summary refs log tree commit diff
path: root/src/api/routes/auth
diff options
context:
space:
mode:
authorMadeline <46743919+MaddyUnderStars@users.noreply.github.com>2022-08-25 12:55:42 +1000
committerMadeline <46743919+MaddyUnderStars@users.noreply.github.com>2022-08-25 13:00:31 +1000
commitd946547a9233d866e793e1c68f11d98cb2f7d390 (patch)
tree2ff2677432e2e874f0784b115202f3846e68deb0 /src/api/routes/auth
parentMerge remote-tracking branch 'upstream/staging' into fix/categoryNames (diff)
parentMerge pull request #799 from MaddyUnderStars/feat/captchaVerify (diff)
downloadserver-ts-d946547a9233d866e793e1c68f11d98cb2f7d390.tar.xz
Merge remote-tracking branch 'upstream/staging' into fix/categoryNames
Also allow voice to skip checks
Diffstat (limited to 'src/api/routes/auth')
-rw-r--r--src/api/routes/auth/location-metadata.ts15
-rw-r--r--src/api/routes/auth/login.ts30
-rw-r--r--src/api/routes/auth/mfa/totp.ts22
-rw-r--r--src/api/routes/auth/register.ts24
4 files changed, 57 insertions, 34 deletions
diff --git a/src/api/routes/auth/location-metadata.ts b/src/api/routes/auth/location-metadata.ts

index f4c2bd16..b8caf579 100644 --- a/src/api/routes/auth/location-metadata.ts +++ b/src/api/routes/auth/location-metadata.ts
@@ -1,13 +1,12 @@ -import { Router, Request, Response } from "express"; -import { route } from "@fosscord/api"; -import { getIpAdress, IPAnalysis } from "@fosscord/api"; +import { getIpAdress, IPAnalysis, route } from "@fosscord/api"; +import { Request, Response, Router } from "express"; const router = Router(); -router.get("/",route({}), async (req: Request, res: Response) => { - //TODO - //Note: It's most likely related to legal. At the moment Discord hasn't finished this too - const country_code = (await IPAnalysis(getIpAdress(req))).country_code; - res.json({ consent_required: false, country_code: country_code, promotional_email_opt_in: { required: true, pre_checked: false}}); +router.get("/", route({}), async (req: Request, res: Response) => { + //TODO + //Note: It's most likely related to legal. At the moment Discord hasn't finished this too + const country_code = (await IPAnalysis(getIpAdress(req))).country_code; + res.json({ consent_required: false, country_code: country_code, promotional_email_opt_in: { required: true, pre_checked: false } }); }); export default router; diff --git a/src/api/routes/auth/login.ts b/src/api/routes/auth/login.ts
index 9fc5924d..68b2656a 100644 --- a/src/api/routes/auth/login.ts +++ b/src/api/routes/auth/login.ts
@@ -1,21 +1,29 @@ import { Request, Response, Router } from "express"; -import { route } from "@fosscord/api"; -import bcrypt from "bcrypt"; +import { route, getIpAdress, verifyCaptcha } from "@fosscord/api"; import { Config, User, generateToken, adjustEmail, FieldErrors, LoginSchema } from "@fosscord/util"; import crypto from "crypto"; +let bcrypt: any; +try { + bcrypt = require("bcrypt"); +} catch { + bcrypt = require("bcryptjs"); + console.log("Warning: using bcryptjs because bcrypt is not installed! Performance will be affected."); +} + const router: Router = Router(); export default router; router.post("/", route({ body: "LoginSchema" }), async (req: Request, res: Response) => { const { login, password, captcha_key, undelete } = req.body as LoginSchema; const email = adjustEmail(login); + const ip = getIpAdress(req); const config = Config.get(); if (config.login.requireCaptcha && config.security.captcha.enabled) { + const { sitekey, service } = config.security.captcha; if (!captcha_key) { - const { sitekey, service } = config.security.captcha; return res.status(400).json({ captcha_key: ["captcha-required"], captcha_sitekey: sitekey, @@ -23,7 +31,15 @@ router.post("/", route({ body: "LoginSchema" }), async (req: Request, res: Respo }); } - // TODO: check captcha + const ip = getIpAdress(req); + const verify = await verifyCaptcha(captcha_key, ip); + if (!verify.success) { + return res.status(400).json({ + captcha_key: verify["error-codes"], + captcha_sitekey: sitekey, + captcha_service: service + }) + } } const user = await User.findOneOrFail({ @@ -57,9 +73,9 @@ router.post("/", route({ body: "LoginSchema" }), async (req: Request, res: Respo return res.json({ ticket: ticket, mfa: true, - sms: false, // TODO - token: null, - }) + sms: false, // TODO + token: null + }); } const token = await generateToken(user.id); diff --git a/src/api/routes/auth/mfa/totp.ts b/src/api/routes/auth/mfa/totp.ts
index 421dbafa..9938569e 100644 --- a/src/api/routes/auth/mfa/totp.ts +++ b/src/api/routes/auth/mfa/totp.ts
@@ -1,8 +1,8 @@ -import { Router, Request, Response } from "express"; import { route } from "@fosscord/api"; -import { BackupCode, FieldErrors, generateToken, TotpSchema, User } from "@fosscord/util"; -import { verifyToken } from "node-2fa"; +import { BackupCode, generateToken, TotpSchema, User } from "@fosscord/util"; +import { Request, Response, Router } from "express"; import { HTTPError } from "lambert-server"; +import { verifyToken } from "node-2fa"; const router = Router(); router.post("/", route({ body: "TotpSchema" }), async (req: Request, res: Response) => { @@ -10,23 +10,17 @@ router.post("/", route({ body: "TotpSchema" }), async (req: Request, res: Respon const user = await User.findOneOrFail({ where: { - totp_last_ticket: ticket, + totp_last_ticket: ticket }, - select: [ - "id", - "totp_secret", - "settings", - ], + select: ["id", "totp_secret", "settings"] }); const backup = await BackupCode.findOne({ where: { code: code, expired: false, consumed: false, user: { id: user.id } } }); if (!backup) { const ret = verifyToken(user.totp_secret!, code); - if (!ret || ret.delta != 0) - throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008); - } - else { + if (!ret || ret.delta != 0) throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008); + } else { backup.consumed = true; await backup.save(); } @@ -35,7 +29,7 @@ router.post("/", route({ body: "TotpSchema" }), async (req: Request, res: Respon return res.json({ token: await generateToken(user.id), - user_settings: user.settings, + user_settings: user.settings }); }); diff --git a/src/api/routes/auth/register.ts b/src/api/routes/auth/register.ts
index 09366a12..d3b5a59c 100644 --- a/src/api/routes/auth/register.ts +++ b/src/api/routes/auth/register.ts
@@ -1,7 +1,14 @@ import { Request, Response, Router } from "express"; -import { Config, generateToken, Invite, FieldErrors, User, adjustEmail, trimSpecial, RegisterSchema } from "@fosscord/util"; -import { route, getIpAdress, IPAnalysis, isProxy } from "@fosscord/api"; -import bcrypt from "bcrypt"; +import { Config, generateToken, Invite, FieldErrors, User, adjustEmail, RegisterSchema } from "@fosscord/util"; +import { route, getIpAdress, IPAnalysis, isProxy, verifyCaptcha } from "@fosscord/api"; + +let bcrypt: any; +try { + bcrypt = require("bcrypt"); +} catch { + bcrypt = require("bcryptjs"); + console.log("Warning: using bcryptjs because bcrypt is not installed! Performance will be affected."); +} import { HTTPError } from "@fosscord/util"; const router: Router = Router(); @@ -38,8 +45,8 @@ router.post("/", route({ body: "RegisterSchema" }), async (req: Request, res: Re } if (register.requireCaptcha && security.captcha.enabled) { + const { sitekey, service } = security.captcha; if (!body.captcha_key) { - const { sitekey, service } = security.captcha; return res?.status(400).json({ captcha_key: ["captcha-required"], captcha_sitekey: sitekey, @@ -47,7 +54,14 @@ router.post("/", route({ body: "RegisterSchema" }), async (req: Request, res: Re }); } - // TODO: check captcha + const verify = await verifyCaptcha(body.captcha_key, ip); + if (!verify.success) { + return res.status(400).json({ + captcha_key: verify["error-codes"], + captcha_sitekey: sitekey, + captcha_service: service + }) + } } if (!register.allowMultipleAccounts) {