fixup!: custom user model

Author: jannyHou

extensions/authentication-jwt/README.md

@@ -178,6 +178,120 @@ The code snippet for whoAmI function:
 The complete file is in
 [user.controller.ts](https://github.com/strongloop/loopback-next/tree/master/extensions/authentication-jwt/src/__tests__/fixtures/controllers/user.controller.ts)
 
+## Customize Model
+
+1. Create your own user model and repository by `lb4 model` and
+   `lb4 repository`.
+
+2. The user service requires the user model, to provide your own one, you need
+   to copy the
+   [`user.service.ts`](https://github.com/strongloop/loopback-next/blob/master/extensions/authentication-jwt/src/services/user.service.ts)
+   file into your application, e.g. copy to file
+   `myapp/src/services/custom.user.service.ts`, and replace the default `User`,
+   `UserRepository` with `MyUser`, `MyUserRepository`:
+
+   <details>
+   <summary><strong>Check The Code</strong></summary>
+   <p>
+
+   ```ts
+   import {UserService} from '@loopback/authentication';
+   import {repository} from '@loopback/repository';
+   import {HttpErrors} from '@loopback/rest';
+   import {securityId, UserProfile} from '@loopback/security';
+   import {compare} from 'bcryptjs';
+   // User --> MyUser
+   import {MyUser} from '../models';
+   // UserRepository --> MyUserRepository
+   import {MyUserRepository} from '../repositories';
+
+   export type Credentials = {
+     email: string;
+     password: string;
+   };
+
+   // User --> MyUser
+   export class CustomUserService implements UserService<MyUser, Credentials> {
+     constructor(
+       // UserRepository --> MyUserRepository
+       @repository(MyUserRepository) public userRepository: MyUserRepository,
+     ) {}
+
+     // User --> MyUser
+     async verifyCredentials(credentials: Credentials): Promise<MyUser> {
+       const invalidCredentialsError = 'Invalid email or password.';
+
+       const foundUser = await this.userRepository.findOne({
+         where: {email: credentials.email},
+       });
+       if (!foundUser) {
+         throw new HttpErrors.Unauthorized(invalidCredentialsError);
+       }
+
+       const credentialsFound = await this.userRepository.findCredentials(
+         foundUser.id,
+       );
+       if (!credentialsFound) {
+         throw new HttpErrors.Unauthorized(invalidCredentialsError);
+       }
+
+       const passwordMatched = await compare(
+         credentials.password,
+         credentialsFound.password,
+       );
+
+       if (!passwordMatched) {
+         throw new HttpErrors.Unauthorized(invalidCredentialsError);
+       }
+
+       return foundUser;
+     }
+
+     // User --> MyUser
+     convertToUserProfile(user: MyUser): UserProfile {
+       return {
+         [securityId]: user.id.toString(),
+         name: user.username,
+         id: user.id,
+         email: user.email,
+       };
+     }
+   }
+   ```
+
+   </p>
+   </details>
+
+3. Bind `MyUserRepository` (and `MyUserCredentialsRepository` if you create your
+   own as well) to the corresponding key in your `application.ts`:
+
+   ```ts
+   import {CustomUserService} from './services/custom-user-service';
+   import {MyUserRepository, MyUserCredentialsRepository} from './repositories';
+   import {UserServiceBindings} from '@loopback/extension-authentication-jwt';
+
+   export class TestApplication extends BootMixin(
+     ServiceMixin(RepositoryMixin(RestApplication)),
+   ) {
+     constructor(options: ApplicationConfig = {}) {
+       super(options);
+       // ...other setup
+       this.component(JWTAuthenticationComponent);
+       // Bind datasource
+       this.dataSource(DbDataSource, UserServiceBindings.DATASOURCE_NAME);
+       // Bind user service
+       this.bind(UserServiceBindings.USER_SERVICE).toClass(CustomUserService),
+       // Bind user and credentials repository
+       this.bind(UserServiceBindings.USER_REPOSITORY).toClass(
+         UserRepository,
+       ),
+       this.bind(UserServiceBindings.USER_CREDENTIALS_REPOSITORY).toClass(
+         UserCredentialsRepository,
+       ),
+     }
+   }
+   ```
+
 ## Future Work
 
 The security specification is currently manually added in the application file.

extensions/authentication-jwt/src/__tests__/acceptance/jwt.component.test.ts

@@ -55,7 +55,7 @@ describe('jwt authentication', () => {
     });
 
     await app.boot();
-    userRepo = await app.get(UserServiceBindings.USER_REPOSITORY_NAME);
+    userRepo = await app.get(UserServiceBindings.USER_REPOSITORY);
     await createUsers();
     await app.start();
   }

extensions/authentication-jwt/src/jwt-authentication-component.ts

@@ -34,10 +34,8 @@ export class JWTAuthenticationComponent implements Component {
 
     // user bindings
     Binding.bind(UserServiceBindings.USER_SERVICE).toClass(MyUserService),
-    Binding.bind(UserServiceBindings.USER_REPOSITORY_NAME).toClass(
-      UserRepository,
-    ),
-    Binding.bind(UserServiceBindings.USER_CREDENTIALS_REPOSITORY_NAME).toClass(
+    Binding.bind(UserServiceBindings.USER_REPOSITORY).toClass(UserRepository),
+    Binding.bind(UserServiceBindings.USER_CREDENTIALS_REPOSITORY).toClass(
       UserCredentialsRepository,
     ),
   ];

extensions/authentication-jwt/src/keys.ts

@@ -30,7 +30,7 @@ export namespace UserServiceBindings {
     'services.user.service',
   );
   export const DATASOURCE_NAME = 'jwtdb';
-  export const USER_REPOSITORY_NAME = 'repositories.UserRepository';
-  export const USER_CREDENTIALS_REPOSITORY_NAME =
+  export const USER_REPOSITORY = 'repositories.UserRepository';
+  export const USER_CREDENTIALS_REPOSITORY =
     'repositories.UserCredentialsRepository';
 }