From aaedd0bfd6db7a699640345d1444e686fa059d36 Mon Sep 17 00:00:00 2001
From: AdamSBlack <adam@adamblack.us>
Date: Sun, 3 Oct 2021 00:08:21 +0100
Subject: [PATCH] minor

---
 controllers/devices.js | 43 ++++++++++++++++++++++++++++++++----------
 controllers/index.js   |  2 +-
 2 files changed, 34 insertions(+), 11 deletions(-)

diff --git a/controllers/devices.js b/controllers/devices.js
index 3e54e7d..290f506 100644
--- a/controllers/devices.js
+++ b/controllers/devices.js
@@ -1,20 +1,43 @@
 const config = require('./../config');
-
 let models;
 let logger;
-let controllers;
+const authenticationController = require('./authentication')(models, logger);
 
-async function isCurrentUserAdmin(req) {
+function pairDevice(account, qr_string) {
 
+     // Legacy registrations encode QR data as imei - serial - pairtoken, => 0.8.3 uses only a pairtoken
+     const qrCode = req.body.qr_string;
+     var qrCodeParts = qrCode.split("--");
+     let device;
+     let pairJWT;
+     if (qrCodeParts.length > 0) {
+          device = await models.__db.get('SELECT * FROM devices WHERE imei = ? AND serial = ?', qrCodeParts[0], qrCodeParts[1]);
+          pairJWT = qrCodeParts[2];
+     } else {
+         pairJWT = qrCode;
+         const data = controllers.authentication.readJWT(qrCode);
+         device = await models.__db.get('SELECT * FROM devices WHERE dongleId = ?', data.identiy);
+     }
+
+     if (device == null) {
+         res.redirect('/useradmin/overview?linkstatus=' + encodeURIComponent('Device not registered on Server'));
+     }
+     var decoded = controllers.authentication.validateJWT(pairJWT, device.public_key);
+     if (decoded == null || decoded.pair == undefined) {
+         res.redirect('/useradmin/overview?linkstatus=' + encodeURIComponent('Device QR Token is invalid or has expired'));
+     }
+     if (device.account_id != 0) {
+         res.redirect('/useradmin/overview?linkstatus=' + encodeURIComponent('Device is already paired, unpair in that account first'));
+     }
+
+     const result = await models.__db.run(
+         'UPDATE devices SET account_id = ? WHERE dongle_id = ?',
+         account.id,
+         device.dongle_id
+     );
 }
 
 
-async function getDeviceFromDongleId(dongleId) {
-
-    models.devices
-}
-    
-
 
 module.exports = (_models, _logger, _controllers) => {
     models = _models;
@@ -22,6 +45,6 @@ module.exports = (_models, _logger, _controllers) => {
     controllers = _controllers
 
     return {
-        banAccount
+        
     }
 }
diff --git a/controllers/index.js b/controllers/index.js
index 058e007..f7463a3 100644
--- a/controllers/index.js
+++ b/controllers/index.js
@@ -1,7 +1,7 @@
 const config = require('./../config');
 
 
-module.exports = async (models, logger) => {
+module.exports = async (models, logger, models_sqli) => {
 
 
     return {