diff --git a/src/api/routes/auth/location-metadata.ts b/src/api/routes/auth/location-metadata.ts
index f4c2bd16..b8caf579 100644
--- a/src/api/routes/auth/location-metadata.ts
+++ b/src/api/routes/auth/location-metadata.ts
@@ -1,13 +1,12 @@
-import { Router, Request, Response } from "express";
-import { route } from "@fosscord/api";
-import { getIpAdress, IPAnalysis } from "@fosscord/api";
+import { getIpAdress, IPAnalysis, route } from "@fosscord/api";
+import { Request, Response, Router } from "express";
const router = Router();
-router.get("/",route({}), async (req: Request, res: Response) => {
- //TODO
- //Note: It's most likely related to legal. At the moment Discord hasn't finished this too
- const country_code = (await IPAnalysis(getIpAdress(req))).country_code;
- res.json({ consent_required: false, country_code: country_code, promotional_email_opt_in: { required: true, pre_checked: false}});
+router.get("/", route({}), async (req: Request, res: Response) => {
+ //TODO
+ //Note: It's most likely related to legal. At the moment Discord hasn't finished this too
+ const country_code = (await IPAnalysis(getIpAdress(req))).country_code;
+ res.json({ consent_required: false, country_code: country_code, promotional_email_opt_in: { required: true, pre_checked: false } });
});
export default router;
diff --git a/src/api/routes/auth/login.ts b/src/api/routes/auth/login.ts
index 9fc5924d..68b2656a 100644
--- a/src/api/routes/auth/login.ts
+++ b/src/api/routes/auth/login.ts
@@ -1,21 +1,29 @@
import { Request, Response, Router } from "express";
-import { route } from "@fosscord/api";
-import bcrypt from "bcrypt";
+import { route, getIpAdress, verifyCaptcha } from "@fosscord/api";
import { Config, User, generateToken, adjustEmail, FieldErrors, LoginSchema } from "@fosscord/util";
import crypto from "crypto";
+let bcrypt: any;
+try {
+ bcrypt = require("bcrypt");
+} catch {
+ bcrypt = require("bcryptjs");
+ console.log("Warning: using bcryptjs because bcrypt is not installed! Performance will be affected.");
+}
+
const router: Router = Router();
export default router;
router.post("/", route({ body: "LoginSchema" }), async (req: Request, res: Response) => {
const { login, password, captcha_key, undelete } = req.body as LoginSchema;
const email = adjustEmail(login);
+ const ip = getIpAdress(req);
const config = Config.get();
if (config.login.requireCaptcha && config.security.captcha.enabled) {
+ const { sitekey, service } = config.security.captcha;
if (!captcha_key) {
- const { sitekey, service } = config.security.captcha;
return res.status(400).json({
captcha_key: ["captcha-required"],
captcha_sitekey: sitekey,
@@ -23,7 +31,15 @@ router.post("/", route({ body: "LoginSchema" }), async (req: Request, res: Respo
});
}
- // TODO: check captcha
+ const ip = getIpAdress(req);
+ const verify = await verifyCaptcha(captcha_key, ip);
+ if (!verify.success) {
+ return res.status(400).json({
+ captcha_key: verify["error-codes"],
+ captcha_sitekey: sitekey,
+ captcha_service: service
+ })
+ }
}
const user = await User.findOneOrFail({
@@ -57,9 +73,9 @@ router.post("/", route({ body: "LoginSchema" }), async (req: Request, res: Respo
return res.json({
ticket: ticket,
mfa: true,
- sms: false, // TODO
- token: null,
- })
+ sms: false, // TODO
+ token: null
+ });
}
const token = await generateToken(user.id);
diff --git a/src/api/routes/auth/mfa/totp.ts b/src/api/routes/auth/mfa/totp.ts
index 421dbafa..9938569e 100644
--- a/src/api/routes/auth/mfa/totp.ts
+++ b/src/api/routes/auth/mfa/totp.ts
@@ -1,8 +1,8 @@
-import { Router, Request, Response } from "express";
import { route } from "@fosscord/api";
-import { BackupCode, FieldErrors, generateToken, TotpSchema, User } from "@fosscord/util";
-import { verifyToken } from "node-2fa";
+import { BackupCode, generateToken, TotpSchema, User } from "@fosscord/util";
+import { Request, Response, Router } from "express";
import { HTTPError } from "lambert-server";
+import { verifyToken } from "node-2fa";
const router = Router();
router.post("/", route({ body: "TotpSchema" }), async (req: Request, res: Response) => {
@@ -10,23 +10,17 @@ router.post("/", route({ body: "TotpSchema" }), async (req: Request, res: Respon
const user = await User.findOneOrFail({
where: {
- totp_last_ticket: ticket,
+ totp_last_ticket: ticket
},
- select: [
- "id",
- "totp_secret",
- "settings",
- ],
+ select: ["id", "totp_secret", "settings"]
});
const backup = await BackupCode.findOne({ where: { code: code, expired: false, consumed: false, user: { id: user.id } } });
if (!backup) {
const ret = verifyToken(user.totp_secret!, code);
- if (!ret || ret.delta != 0)
- throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008);
- }
- else {
+ if (!ret || ret.delta != 0) throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008);
+ } else {
backup.consumed = true;
await backup.save();
}
@@ -35,7 +29,7 @@ router.post("/", route({ body: "TotpSchema" }), async (req: Request, res: Respon
return res.json({
token: await generateToken(user.id),
- user_settings: user.settings,
+ user_settings: user.settings
});
});
diff --git a/src/api/routes/auth/register.ts b/src/api/routes/auth/register.ts
index 09366a12..d3b5a59c 100644
--- a/src/api/routes/auth/register.ts
+++ b/src/api/routes/auth/register.ts
@@ -1,7 +1,14 @@
import { Request, Response, Router } from "express";
-import { Config, generateToken, Invite, FieldErrors, User, adjustEmail, trimSpecial, RegisterSchema } from "@fosscord/util";
-import { route, getIpAdress, IPAnalysis, isProxy } from "@fosscord/api";
-import bcrypt from "bcrypt";
+import { Config, generateToken, Invite, FieldErrors, User, adjustEmail, RegisterSchema } from "@fosscord/util";
+import { route, getIpAdress, IPAnalysis, isProxy, verifyCaptcha } from "@fosscord/api";
+
+let bcrypt: any;
+try {
+ bcrypt = require("bcrypt");
+} catch {
+ bcrypt = require("bcryptjs");
+ console.log("Warning: using bcryptjs because bcrypt is not installed! Performance will be affected.");
+}
import { HTTPError } from "@fosscord/util";
const router: Router = Router();
@@ -38,8 +45,8 @@ router.post("/", route({ body: "RegisterSchema" }), async (req: Request, res: Re
}
if (register.requireCaptcha && security.captcha.enabled) {
+ const { sitekey, service } = security.captcha;
if (!body.captcha_key) {
- const { sitekey, service } = security.captcha;
return res?.status(400).json({
captcha_key: ["captcha-required"],
captcha_sitekey: sitekey,
@@ -47,7 +54,14 @@ router.post("/", route({ body: "RegisterSchema" }), async (req: Request, res: Re
});
}
- // TODO: check captcha
+ const verify = await verifyCaptcha(body.captcha_key, ip);
+ if (!verify.success) {
+ return res.status(400).json({
+ captcha_key: verify["error-codes"],
+ captcha_sitekey: sitekey,
+ captcha_service: service
+ })
+ }
}
if (!register.allowMultipleAccounts) {
|