * Error to throw when a jwt could not be parsed.
 | |
|  * For example: Wrong signature or expired.
 | |
|  */
 | |
| export class IllegalJWTError extends UnauthorizedError {
 | |
| 	@IsString()
 | |
| 	name = "IllegalJWTError"
 | |
| 
 | |
| 	@IsString()
 | |
| 	message = "Your provided jwt could not be parsed."
 | |
| }
 | |
| 
 | |
| /**
 | |
|  * Error to throw when user is nonexistant or refreshtoken is invalid.
 | |
|  * This can happen if someone provides a JWT with a invalid user id or the refreshTokenCount of the user is higher that the provided jwt's is.
 | |
|  */
 | |
| export class UserNonexistantOrRefreshtokenInvalidError extends UnauthorizedError {
 | |
| 	@IsString()
 | |
| 	name = "UserNonexistantOrRefreshtokenInvalidError"
 | |
| 
 | |
| 	@IsString()
 | |
| 	message = "User is nonexistant or refreshtoken is invalid."
 | |
| }
 | |
| 
 | |
| /**
 | |
|  * Error to throw when provided credentials are invalid.
 | |
|  * We don't have seperate errors for username/mail and passwords to protect against guessing attacks.
 | |
|  */
 | |
| export class InvalidCredentialsError extends UnauthorizedError {
 | |
| 	@IsString()
 | |
| 	name = "InvalidCredentialsError"
 | |
| 
 | |
| 	@IsString()
 | |
| 	message = "Your provided credentials are invalid."
 | |
| }
 | |
| 
 | |
| /**
 | |
|  * Error to throw when a jwt does not have permission for this route/action.
 | |
|  * Mainly used be the @Authorized decorator (via the authchecker).
 | |
|  */
 | |
| export class NoPermissionError extends ForbiddenError {
 | |
| 	@IsString()
 | |
| 	name = "NoPermissionError"
 | |
| 
 | |
| 	@IsString()
 | |
| 	message = "Your provided jwt does not have permission for this route/ action."
 | |
| }
 | |
| 
 | |
| /**
 | |
|  * Error to throw when no username and no email is set.
 | |
|  * Because we have to identify users somehow.
 | |
|  */
 | |
| export class UsernameOrEmailNeededError extends NotAcceptableError {
 | |
| 	@IsString()
 | |
| 	name = "UsernameOrEmailNeededError"
 | |
| 
 | |
| 	@IsString()
 | |
| 	message = "Auth needs to have email or username set! \n You provided neither."
 | |
| }
 | |
| 
 | |
| /**
 | |
|  * Error to throw when no password is provided for a new user.
 | |
|  * Passwords are the minimum we need for user security.
 | |
|  */
 | |
| export class PasswordNeededError extends NotAcceptableError {
 | |
| 	@IsString()
 | |
| 	name = "PasswordNeededError"
 | |
| 
 | |
| 	@IsString()
 | |
| 	message = "No password is provided - you need to provide it."
 | |
| }
 | |
| 
 | |
| /**
 | |
|  * Error to throw when no user could be found for a certain query.
 | |
|  */
 | |
| export class UserNotFoundError extends NotFoundError {
 | |
| 	@IsString()
 | |
| 	name = "UserNotFoundError"
 | |
| 
 | |
| 	@IsString()
 | |
| 	message = "The user you provided couldn't be located in the system. \n Please check your request."
 | |
| }
 | |
| 
 | |
| /**
 | |
|  * Error to throw when no jwt was provided (but one had to be).
 | |
|  */
 | |
| export class JwtNotProvidedError extends NotAcceptableError {
 | |
| 	@IsString()
 | |
| 	name = "JwtNotProvidedError"
 | |
| 
 | |
| 	@IsString()
 | |
| 	message = "No jwt was provided."
 | |
| }
 | |
| 
 | |
| /**
 | |
|  * Error to throw when user was not found or the jwt's refresh token count was invalid.
 | |
|  */
 | |
| export class UserNotFoundOrRefreshTokenCountInvalidError extends NotAcceptableError {
 | |
| 	@IsString()
 | |
| 	name = "UserNotFoundOrRefreshTokenCountInvalidError"
 | |
| 
 | |
| 	@IsString()
 | |
| 	message = "User was not found or the refresh token count is invalid."
 | |
| }
 | |
| 
 | |
| /**
 | |
|  * Error to throw when refresh token count was invalid
 | |
|  */
 | |
| export class RefreshTokenCountInvalidError extends NotAcceptableError {
 | |
| 	@IsString()
 | |
| 	name = "RefreshTokenCountInvalidError"
 | |
| 
 | |
| 	@IsString()
 | |
| 	message = "Refresh token count is invalid."
 | |
| }
 | |
| 
 | |
| /**
 | |
|  * Error to throw when someone tries to reset a user's password more than once in 15 minutes.
 | |
|  */
 | |
| export class ResetAlreadyRequestedError extends NotAcceptableError {
 | |
| 	@IsString()
 | |
| 	name = "ResetAlreadyRequestedError"
 | |
| 
 | |
| 	@IsString()
 | |
| 	message = "You already requested a password reset in the last 15 minutes. \n Please wait until the old reset code expires before requesting a new one."
 | |
| }
 | |
| 
 | |
| /**
 | |
|  * Error to throw when someone tries a disabled user's password or login as a disabled user.
 | |
|  */
 | |
| export class UserDisabledError extends NotAcceptableError {
 | |
| 	@IsString()
 | |
| 	name = "UserDisabledError"
 | |
| 
 | |
| 	@IsString()
 | |
| 	message = "This user is currently disabled. \n Please contact your administrator if this is a mistake."
 | |
| } |