diff options
author | Madeline <46743919+MaddyUnderStars@users.noreply.github.com> | 2022-08-25 00:44:13 +1000 |
---|---|---|
committer | Madeline <46743919+MaddyUnderStars@users.noreply.github.com> | 2022-08-25 00:44:13 +1000 |
commit | 314a4787ce55a091cb89ef4281d7ba09e8323fa4 (patch) | |
tree | d77142c009e9c6d45390a8fe01c9aee966d7a4cc /src/api/routes/users/@me/mfa/codes.ts | |
parent | Merge remote-tracking branch 'upstream/staging' into feat/captchaVerify (diff) | |
parent | case insensitive header for rate limits, fix rate limit default settings (diff) | |
download | server-314a4787ce55a091cb89ef4281d7ba09e8323fa4.tar.xz |
Merge remote-tracking branch 'upstream/staging' into feat/captchaVerify
Diffstat (limited to 'src/api/routes/users/@me/mfa/codes.ts')
-rw-r--r-- | src/api/routes/users/@me/mfa/codes.ts | 29 |
1 files changed, 16 insertions, 13 deletions
diff --git a/src/api/routes/users/@me/mfa/codes.ts b/src/api/routes/users/@me/mfa/codes.ts index 4224a1c0..c62581cc 100644 --- a/src/api/routes/users/@me/mfa/codes.ts +++ b/src/api/routes/users/@me/mfa/codes.ts @@ -1,7 +1,14 @@ -import { Router, Request, Response } from "express"; import { route } from "@fosscord/api"; import { BackupCode, Config, FieldErrors, generateMfaBackupCodes, MfaCodesSchema, User } from "@fosscord/util"; -import bcrypt from "bcrypt"; +import { Request, Response, Router } from "express"; + +let bcrypt: any; +try { + bcrypt = require("bcrypt"); +} catch { + bcrypt = require("bcryptjs"); + console.log("Warning: using bcryptjs because bcrypt is not installed! Performance will be affected."); +} const router = Router(); @@ -12,25 +19,21 @@ router.post("/", route({ body: "MfaCodesSchema" }), async (req: Request, res: Re const user = await User.findOneOrFail({ where: { id: req.user_id }, select: ["data"] }); - if (!await bcrypt.compare(password, user.data.hash || "")) { + if (!(await bcrypt.compare(password, user.data.hash || ""))) { throw FieldErrors({ password: { message: req.t("auth:login.INVALID_PASSWORD"), code: "INVALID_PASSWORD" } }); } var codes: BackupCode[]; if (regenerate && Config.get().security.twoFactor.generateBackupCodes) { - await BackupCode.update( - { user: { id: req.user_id } }, - { expired: true } - ); + await BackupCode.update({ user: { id: req.user_id } }, { expired: true }); codes = generateMfaBackupCodes(req.user_id); - await Promise.all(codes.map(x => x.save())); - } - else { + await Promise.all(codes.map((x) => x.save())); + } else { codes = await BackupCode.find({ where: { user: { - id: req.user_id, + id: req.user_id }, expired: false } @@ -38,8 +41,8 @@ router.post("/", route({ body: "MfaCodesSchema" }), async (req: Request, res: Re } return res.json({ - backup_codes: codes.map(x => ({ ...x, expired: undefined })), - }) + backup_codes: codes.map((x) => ({ ...x, expired: undefined })) + }); }); export default router; |