diff options
| author | TheArcaneBrony <myrainbowdash949@gmail.com> | 2022-09-18 19:36:00 +0200 |
|---|---|---|
| committer | TheArcaneBrony <myrainbowdash949@gmail.com> | 2022-09-18 19:36:00 +0200 |
| commit | 8fb84d48613783d1cbaec264eb1f04e5938a45d8 (patch) | |
| tree | 313b8a7d0f986e8ebe5bf3543c8fd01c4fb1863f | |
| parent | Return proper 429's, reg tokens bypass disabled registrations, code cleanup (diff) | |
| download | server-8fb84d48613783d1cbaec264eb1f04e5938a45d8.tar.xz | |
Validate reg token before bypassing captchas and disabled registrations
| -rw-r--r-- | src/api/routes/auth/register.ts | 41 |
1 files changed, 20 insertions, 21 deletions
diff --git a/src/api/routes/auth/register.ts b/src/api/routes/auth/register.ts index b5d75a30..bff35b2f 100644 --- a/src/api/routes/auth/register.ts +++ b/src/api/routes/auth/register.ts @@ -32,12 +32,28 @@ router.post("/", route({ body: "RegisterSchema" }), async (req: Request, res: Re const body = req.body as RegisterSchema; const { register, security, limits } = Config.get(); const ip = getIpAdress(req); - // tokens bypass requirements: - const hasToken = req.get("Referrer") && req.get("Referrer")?.includes("token="); // email will be slightly modified version of the user supplied email -> e.g. protection against GMail Trick let email = adjustEmail(body.email); + //check if referrer starts with any valid registration token + //!! bypasses captcha and registration disabling !!// + let validToken = false; + if (req.get("Referrer") && req.get("Referrer")?.includes("token=")) { + let token = req.get("Referrer")?.split("token=")[1].split("&")[0]; + if (token) { + await ValidRegistrationToken.delete({ expires_at: LessThan(new Date()) }); + let registrationToken = await ValidRegistrationToken.findOne({ where: { token: token, expires_at: MoreThan(new Date()) } }); + if (registrationToken) { + console.log(yellow(`[REGISTER] Registration token ${token} used for registration!`)); + await ValidRegistrationToken.delete(token); + validToken = true; + } else { + console.log(yellow(`[REGISTER] Invalid registration token ${token} used for registration by ${ip}!`)); + } + } + } + // check if the user agreed to the Terms of Service if (!body.consent) { throw FieldErrors({ @@ -45,7 +61,7 @@ router.post("/", route({ body: "RegisterSchema" }), async (req: Request, res: Re }); } - if (register.requireCaptcha && security.captcha.enabled && !hasToken) { + if (register.requireCaptcha && security.captcha.enabled && !validToken) { const { sitekey, service } = security.captcha; if (!body.captcha_key) { return res?.status(400).json({ @@ -66,7 +82,7 @@ router.post("/", route({ body: "RegisterSchema" }), async (req: Request, res: Re } // check if registration is allowed - if (!register.allowNewRegistration && !hasToken) { + if (!register.allowNewRegistration && !validToken) { throw FieldErrors({ email: { code: "REGISTRATION_DISABLED", message: req.t("auth:register.REGISTRATION_DISABLED") } }); @@ -144,23 +160,6 @@ router.post("/", route({ body: "RegisterSchema" }), async (req: Request, res: Re }); } - //check if referrer starts with any valid registration token - let validToken = false; - if (hasToken) { - let token = req.get("Referrer")?.split("token=")[1].split("&")[0]; - if (token) { - await ValidRegistrationToken.delete({ expires_at: LessThan(new Date()) }); - let registrationToken = await ValidRegistrationToken.findOne({ where: { token: token, expires_at: MoreThan(new Date()) } }); - if (registrationToken) { - console.log(yellow(`[REGISTER] Registration token ${token} used for registration!`)); - await ValidRegistrationToken.delete(token); - validToken = true; - } else { - console.log(yellow(`[REGISTER] Invalid registration token ${token} used for registration by ${ip}!`)); - } - } - } - if ( !validToken && limits.absoluteRate.register.enabled && |