diff options
Diffstat (limited to 'src/api/routes/auth')
| -rw-r--r-- | src/api/routes/auth/forgot.ts | 22 | ||||
| -rw-r--r-- | src/api/routes/auth/generate-registration-tokens.ts | 8 | ||||
| -rw-r--r-- | src/api/routes/auth/location-metadata.ts | 8 | ||||
| -rw-r--r-- | src/api/routes/auth/login.ts | 13 | ||||
| -rw-r--r-- | src/api/routes/auth/logout.ts | 6 | ||||
| -rw-r--r-- | src/api/routes/auth/mfa/totp.ts | 13 | ||||
| -rw-r--r-- | src/api/routes/auth/mfa/webauthn.ts | 11 | ||||
| -rw-r--r-- | src/api/routes/auth/register.ts | 10 | ||||
| -rw-r--r-- | src/api/routes/auth/reset.ts | 22 | ||||
| -rw-r--r-- | src/api/routes/auth/verify/index.ts | 8 | ||||
| -rw-r--r-- | src/api/routes/auth/verify/resend.ts | 8 | ||||
| -rw-r--r-- | src/api/routes/auth/verify/view-backup-codes-challenge.ts | 8 |
12 files changed, 87 insertions, 50 deletions
diff --git a/src/api/routes/auth/forgot.ts b/src/api/routes/auth/forgot.ts index 04df97d7..e240dff2 100644 --- a/src/api/routes/auth/forgot.ts +++ b/src/api/routes/auth/forgot.ts @@ -1,11 +1,29 @@ -import { getIpAdress, route, verifyCaptcha } from "@fosscord/api"; +/* + Spacebar: A FOSS re-implementation and extension of the Discord.com backend. + Copyright (C) 2023 Spacebar and Spacebar Contributors + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as published + by the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see <https://www.gnu.org/licenses/>. +*/ + +import { getIpAdress, route, verifyCaptcha } from "@spacebar/api"; import { Config, Email, FieldErrors, ForgotPasswordSchema, User, -} from "@fosscord/util"; +} from "@spacebar/util"; import { Request, Response, Router } from "express"; import { HTTPError } from "lambert-server"; const router = Router(); diff --git a/src/api/routes/auth/generate-registration-tokens.ts b/src/api/routes/auth/generate-registration-tokens.ts index c79d2a59..723875f8 100644 --- a/src/api/routes/auth/generate-registration-tokens.ts +++ b/src/api/routes/auth/generate-registration-tokens.ts @@ -1,6 +1,6 @@ /* - Fosscord: A FOSS re-implementation and extension of the Discord.com backend. - Copyright (C) 2023 Fosscord and Fosscord Contributors + Spacebar: A FOSS re-implementation and extension of the Discord.com backend. + Copyright (C) 2023 Spacebar and Spacebar Contributors This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published @@ -16,8 +16,8 @@ along with this program. If not, see <https://www.gnu.org/licenses/>. */ -import { route, random } from "@fosscord/api"; -import { Config, ValidRegistrationToken } from "@fosscord/util"; +import { route, random } from "@spacebar/api"; +import { Config, ValidRegistrationToken } from "@spacebar/util"; import { Request, Response, Router } from "express"; const router: Router = Router(); diff --git a/src/api/routes/auth/location-metadata.ts b/src/api/routes/auth/location-metadata.ts index 1ee8cd62..52a45c67 100644 --- a/src/api/routes/auth/location-metadata.ts +++ b/src/api/routes/auth/location-metadata.ts @@ -1,6 +1,6 @@ /* - Fosscord: A FOSS re-implementation and extension of the Discord.com backend. - Copyright (C) 2023 Fosscord and Fosscord Contributors + Spacebar: A FOSS re-implementation and extension of the Discord.com backend. + Copyright (C) 2023 Spacebar and Spacebar Contributors This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published @@ -17,8 +17,8 @@ */ import { Router, Request, Response } from "express"; -import { route } from "@fosscord/api"; -import { getIpAdress, IPAnalysis } from "@fosscord/api"; +import { route } from "@spacebar/api"; +import { getIpAdress, IPAnalysis } from "@spacebar/api"; const router = Router(); router.get("/", route({}), async (req: Request, res: Response) => { diff --git a/src/api/routes/auth/login.ts b/src/api/routes/auth/login.ts index e6616731..fe0b4f99 100644 --- a/src/api/routes/auth/login.ts +++ b/src/api/routes/auth/login.ts @@ -1,6 +1,6 @@ /* - Fosscord: A FOSS re-implementation and extension of the Discord.com backend. - Copyright (C) 2023 Fosscord and Fosscord Contributors + Spacebar: A FOSS re-implementation and extension of the Discord.com backend. + Copyright (C) 2023 Spacebar and Spacebar Contributors This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published @@ -16,7 +16,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>. */ -import { getIpAdress, route, verifyCaptcha } from "@fosscord/api"; +import { getIpAdress, route, verifyCaptcha } from "@spacebar/api"; import { adjustEmail, Config, @@ -26,7 +26,7 @@ import { LoginSchema, User, WebAuthn, -} from "@fosscord/util"; +} from "@spacebar/util"; import bcrypt from "bcrypt"; import crypto from "crypto"; import { Request, Response, Router } from "express"; @@ -72,14 +72,13 @@ router.post( "id", "disabled", "deleted", - "settings", "totp_secret", "mfa_enabled", "webauthn_enabled", "security_keys", "verified", ], - relations: ["security_keys"], + relations: ["security_keys", "settings"], }).catch(() => { throw FieldErrors({ login: { @@ -187,7 +186,7 @@ router.post( // Discord header is just the user id as string, which is not possible with npm-jsonwebtoken package // https://user-images.githubusercontent.com/6506416/81051916-dd8c9900-8ec2-11ea-8794-daf12d6f31f0.png - res.json({ token, settings: user.settings }); + res.json({ token, settings: { ...user.settings, index: undefined } }); }, ); diff --git a/src/api/routes/auth/logout.ts b/src/api/routes/auth/logout.ts index 43ba72a2..51909afa 100644 --- a/src/api/routes/auth/logout.ts +++ b/src/api/routes/auth/logout.ts @@ -1,6 +1,6 @@ /* - Fosscord: A FOSS re-implementation and extension of the Discord.com backend. - Copyright (C) 2023 Fosscord and Fosscord Contributors + Spacebar: A FOSS re-implementation and extension of the Discord.com backend. + Copyright (C) 2023 Spacebar and Spacebar Contributors This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published @@ -16,7 +16,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>. */ -import { route } from "@fosscord/api"; +import { route } from "@spacebar/api"; import { Request, Response, Router } from "express"; const router: Router = Router(); diff --git a/src/api/routes/auth/mfa/totp.ts b/src/api/routes/auth/mfa/totp.ts index 65cdd397..2396443d 100644 --- a/src/api/routes/auth/mfa/totp.ts +++ b/src/api/routes/auth/mfa/totp.ts @@ -1,6 +1,6 @@ /* - Fosscord: A FOSS re-implementation and extension of the Discord.com backend. - Copyright (C) 2023 Fosscord and Fosscord Contributors + Spacebar: A FOSS re-implementation and extension of the Discord.com backend. + Copyright (C) 2023 Spacebar and Spacebar Contributors This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published @@ -17,8 +17,8 @@ */ import { Router, Request, Response } from "express"; -import { route } from "@fosscord/api"; -import { BackupCode, generateToken, User, TotpSchema } from "@fosscord/util"; +import { route } from "@spacebar/api"; +import { BackupCode, generateToken, User, TotpSchema } from "@spacebar/util"; import { verifyToken } from "node-2fa"; import { HTTPError } from "lambert-server"; const router = Router(); @@ -34,7 +34,8 @@ router.post( where: { totp_last_ticket: ticket, }, - select: ["id", "totp_secret", "settings"], + select: ["id", "totp_secret"], + relations: ["settings"], }); const backup = await BackupCode.findOne({ @@ -62,7 +63,7 @@ router.post( return res.json({ token: await generateToken(user.id), - user_settings: user.settings, + settings: { ...user.settings, index: undefined }, }); }, ); diff --git a/src/api/routes/auth/mfa/webauthn.ts b/src/api/routes/auth/mfa/webauthn.ts index c4334c4c..1b387411 100644 --- a/src/api/routes/auth/mfa/webauthn.ts +++ b/src/api/routes/auth/mfa/webauthn.ts @@ -1,6 +1,6 @@ /* - Fosscord: A FOSS re-implementation and extension of the Discord.com backend. - Copyright (C) 2023 Fosscord and Fosscord Contributors + Spacebar: A FOSS re-implementation and extension of the Discord.com backend. + Copyright (C) 2023 Spacebar and Spacebar Contributors This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published @@ -16,7 +16,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>. */ -import { route } from "@fosscord/api"; +import { route } from "@spacebar/api"; import { generateToken, SecurityKey, @@ -24,7 +24,7 @@ import { verifyWebAuthnToken, WebAuthn, WebAuthnTotpSchema, -} from "@fosscord/util"; +} from "@spacebar/util"; import { Request, Response, Router } from "express"; import { ExpectedAssertionResult } from "fido2-lib"; import { HTTPError } from "lambert-server"; @@ -54,7 +54,8 @@ router.post( where: { totp_last_ticket: ticket, }, - select: ["id", "settings"], + select: ["id"], + relations: ["settings"], }); const ret = await verifyWebAuthnToken(ticket); diff --git a/src/api/routes/auth/register.ts b/src/api/routes/auth/register.ts index 0bf8efae..430c9532 100644 --- a/src/api/routes/auth/register.ts +++ b/src/api/routes/auth/register.ts @@ -1,6 +1,6 @@ /* - Fosscord: A FOSS re-implementation and extension of the Discord.com backend. - Copyright (C) 2023 Fosscord and Fosscord Contributors + Spacebar: A FOSS re-implementation and extension of the Discord.com backend. + Copyright (C) 2023 Spacebar and Spacebar Contributors This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published @@ -26,14 +26,14 @@ import { adjustEmail, RegisterSchema, ValidRegistrationToken, -} from "@fosscord/util"; +} from "@spacebar/util"; import { route, getIpAdress, IPAnalysis, isProxy, verifyCaptcha, -} from "@fosscord/api"; +} from "@spacebar/api"; import bcrypt from "bcrypt"; import { HTTPError } from "lambert-server"; import { MoreThan } from "typeorm"; @@ -52,7 +52,7 @@ router.post( // They're a one time use token that bypasses registration limits ( rates, disabled reg, etc ) let regTokenUsed = false; if (req.get("Referrer") && req.get("Referrer")?.includes("token=")) { - // eg theyre on https://staging.fosscord.com/register?token=whatever + // eg theyre on https://staging.spacebar.chat/register?token=whatever const token = req.get("Referrer")?.split("token=")[1].split("&")[0]; if (token) { const regToken = await ValidRegistrationToken.findOneOrFail({ diff --git a/src/api/routes/auth/reset.ts b/src/api/routes/auth/reset.ts index 9ab25dca..852a43c7 100644 --- a/src/api/routes/auth/reset.ts +++ b/src/api/routes/auth/reset.ts @@ -1,4 +1,22 @@ -import { route } from "@fosscord/api"; +/* + Spacebar: A FOSS re-implementation and extension of the Discord.com backend. + Copyright (C) 2023 Spacebar and Spacebar Contributors + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as published + by the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see <https://www.gnu.org/licenses/>. +*/ + +import { route } from "@spacebar/api"; import { checkToken, Config, @@ -7,7 +25,7 @@ import { generateToken, PasswordResetSchema, User, -} from "@fosscord/util"; +} from "@spacebar/util"; import bcrypt from "bcrypt"; import { Request, Response, Router } from "express"; diff --git a/src/api/routes/auth/verify/index.ts b/src/api/routes/auth/verify/index.ts index ac12bbb7..c1afcde9 100644 --- a/src/api/routes/auth/verify/index.ts +++ b/src/api/routes/auth/verify/index.ts @@ -1,6 +1,6 @@ /* - Fosscord: A FOSS re-implementation and extension of the Discord.com backend. - Copyright (C) 2023 Fosscord and Fosscord Contributors + Spacebar: A FOSS re-implementation and extension of the Discord.com backend. + Copyright (C) 2023 Spacebar and Spacebar Contributors This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published @@ -16,14 +16,14 @@ along with this program. If not, see <https://www.gnu.org/licenses/>. */ -import { getIpAdress, route, verifyCaptcha } from "@fosscord/api"; +import { getIpAdress, route, verifyCaptcha } from "@spacebar/api"; import { checkToken, Config, FieldErrors, generateToken, User, -} from "@fosscord/util"; +} from "@spacebar/util"; import { Request, Response, Router } from "express"; const router = Router(); diff --git a/src/api/routes/auth/verify/resend.ts b/src/api/routes/auth/verify/resend.ts index 918af9a1..f2727abd 100644 --- a/src/api/routes/auth/verify/resend.ts +++ b/src/api/routes/auth/verify/resend.ts @@ -1,6 +1,6 @@ /* - Fosscord: A FOSS re-implementation and extension of the Discord.com backend. - Copyright (C) 2023 Fosscord and Fosscord Contributors + Spacebar: A FOSS re-implementation and extension of the Discord.com backend. + Copyright (C) 2023 Spacebar and Spacebar Contributors This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published @@ -16,8 +16,8 @@ along with this program. If not, see <https://www.gnu.org/licenses/>. */ -import { route } from "@fosscord/api"; -import { Email, User } from "@fosscord/util"; +import { route } from "@spacebar/api"; +import { Email, User } from "@spacebar/util"; import { Request, Response, Router } from "express"; import { HTTPError } from "lambert-server"; const router = Router(); diff --git a/src/api/routes/auth/verify/view-backup-codes-challenge.ts b/src/api/routes/auth/verify/view-backup-codes-challenge.ts index 3e1a6a92..b12719ff 100644 --- a/src/api/routes/auth/verify/view-backup-codes-challenge.ts +++ b/src/api/routes/auth/verify/view-backup-codes-challenge.ts @@ -1,6 +1,6 @@ /* - Fosscord: A FOSS re-implementation and extension of the Discord.com backend. - Copyright (C) 2023 Fosscord and Fosscord Contributors + Spacebar: A FOSS re-implementation and extension of the Discord.com backend. + Copyright (C) 2023 Spacebar and Spacebar Contributors This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published @@ -17,8 +17,8 @@ */ import { Router, Request, Response } from "express"; -import { route } from "@fosscord/api"; -import { FieldErrors, User, BackupCodesChallengeSchema } from "@fosscord/util"; +import { route } from "@spacebar/api"; +import { FieldErrors, User, BackupCodesChallengeSchema } from "@spacebar/util"; import bcrypt from "bcrypt"; const router = Router(); |