bigbluebutton-Github/bigbluebutton-html5/imports/ui/services/auth/index.js

/* eslint prefer-promise-reject-errors: 0 */
import { Tracker } from 'meteor/tracker';

import Storage from '/imports/ui/services/storage/session';

import { makeCall } from '/imports/ui/services/api';
import { initAnnotationsStreamListener } from '/imports/ui/components/whiteboard/service';
import allowRedirectToLogoutURL from '/imports/ui/components/meeting-ended/service';
import { initCursorStreamListener } from '/imports/ui/components/cursor/service';
import SubscriptionRegistry from '/imports/ui/services/subscription-registry/subscriptionRegistry';
import AuthTokenValidation, { ValidationStates } from '/imports/api/auth-token-validation';

const CONNECTION_TIMEOUT = Meteor.settings.public.app.connectionTimeout;

class Auth {
  constructor() {
    this._loggedIn = {
      value: false,
      tracker: new Tracker.Dependency(),
    };

    const queryParams = new URLSearchParams(document.location.search);
    if (queryParams.has('sessionToken')
      && queryParams.get('sessionToken') !== Session.get('sessionToken')) {
      return;
    }

    this._meetingID = Storage.getItem('meetingID');
    this._userID = Storage.getItem('userID');
    this._authToken = Storage.getItem('authToken');
    this._sessionToken = Storage.getItem('sessionToken');
    this._logoutURL = Storage.getItem('logoutURL');
    this._confname = Storage.getItem('confname');
    this._externUserID = Storage.getItem('externUserID');
    this._fullname = Storage.getItem('fullname');
  }

  get meetingID() {
    return this._meetingID;
  }

  set meetingID(meetingID) {
    this._meetingID = meetingID;
    Storage.setItem('meetingID', this._meetingID);
  }

  set sessionToken(sessionToken) {
    this._sessionToken = sessionToken;
    Storage.setItem('sessionToken', this._sessionToken);
  }

  get sessionToken() {
    return this._sessionToken;
  }

  get userID() {
    return this._userID;
  }

  set userID(userID) {
    this._userID = userID;
    Storage.setItem('userID', this._userID);
  }

  get token() {
    return this._authToken;
  }

  set token(authToken) {
    this._authToken = authToken;
    Storage.setItem('authToken', this._authToken);
  }

  set logoutURL(logoutURL) {
    this._logoutURL = logoutURL;
    Storage.setItem('logoutURL', this._logoutURL);
  }

  get logoutURL() {
    return this._logoutURL;
  }

  set confname(confname) {
    this._confname = confname;
    Storage.setItem('confname', this._confname);
  }

  get confname() {
    return this._confname;
  }

  set externUserID(externUserID) {
    this._externUserID = externUserID;
    Storage.setItem('externUserID', this._externUserID);
  }

  get externUserID() {
    return this._externUserID;
  }

  set fullname(fullname) {
    this._fullname = fullname;
    Storage.setItem('fullname', this._fullname);
  }

  get fullname() {
    return this._fullname;
  }

  get loggedIn() {
    this._loggedIn.tracker.depend();
    return this._loggedIn.value;
  }

  set loggedIn(value) {
    this._loggedIn.value = value;
    this._loggedIn.tracker.changed();
  }

  get credentials() {
    return {
      meetingId: this.meetingID,
      requesterUserId: this.userID,
      requesterToken: this.token,
      logoutURL: this.logoutURL,
      sessionToken: this.sessionToken,
      fullname: this.fullname,
      externUserID: this.externUserID,
      confname: this.confname,
    };
  }

  get fullInfo() {
    return {
      sessionToken: this.sessionToken,
      meetingId: this.meetingID,
      requesterUserId: this.userID,
      fullname: this.fullname,
      confname: this.confname,
      externUserID: this.externUserID,
      uniqueClientSession: this.uniqueClientSession,
    };
  }

  set(
    meetingId,
    requesterUserId,
    requesterToken,
    logoutURL,
    sessionToken,
    fullname,
    externUserID,
    confname,
  ) {
    this.meetingID = meetingId;
    this.userID = requesterUserId;
    this.token = requesterToken;
    this.logoutURL = logoutURL;
    this.sessionToken = sessionToken;
    this.fullname = fullname;
    this.externUserID = externUserID;
    this.confname = confname;
  }

  clearCredentials(...args) {
    this.meetingID = null;
    this.userID = null;
    this.token = null;
    this.loggedIn = false;
    this.logoutURL = null;
    this.sessionToken = null;
    this.fullname = null;
    this.externUserID = null;
    this.confname = null;
    this.uniqueClientSession = null;
    return Promise.resolve(...args);
  }

  logout() {
    if (!this.loggedIn) {
      return Promise.resolve();
    }


    return new Promise((resolve) => {
      if (allowRedirectToLogoutURL()) {
        resolve(this._logoutURL);
      }

      // do not redirect
      resolve();
    });
  }

  authenticate(force) {
    if (this.loggedIn && !force) {
      return Promise.resolve();
    }

    if (!(this.meetingID && this.userID && this.token)) {
      return Promise.reject({
        error: 401,
        description: Session.get('errorMessageDescription') ? Session.get('errorMessageDescription') : 'Authentication failed due to missing credentials',
      });
    }

    this.loggedIn = false;
    return this.validateAuthToken()
      .then(() => {
        this.loggedIn = true;
        this.uniqueClientSession = `${this.sessionToken}-${Math.random().toString(36).substring(6)}`;
      });
  }

  validateAuthToken() {
    return new Promise(async (resolve, reject) => {
      let computation = null;

      const validationTimeout = setTimeout(() => {
        computation.stop();
        reject({
          error: 408,
          description: 'Authentication timeout',
        });
      }, CONNECTION_TIMEOUT);

      makeCall('validateAuthToken', this.meetingID, this.userID, this.token, this.externUserID);

      const authTokenSubscription = SubscriptionRegistry.createSubscription('auth-token-validation', {}, { meetingId: this.meetingID, userId: this.userID });
      SubscriptionRegistry.createSubscription('current-user');

      Tracker.autorun((c) => {
        computation = c;

        if (!authTokenSubscription.ready()) {
          return;
        }

        const selector = {
          connectionId: Meteor.connection._lastSessionId,
        };

        const authenticationTokenValidation = AuthTokenValidation.findOne(selector);

        if (!authenticationTokenValidation) return;

        switch (authenticationTokenValidation.validationStatus) {
          case ValidationStates.INVALID:
            c.stop();
            reject({ error: 403, description: authenticationTokenValidation.reason });
            break;
          case ValidationStates.VALIDATED:
            initCursorStreamListener();
            initAnnotationsStreamListener();
            c.stop();
            clearTimeout(validationTimeout);
            setTimeout(() => resolve(true), 100);
            break;
          case ValidationStates.VALIDATING:
            break;
          case ValidationStates.NOT_VALIDATED:
            break;
          default:
        }
      });
    });
  }

  authenticateURL(url) {
    let authURL = url;
    if (authURL.indexOf('sessionToken=') === -1) {
      if (authURL.indexOf('?') !== -1) {
        authURL = `${authURL}&sessionToken=${this.sessionToken}`;
      } else {
        authURL = `${authURL}?sessionToken=${this.sessionToken}`;
      }
    }
    return authURL;
  }
}

const AuthSingleton = new Auth();
export default AuthSingleton;
Simplify auth code and remove clearCredentials on errors. Fix #4812 2017-12-14 01:40:46 +08:00			`/* eslint prefer-promise-reject-errors: 0 */`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`import { Tracker } from 'meteor/tracker';`

Add unread messages service 2016-07-07 20:50:32 +08:00			`import Storage from '/imports/ui/services/storage/session';`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00
move if condition for User.ejected 2018-01-30 12:23:56 +08:00			`import { makeCall } from '/imports/ui/services/api';`
WIP streamer stuff 2019-12-07 01:46:58 +08:00			`import { initAnnotationsStreamListener } from '/imports/ui/components/whiteboard/service';`
Added allowDefaultLogoutUrl config to optionally ignore non-custom logoutUrl 2020-10-08 17:15:05 +08:00			`import allowRedirectToLogoutURL from '/imports/ui/components/meeting-ended/service';`
WIP streamer stuff 2019-12-07 01:46:58 +08:00			`import { initCursorStreamListener } from '/imports/ui/components/cursor/service';`
Add server side reactivity to publications 2021-09-07 04:51:42 +08:00			`import SubscriptionRegistry from '/imports/ui/services/subscription-registry/subscriptionRegistry';`
Create ClientConnections structure and auth-token-validation collection 2020-09-01 20:07:56 +08:00			`import AuthTokenValidation, { ValidationStates } from '/imports/api/auth-token-validation';`
Move session/auth logic to separated services 2016-06-02 21:46:35 +08:00
Fix client reconnection timeout 2017-05-05 22:30:15 +08:00			`const CONNECTION_TIMEOUT = Meteor.settings.public.app.connectionTimeout;`

Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`class Auth {`
			`constructor() {`
add log on successful and unsuccessful login 2018-08-11 01:51:12 +08:00			`this._loggedIn = {`
			`value: false,`
			`tracker: new Tracker.Dependency(),`
			`};`

			`const queryParams = new URLSearchParams(document.location.search);`
			`if (queryParams.has('sessionToken')`
			`&& queryParams.get('sessionToken') !== Session.get('sessionToken')) {`
			`return;`
			`}`

Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`this._meetingID = Storage.getItem('meetingID');`
			`this._userID = Storage.getItem('userID');`
			`this._authToken = Storage.getItem('authToken');`
Dynamic fetching the stun/turn servers 2017-07-19 20:44:47 +08:00			`this._sessionToken = Storage.getItem('sessionToken');`
Fix the html5 2.0 user logout 2017-07-15 00:59:02 +08:00			`this._logoutURL = Storage.getItem('logoutURL');`
Client logger implemented 2018-06-20 00:46:59 +08:00			`this._confname = Storage.getItem('confname');`
			`this._externUserID = Storage.getItem('externUserID');`
			`this._fullname = Storage.getItem('fullname');`
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`}`
Move session/auth logic to separated services 2016-06-02 21:46:35 +08:00
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`get meetingID() {`
			`return this._meetingID;`
			`}`
Move session/auth logic to separated services 2016-06-02 21:46:35 +08:00
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`set meetingID(meetingID) {`
			`this._meetingID = meetingID;`
			`Storage.setItem('meetingID', this._meetingID);`
			`}`
Move session/auth logic to separated services 2016-06-02 21:46:35 +08:00
Dynamic fetching the stun/turn servers 2017-07-19 20:44:47 +08:00			`set sessionToken(sessionToken) {`
			`this._sessionToken = sessionToken;`
			`Storage.setItem('sessionToken', this._sessionToken);`
			`}`

			`get sessionToken() {`
			`return this._sessionToken;`
			`}`

Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`get userID() {`
			`return this._userID;`
			`}`
Move session/auth logic to separated services 2016-06-02 21:46:35 +08:00
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`set userID(userID) {`
			`this._userID = userID;`
			`Storage.setItem('userID', this._userID);`
			`}`
fixes html5 clinet logout and nav-bar 2016-06-18 06:15:11 +08:00
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`get token() {`
			`return this._authToken;`
fixes html5 clinet logout and nav-bar 2016-06-25 07:09:32 +08:00			`}`
fixes html5 clinet logout and nav-bar 2016-06-18 06:15:11 +08:00
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`set token(authToken) {`
			`this._authToken = authToken;`
			`Storage.setItem('authToken', this._authToken);`
			`}`

Fix the html5 2.0 user logout 2017-07-15 00:59:02 +08:00			`set logoutURL(logoutURL) {`
			`this._logoutURL = logoutURL;`
			`Storage.setItem('logoutURL', this._logoutURL);`
			`}`

			`get logoutURL() {`
			`return this._logoutURL;`
			`}`

Client logger implemented 2018-06-20 00:46:59 +08:00			`set confname(confname) {`
			`this._confname = confname;`
			`Storage.setItem('confname', this._confname);`
			`}`

			`get confname() {`
			`return this._confname;`
			`}`

			`set externUserID(externUserID) {`
			`this._externUserID = externUserID;`
			`Storage.setItem('externUserID', this._externUserID);`
			`}`

			`get externUserID() {`
			`return this._externUserID;`
			`}`

			`set fullname(fullname) {`
			`this._fullname = fullname;`
			`Storage.setItem('fullname', this._fullname);`
			`}`

			`get fullname() {`
			`return this._fullname;`
			`}`

Refactor the i18n server code 2017-03-10 03:50:21 +08:00			`get loggedIn() {`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`this._loggedIn.tracker.depend();`
			`return this._loggedIn.value;`
Refactor the i18n server code 2017-03-10 03:50:21 +08:00			`}`

Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`set loggedIn(value) {`
			`this._loggedIn.value = value;`
			`this._loggedIn.tracker.changed();`
			`}`

Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00			`get credentials() {`
			`return {`
			`meetingId: this.meetingID,`
			`requesterUserId: this.userID,`
			`requesterToken: this.token,`
Fix the html5 2.0 user logout 2017-07-15 00:59:02 +08:00			`logoutURL: this.logoutURL,`
Dynamic fetching the stun/turn servers 2017-07-19 20:44:47 +08:00			`sessionToken: this.sessionToken,`
Client logger implemented 2018-06-20 00:46:59 +08:00			`fullname: this.fullname,`
			`externUserID: this.externUserID,`
fix linting 2018-08-14 03:52:44 +08:00			`confname: this.confname,`
Client logger implemented 2018-06-20 00:46:59 +08:00			`};`
			`}`

			`get fullInfo() {`
			`return {`
			`sessionToken: this.sessionToken,`
			`meetingId: this.meetingID,`
			`requesterUserId: this.userID,`
			`fullname: this.fullname,`
			`confname: this.confname,`
			`externUserID: this.externUserID,`
added Auth.uniqueClientSession to correlate logs with a reload unique string 2019-06-29 05:47:18 +08:00			`uniqueClientSession: this.uniqueClientSession,`
Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00			`};`
			`}`

Fix liter errors 2018-12-11 01:05:17 +08:00			`set(`
			`meetingId,`
			`requesterUserId,`
			`requesterToken,`
			`logoutURL,`
			`sessionToken,`
			`fullname,`
			`externUserID,`
			`confname,`
			`) {`
Fix the double auth problem 2017-04-27 03:56:29 +08:00			`this.meetingID = meetingId;`
			`this.userID = requesterUserId;`
			`this.token = requesterToken;`
Fix the html5 2.0 user logout 2017-07-15 00:59:02 +08:00			`this.logoutURL = logoutURL;`
Dynamic fetching the stun/turn servers 2017-07-19 20:44:47 +08:00			`this.sessionToken = sessionToken;`
Client logger implemented 2018-06-20 00:46:59 +08:00			`this.fullname = fullname;`
			`this.externUserID = externUserID;`
			`this.confname = confname;`
Fix the double auth problem 2017-04-27 03:56:29 +08:00			`}`

Fix the html5 2.0 user logout 2017-07-15 00:59:02 +08:00			`clearCredentials(...args) {`
Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00			`this.meetingID = null;`
			`this.userID = null;`
			`this.token = null;`
			`this.loggedIn = false;`
Fix the html5 2.0 user logout 2017-07-15 00:59:02 +08:00			`this.logoutURL = null;`
Dynamic fetching the stun/turn servers 2017-07-19 20:44:47 +08:00			`this.sessionToken = null;`
Client logger implemented 2018-06-20 00:46:59 +08:00			`this.fullname = null;`
fix linting 2018-08-14 03:52:44 +08:00			`this.externUserID = null;`
Client logger implemented 2018-06-20 00:46:59 +08:00			`this.confname = null;`
added Auth.uniqueClientSession to correlate logs with a reload unique string 2019-06-29 05:47:18 +08:00			`this.uniqueClientSession = null;`
Fix the html5 2.0 user logout 2017-07-15 00:59:02 +08:00			`return Promise.resolve(...args);`
Linter auto fix 2017-06-03 03:25:02 +08:00			`}`
Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00
			`logout() {`
			`if (!this.loggedIn) {`
			`return Promise.resolve();`
			`}`

utilize Meteor connection id instead of trusting client side meetingId, userId 2020-02-07 04:47:28 +08:00
Fix the html5 2.0 user logout 2017-07-15 00:59:02 +08:00			`return new Promise((resolve) => {`
Added allowDefaultLogoutUrl config to optionally ignore non-custom logoutUrl 2020-10-08 17:15:05 +08:00			`if (allowRedirectToLogoutURL()) {`
			`resolve(this._logoutURL);`
			`}`

			`// do not redirect`
			`resolve();`
Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00			`});`
Linter auto fix 2017-06-03 03:25:02 +08:00			`}`
Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00
Fix the double auth problem 2017-04-27 03:56:29 +08:00			`authenticate(force) {`
utilize Meteor connection id instead of trusting client side meetingId, userId 2020-02-07 04:47:28 +08:00			`if (this.loggedIn && !force) {`
			`return Promise.resolve();`
			`}`
Fix unauthorized on slow connection 2017-04-18 01:14:31 +08:00
Simplify auth code and remove clearCredentials on errors. Fix #4812 2017-12-14 01:40:46 +08:00			`if (!(this.meetingID && this.userID && this.token)) {`
			`return Promise.reject({`
			`error: 401,`
Improve logs for a better debug/understanding of problems related to authentication and log in process 2020-10-08 03:50:17 +08:00			`description: Session.get('errorMessageDescription') ? Session.get('errorMessageDescription') : 'Authentication failed due to missing credentials',`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`});`
Simplify auth code and remove clearCredentials on errors. Fix #4812 2017-12-14 01:40:46 +08:00			`}`

Fix reconnecting users being redirected to /logout 2018-03-17 03:22:27 +08:00			`this.loggedIn = false;`
			`return this.validateAuthToken()`
added Auth.uniqueClientSession to correlate logs with a reload unique string 2019-06-29 05:47:18 +08:00			`.then(() => {`
			`this.loggedIn = true;`
prepend sessionToken to uniqueClientSession 2019-07-03 05:15:32 +08:00			this.uniqueClientSession = `${this.sessionToken}-${Math.random().toString(36).substring(6)}`;
added Auth.uniqueClientSession to correlate logs with a reload unique string 2019-06-29 05:47:18 +08:00			`});`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`}`

Simplify auth code and remove clearCredentials on errors. Fix #4812 2017-12-14 01:40:46 +08:00			`validateAuthToken() {`
Prevent banned user from trying to validate auth token multiple times. close #9798 2020-06-13 00:24:11 +08:00			`return new Promise(async (resolve, reject) => {`
Fix bug when users re-validate after refresh 2017-12-19 20:19:47 +08:00			`let computation = null;`

Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`const validationTimeout = setTimeout(() => {`
Fix bug when users re-validate after refresh 2017-12-19 20:19:47 +08:00			`computation.stop();`
Fix unauthorized on slow connection 2017-04-18 01:14:31 +08:00			`reject({`
Improve logs for a better debug/understanding of problems related to authentication and log in process 2020-10-08 03:50:17 +08:00			`error: 408,`
			`description: 'Authentication timeout',`
Fix unauthorized on slow connection 2017-04-18 01:14:31 +08:00			`});`
Fix client reconnection timeout 2017-05-05 22:30:15 +08:00			`}, CONNECTION_TIMEOUT);`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00
Remove banned users structure and handle reasonCode in validateAuthToken 2021-03-30 21:09:25 +08:00			`makeCall('validateAuthToken', this.meetingID, this.userID, this.token, this.externUserID);`
Prevent banned user from trying to validate auth token multiple times. close #9798 2020-06-13 00:24:11 +08:00
Add server side reactivity to publications 2021-09-07 04:51:42 +08:00			`const authTokenSubscription = SubscriptionRegistry.createSubscription('auth-token-validation', {}, { meetingId: this.meetingID, userId: this.userID });`
			`SubscriptionRegistry.createSubscription('current-user');`
Prevent multiple attaches on socket close for the same user 2020-09-29 20:57:31 +08:00
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`Tracker.autorun((c) => {`
Fix bug when users re-validate after refresh 2017-12-19 20:19:47 +08:00			`computation = c;`
Simplify auth code and remove clearCredentials on errors. Fix #4812 2017-12-14 01:40:46 +08:00
Fix race condition that caused the client to get stuck with the three dots on join 2021-07-16 01:01:21 +08:00			`if (!authTokenSubscription.ready()) {`
			`return;`
			`}`

always get token info from current connectionId 2021-07-02 21:33:17 +08:00			`const selector = {`
			`connectionId: Meteor.connection._lastSessionId,`
			`};`

			`const authenticationTokenValidation = AuthTokenValidation.findOne(selector);`
Adjust publishers to use auth-token-validation collection 2020-09-02 00:31:11 +08:00
			`if (!authenticationTokenValidation) return;`

			`switch (authenticationTokenValidation.validationStatus) {`
			`case ValidationStates.INVALID:`
			`c.stop();`
Remove banned users structure and handle reasonCode in validateAuthToken 2021-03-30 21:09:25 +08:00			`reject({ error: 403, description: authenticationTokenValidation.reason });`
Adjust publishers to use auth-token-validation collection 2020-09-02 00:31:11 +08:00			`break;`
			`case ValidationStates.VALIDATED:`
			`initCursorStreamListener();`
			`initAnnotationsStreamListener();`
			`c.stop();`
			`clearTimeout(validationTimeout);`
WIP onClose 2020-09-10 19:49:22 +08:00			`setTimeout(() => resolve(true), 100);`
Adjust publishers to use auth-token-validation collection 2020-09-02 00:31:11 +08:00			`break;`
			`case ValidationStates.VALIDATING:`
			`break;`
			`case ValidationStates.NOT_VALIDATED:`
			`break;`
			`default:`
Simplify auth code and remove clearCredentials on errors. Fix #4812 2017-12-14 01:40:46 +08:00			`}`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`});`
			`});`
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`}`
Includes a minimal authentication step before SFU connections 2019-01-08 00:54:37 +08:00
			`authenticateURL(url) {`
			`let authURL = url;`
			`if (authURL.indexOf('sessionToken=') === -1) {`
			`if (authURL.indexOf('?') !== -1) {`
Verifies if subscription already exists before calling subscribe 2019-05-15 04:13:15 +08:00			authURL = `${authURL}&sessionToken=${this.sessionToken}`;
Includes a minimal authentication step before SFU connections 2019-01-08 00:54:37 +08:00			`} else {`
Verifies if subscription already exists before calling subscribe 2019-05-15 04:13:15 +08:00			authURL = `${authURL}?sessionToken=${this.sessionToken}`;
Includes a minimal authentication step before SFU connections 2019-01-08 00:54:37 +08:00			`}`
			`}`
			`return authURL;`
			`}`
Linter auto fix 2017-06-03 03:25:02 +08:00			`}`
fixes html5 clinet logout and nav-bar 2016-06-29 02:50:44 +08:00
Linter auto fix 2017-06-03 03:25:02 +08:00			`const AuthSingleton = new Auth();`
Add a warn when a banned user tries to join the meeting 2020-06-13 03:51:22 +08:00			`export default AuthSingleton;`