From abdce76df4b6aa3a063b496e6c0575c54e9fa397 Mon Sep 17 00:00:00 2001 From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> Date: Tue, 21 Sep 2021 22:52:30 +0200 Subject: :sparkles: generate openapi documentation --- util/src/util/Email.ts | 20 ++++++++++++++++++++ util/src/util/Token.ts | 43 +++++++++++++++++++++++++++++++++++++++++++ util/src/util/checkToken.ts | 23 ----------------------- util/src/util/index.ts | 3 ++- 4 files changed, 65 insertions(+), 24 deletions(-) create mode 100644 util/src/util/Email.ts create mode 100644 util/src/util/Token.ts delete mode 100644 util/src/util/checkToken.ts (limited to 'util') diff --git a/util/src/util/Email.ts b/util/src/util/Email.ts new file mode 100644 index 00000000..c304f584 --- /dev/null +++ b/util/src/util/Email.ts @@ -0,0 +1,20 @@ +export const EMAIL_REGEX = + /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/; + +export function adjustEmail(email: string): string | undefined { + if (!email) return email; + // body parser already checked if it is a valid email + const parts = email.match(EMAIL_REGEX); + // @ts-ignore + if (!parts || parts.length < 5) return undefined; + const domain = parts[5]; + const user = parts[1]; + + // TODO: check accounts with uncommon email domains + if (domain === "gmail.com" || domain === "googlemail.com") { + // replace .dots and +alternatives -> Gmail Dot Trick https://support.google.com/mail/answer/7436150 and https://generator.email/blog/gmail-generator + return user.replace(/[.]|(\+.*)/g, "") + "@gmail.com"; + } + + return email; +} diff --git a/util/src/util/Token.ts b/util/src/util/Token.ts new file mode 100644 index 00000000..111d59a2 --- /dev/null +++ b/util/src/util/Token.ts @@ -0,0 +1,43 @@ +import jwt, { VerifyOptions } from "jsonwebtoken"; +import { Config } from "./Config"; +import { User } from "../entities"; + +export const JWTOptions: VerifyOptions = { algorithms: ["HS256"] }; + +export function checkToken(token: string, jwtSecret: string): Promise { + return new Promise((res, rej) => { + token = token.replace("Bot ", ""); // TODO: proper bot support + jwt.verify(token, jwtSecret, JWTOptions, async (err, decoded: any) => { + if (err || !decoded) return rej("Invalid Token"); + + const user = await User.findOne({ id: decoded.id }, { select: ["data", "bot", "disabled", "deleted"] }); + if (!user) return rej("Invalid Token"); + // we need to round it to seconds as it saved as seconds in jwt iat and valid_tokens_since is stored in milliseconds + if (decoded.iat * 1000 < new Date(user.data.valid_tokens_since).setSeconds(0, 0)) + return rej("Invalid Token"); + if (user.disabled) return rej("User disabled"); + if (user.deleted) return rej("User not found"); + + return res({ decoded, user }); + }); + }); +} + +export async function generateToken(id: string) { + const iat = Math.floor(Date.now() / 1000); + const algorithm = "HS256"; + + return new Promise((res, rej) => { + jwt.sign( + { id: id, iat }, + Config.get().security.jwtSecret, + { + algorithm, + }, + (err, token) => { + if (err) return rej(err); + return res(token); + } + ); + }); +} diff --git a/util/src/util/checkToken.ts b/util/src/util/checkToken.ts deleted file mode 100644 index 8415e8c0..00000000 --- a/util/src/util/checkToken.ts +++ /dev/null @@ -1,23 +0,0 @@ -import jwt, { VerifyOptions } from "jsonwebtoken"; -import { User } from "../entities"; - -export const JWTOptions: VerifyOptions = { algorithms: ["HS256"] }; - -export function checkToken(token: string, jwtSecret: string): Promise { - return new Promise((res, rej) => { - token = token.replace("Bot ", ""); // TODO: proper bot support - jwt.verify(token, jwtSecret, JWTOptions, async (err, decoded: any) => { - if (err || !decoded) return rej("Invalid Token"); - - const user = await User.findOne({ id: decoded.id }, { select: ["data", "bot", "disabled", "deleted"] }); - if (!user) return rej("Invalid Token"); - // we need to round it to seconds as it saved as seconds in jwt iat and valid_tokens_since is stored in milliseconds - if (decoded.iat * 1000 < new Date(user.data.valid_tokens_since).setSeconds(0, 0)) - return rej("Invalid Token"); - if (user.disabled) return rej("User disabled"); - if (user.deleted) return rej("User not found"); - - return res({ decoded, user }); - }); - }); -} diff --git a/util/src/util/index.ts b/util/src/util/index.ts index 3160380f..d73bf4ca 100644 --- a/util/src/util/index.ts +++ b/util/src/util/index.ts @@ -1,11 +1,12 @@ export * from "./ApiError"; export * from "./BitField"; -export * from "./checkToken"; +export * from "./Token"; export * from "./cdn"; export * from "./Config"; export * from "./Constants"; export * from "./Database"; export * from "./Event"; +export * from "./Email"; export * from "./Intents"; export * from "./MessageFlags"; export * from "./Permissions"; -- cgit 1.4.1