diff --git a/src/util/config/types/RegisterConfiguration.ts b/src/util/config/types/RegisterConfiguration.ts
index 939605a6..68946272 100644
--- a/src/util/config/types/RegisterConfiguration.ts
+++ b/src/util/config/types/RegisterConfiguration.ts
@@ -9,6 +9,7 @@ export class RegisterConfiguration {
disabled: boolean = false;
requireCaptcha: boolean = true;
requireInvite: boolean = false;
+ allowGuests: boolean = true;
guestsRequireInvite: boolean = true;
allowNewRegistration: boolean = true;
allowMultipleAccounts: boolean = true;
diff --git a/src/util/config/types/SecurityConfiguration.ts b/src/util/config/types/SecurityConfiguration.ts
index 98c04c99..a2cebbd3 100644
--- a/src/util/config/types/SecurityConfiguration.ts
+++ b/src/util/config/types/SecurityConfiguration.ts
@@ -14,4 +14,6 @@ export class SecurityConfiguration {
// CF-Connecting-IP for cloudflare
forwadedFor: string | null = null;
ipdataApiKey: string | null = "eca677b284b3bac29eb72f5e496aa9047f26543605efe99ff2ce35c9";
+ mfaBackupCodeCount: number = 10;
+ mfaBackupCodeBytes: number = 4;
}
diff --git a/src/util/entities/Channel.ts b/src/util/entities/Channel.ts
index 23fc6544..b17fdba0 100644
--- a/src/util/entities/Channel.ts
+++ b/src/util/entities/Channel.ts
@@ -181,10 +181,16 @@ export class Channel extends BaseClass {
for (let character of InvisibleCharacters)
if (channel.name.includes(character)) throw new HTTPError("Channel name cannot include invalid characters", 403);
- if (channel.name.match(/\-\-+/g)) throw new HTTPError("Channel name cannot include multiple adjacent dashes.", 403);
+ // Categories and voice skip these checks on discord.com
+ const skipChecksTypes = [ChannelType.GUILD_CATEGORY, ChannelType.GUILD_VOICE];
+ if ((channel.type && !skipChecksTypes.includes(channel.type)) || guild.features.includes("IRC_LIKE_CHANNEL_NAMES")) {
+ if (channel.name.includes(" ")) throw new HTTPError("Channel name cannot include invalid characters", 403);
- if (channel.name.charAt(0) === "-" || channel.name.charAt(channel.name.length - 1) === "-")
- throw new HTTPError("Channel name cannot start/end with dash.", 403);
+ if (channel.name.match(/\-\-+/g)) throw new HTTPError("Channel name cannot include multiple adjacent dashes.", 403);
+
+ if (channel.name.charAt(0) === "-" || channel.name.charAt(channel.name.length - 1) === "-")
+ throw new HTTPError("Channel name cannot start/end with dash.", 403);
+ } else channel.name = channel.name.trim(); //category names are trimmed client side on discord.com
}
if (!guild.features.includes("ALLOW_UNNAMED_CHANNELS")) {
diff --git a/src/util/schemas/UserModifySchema.ts b/src/util/schemas/UserModifySchema.ts
index d69f83f4..622497d9 100644
--- a/src/util/schemas/UserModifySchema.ts
+++ b/src/util/schemas/UserModifySchema.ts
@@ -15,4 +15,5 @@ export interface UserModifySchema {
password?: string;
new_password?: string;
code?: string;
+ email?: string;
}
diff --git a/src/util/util/InvisibleCharacters.ts b/src/util/util/InvisibleCharacters.ts
index 4c809e48..9bffec58 100644
--- a/src/util/util/InvisibleCharacters.ts
+++ b/src/util/util/InvisibleCharacters.ts
@@ -1,9 +1,10 @@
// List from https://invisible-characters.com/
export const InvisibleCharacters = [
"\u{9}", //Tab
- "\u{20}", //Space
+ "\u{c}", //Form feed
+ //'\u{20}', //Space //categories can have spaces in them
"\u{ad}", //Soft hyphen
- "\u{34f}", //Combining grapheme joiner
+ // '\u{34f}', //Combining grapheme joiner
"\u{61c}", //Arabic letter mark
"\u{115f}", //Hangul choseong filler
"\u{1160}", //Hangul jungseong filler
@@ -23,12 +24,12 @@ export const InvisibleCharacters = [
"\u{200a}", //Hair space
"\u{200b}", //Zero width space
"\u{200c}", //Zero width non-joiner
- "\u{200d}", //Zero width joiner
+ // '\u{200d}', //Zero width joiner
"\u{200e}", //Left-to-right mark
"\u{200f}", //Right-to-left mark
"\u{202f}", //Narrow no-break space
"\u{205f}", //Medium mathematical space
- "\u{2060}", //Word joiner
+ // '\u{2060}', //Word joiner -- WJ is required in some languages that don't use spaces to split words
"\u{2061}", //Function application
"\u{2062}", //Invisible times
"\u{2063}", //Invisible separator
diff --git a/src/util/util/MFA.ts b/src/util/util/MFA.ts
index a2afcad6..b9af6d23 100644
--- a/src/util/util/MFA.ts
+++ b/src/util/util/MFA.ts
@@ -1,12 +1,13 @@
import crypto from "crypto";
+import { Config } from ".";
import { BackupCode } from "../entities/BackupCodes";
export function generateMfaBackupCodes(user_id: string) {
let backup_codes: BackupCode[] = [];
- for (let i = 0; i < 10; i++) {
+ for (let i = 0; i < Config.get().security.mfaBackupCodeCount; i++) {
const code = BackupCode.create({
user: { id: user_id },
- code: crypto.randomBytes(4).toString("hex"), // 8 characters
+ code: crypto.randomBytes(Config.get().security.mfaBackupCodeBytes).toString("hex"), // 8 characters
consumed: false,
expired: false
});
|
