parent
f642360a5d
commit
7590e9b644
|
@ -2,7 +2,8 @@ const jwt = require('jsonwebtoken');
|
|||
let models;
|
||||
let logger;
|
||||
const models_orm = require('./../models/index.model')
|
||||
|
||||
const crypto = require('crypto');
|
||||
const config = require('./../config')
|
||||
|
||||
async function validateJWT(token, key) {
|
||||
try {
|
||||
|
@ -23,15 +24,29 @@ async function readJWT(token) {
|
|||
}
|
||||
|
||||
|
||||
async function changePassword(account, newPassword, oldPassword) {
|
||||
if (!account || !newPassword || !oldPassword) { return {success: false, error: 'MISSING_DATA'}}
|
||||
const oldPasswordHash = crypto.createHash('sha256').update(oldPassword + config.applicationSalt).digest('hex')
|
||||
|
||||
if (account.password === oldPasswordHash) {
|
||||
const newPasswordHash = crypto.createHash('sha256').update(newPassword + config.applicationSalt).digest('hex')
|
||||
|
||||
const update = models_orm.models.accounts.update(
|
||||
{ password: newPasswordHash },
|
||||
{ where: { id: account.id } }
|
||||
)
|
||||
|
||||
return {success: true, msg: 'PASSWORD CHANGED', changed: true}
|
||||
} else {
|
||||
return {success: false, msg: 'BAD PASSWORD', passwordCorrect: false}
|
||||
}
|
||||
}
|
||||
|
||||
async function getAuthenticatedAccount(req, res) {
|
||||
const sessionCookie = (req.signedCookies !== undefined ? req.signedCookies.session : null);
|
||||
if (!sessionCookie || sessionCookie.expires <= Date.now()) { return null; }
|
||||
const email = sessionCookie.account.trim().toLowerCase();
|
||||
|
||||
|
||||
|
||||
// TODO stop storing emails in the cookie
|
||||
const account = await models_orm.models.accounts.findOne({where: {email: email}});
|
||||
|
||||
|
@ -59,6 +74,7 @@ module.exports = (_models, _logger) => {
|
|||
|
||||
return {
|
||||
validateJWT: validateJWT,
|
||||
getAuthenticatedAccount: getAuthenticatedAccount
|
||||
getAuthenticatedAccount: getAuthenticatedAccount,
|
||||
changePassword: changePassword
|
||||
}
|
||||
}
|
||||
|
|
|
@ -6,7 +6,7 @@ module.exports = (_models, _controllers, _logger) => {
|
|||
return {
|
||||
useradmin: require('./useradmin')(_models, _controllers, _logger),
|
||||
api: require('./api')(_models, _controllers, _logger),
|
||||
//useradminapi: require('./userAdminApi')(_models, _controllers, _logger)
|
||||
useradminapi: require('./userAdminApi')(_models, _controllers, _logger)
|
||||
//adminApi: require('./administration/adminApi')(_models, _controllers, _logger)
|
||||
}
|
||||
}
|
|
@ -222,7 +222,7 @@ router.get('/retropilot/0/overview', runAsyncWrapper(async (req, res) => {
|
|||
}))
|
||||
|
||||
|
||||
router.get('/useradmin/unpair_device/:dongleId', runAsyncWrapper(async (req, res) => {
|
||||
router.get('/retropilot/0/unpair_device/:dongleId', runAsyncWrapper(async (req, res) => {
|
||||
const account = await controllers.authentication.getAuthenticatedAccount(req, res);
|
||||
if (account == null) {
|
||||
return res.json({success: false, data: {session: false}}).status(403)
|
||||
|
@ -243,39 +243,39 @@ router.get('/useradmin/unpair_device/:dongleId', runAsyncWrapper(async (req, res
|
|||
res.json({success: true, data: {unlink: true}})
|
||||
}))
|
||||
|
||||
router.post('/retropilot/0/pair_device', bodyParser.urlencoded({extended: true}), runAsyncWrapper(async (req, res) => {
|
||||
const account = await controllers.authentication.getAuthenticatedAccount(req, res);
|
||||
if (account == null) {
|
||||
res.json({success: false, msg: 'UNAUTHORISED', status: 403})
|
||||
}
|
||||
|
||||
const pairDevice = await controllers.devices.pairDevice(req.body.qr_string);
|
||||
|
||||
if (pairDevice.success === true) {
|
||||
res.json({success: true, msg: 'Paired', status: 200, data: pairDevice})
|
||||
} else {
|
||||
res.json({success: false, msg:'error', data: pairDevice})
|
||||
}
|
||||
}))
|
||||
|
||||
|
||||
router.post('/retropilot/0/password/change', bodyParser.urlencoded({extended: true}), runAsyncWrapper(async (req, res) => {
|
||||
const account = await controllers.authentication.getAuthenticatedAccount(req, res);
|
||||
if (account == null) {
|
||||
res.json({success: false, msg: 'UNAUTHORISED', status: 403})
|
||||
}
|
||||
|
||||
const pwChange = await controllers.authentication.changePassword(account, req.body.newPassword, req.body.oldPassword);
|
||||
|
||||
if (pwChange.success === true) {
|
||||
res.json({success: true})
|
||||
} else {
|
||||
res.json({success: false, data: pwChange});
|
||||
}
|
||||
}));
|
||||
|
||||
/*
|
||||
|
||||
router.post('/useradmin/pair_device', bodyParser.urlencoded({extended: true}), runAsyncWrapper(async (req, res) => {
|
||||
const account = await controllers.authentication.getAuthenticatedAccount(req, res);
|
||||
if (account == null) {
|
||||
res.redirect('/useradmin?status=' + encodeURIComponent('Invalid or expired session'));
|
||||
return;
|
||||
}
|
||||
|
||||
var qrCodeParts = req.body.qr_string.split("--"); // imei, serial, jwtToken
|
||||
|
||||
const device = await models.__db.get('SELECT * FROM devices WHERE imei = ? AND serial = ?', qrCodeParts[0], qrCodeParts[1]);
|
||||
if (device == null) {
|
||||
res.redirect('/useradmin/overview?linkstatus=' + encodeURIComponent('Device not registered on Server'));
|
||||
}
|
||||
var decoded = controllers.authentication.validateJWT(qrCodeParts[2], device.public_key);
|
||||
if (decoded == null || decoded.pair == undefined) {
|
||||
res.redirect('/useradmin/overview?linkstatus=' + encodeURIComponent('Device QR Token is invalid or has expired'));
|
||||
}
|
||||
if (device.account_id != 0) {
|
||||
res.redirect('/useradmin/overview?linkstatus=' + encodeURIComponent('Device is already paired, unpair in that account first'));
|
||||
}
|
||||
|
||||
const result = await models.__db.run(
|
||||
'UPDATE devices SET account_id = ? WHERE dongle_id = ?',
|
||||
account.id,
|
||||
device.dongle_id
|
||||
);
|
||||
|
||||
res.redirect('/useradmin/overview');
|
||||
}))
|
||||
|
||||
|
||||
router.get('/useradmin/device/:dongleId', runAsyncWrapper(async (req, res) => {
|
||||
const account = await controllers.authentication.getAuthenticatedAccount(req, res);
|
||||
if (account == null) {
|
||||
|
|
|
@ -57,8 +57,8 @@ const web = async () => {
|
|||
app.use(routers.api);
|
||||
app.use(routers.useradmin);
|
||||
|
||||
if (config.flags.useUserAdminApi) app.use(routers.useradminapi);
|
||||
//app.use(routers.adminApi)
|
||||
//if (config.flags.useUserAdminApi) app.use(routers.useradminapi);
|
||||
app.use(routers.useradminapi)
|
||||
|
||||
|
||||
app.use(cors());
|
||||
|
|
Loading…
Reference in New Issue