From 084dc0be08555891cad4c2bb984822a62ec5ec9f Mon Sep 17 00:00:00 2001
From: Madeline <46743919+MaddyUnderStars@users.noreply.github.com>
Date: Fri, 20 Jan 2023 18:10:47 +1100
Subject: Add ESLint (#941)

* Add eslint, switch to lint-staged for precommit

* Fix all ESLint errors

* Update GH workflow to check prettier and eslint
---
 src/api/routes/users/@me/mfa/codes-verification.ts | 10 +++++++---
 src/api/routes/users/@me/mfa/codes.ts              |  2 +-
 src/api/routes/users/@me/mfa/totp/disable.ts       |  2 +-
 src/api/routes/users/@me/mfa/totp/enable.ts        |  2 +-
 4 files changed, 10 insertions(+), 6 deletions(-)

(limited to 'src/api/routes/users/@me/mfa')

diff --git a/src/api/routes/users/@me/mfa/codes-verification.ts b/src/api/routes/users/@me/mfa/codes-verification.ts
index ac16f7e7..24f018c9 100644
--- a/src/api/routes/users/@me/mfa/codes-verification.ts
+++ b/src/api/routes/users/@me/mfa/codes-verification.ts
@@ -23,6 +23,7 @@ import {
 	generateMfaBackupCodes,
 	User,
 	CodesVerificationSchema,
+	DiscordApiErrors,
 } from "@fosscord/util";
 
 const router = Router();
@@ -31,14 +32,17 @@ router.post(
 	"/",
 	route({ body: "CodesVerificationSchema" }),
 	async (req: Request, res: Response) => {
-		const { key, nonce, regenerate } = req.body as CodesVerificationSchema;
+		// const { key, nonce, regenerate } = req.body as CodesVerificationSchema;
+		const { regenerate } = req.body as CodesVerificationSchema;
 
 		// TODO: We don't have email/etc etc, so can't send a verification code.
 		// Once that's done, this route can verify `key`
 
-		const user = await User.findOneOrFail({ where: { id: req.user_id } });
+		// const user = await User.findOneOrFail({ where: { id: req.user_id } });
+		if ((await User.count({ where: { id: req.user_id } })) === 0)
+			throw DiscordApiErrors.UNKNOWN_USER;
 
-		var codes: BackupCode[];
+		let codes: BackupCode[];
 		if (regenerate) {
 			await BackupCode.update(
 				{ user: { id: req.user_id } },
diff --git a/src/api/routes/users/@me/mfa/codes.ts b/src/api/routes/users/@me/mfa/codes.ts
index 09b9b329..e2600400 100644
--- a/src/api/routes/users/@me/mfa/codes.ts
+++ b/src/api/routes/users/@me/mfa/codes.ts
@@ -51,7 +51,7 @@ router.post(
 			});
 		}
 
-		var codes: BackupCode[];
+		let codes: BackupCode[];
 		if (regenerate) {
 			await BackupCode.update(
 				{ user: { id: req.user_id } },
diff --git a/src/api/routes/users/@me/mfa/totp/disable.ts b/src/api/routes/users/@me/mfa/totp/disable.ts
index c399ba33..e35691ae 100644
--- a/src/api/routes/users/@me/mfa/totp/disable.ts
+++ b/src/api/routes/users/@me/mfa/totp/disable.ts
@@ -42,7 +42,7 @@ router.post(
 
 		const backup = await BackupCode.findOne({ where: { code: body.code } });
 		if (!backup) {
-			const ret = verifyToken(user.totp_secret!, body.code);
+			const ret = verifyToken(user.totp_secret || "", body.code);
 			if (!ret || ret.delta != 0)
 				throw new HTTPError(
 					req.t("auth:login.INVALID_TOTP_CODE"),
diff --git a/src/api/routes/users/@me/mfa/totp/enable.ts b/src/api/routes/users/@me/mfa/totp/enable.ts
index a59983ac..f6519ad0 100644
--- a/src/api/routes/users/@me/mfa/totp/enable.ts
+++ b/src/api/routes/users/@me/mfa/totp/enable.ts
@@ -57,7 +57,7 @@ router.post(
 		if (verifyToken(body.secret, body.code)?.delta != 0)
 			throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008);
 
-		let backup_codes = generateMfaBackupCodes(req.user_id);
+		const backup_codes = generateMfaBackupCodes(req.user_id);
 		await Promise.all(backup_codes.map((x) => x.save()));
 		await User.update(
 			{ id: req.user_id },
-- 
cgit 1.5.1