Signup fixes
parent
9324aa589b
commit
be94357332
|
@ -1,3 +1,4 @@
|
|||
NODE_ENV=development
|
||||
APP_SALT=RANDOM_SEED
|
||||
DB_FILE=database.sqlite
|
||||
DB_NAME=retro-pilot
|
||||
|
|
|
@ -94,10 +94,14 @@ async function getAccountFromJWT(jwt, limitData) {
|
|||
return null; // {success: false, isInvalid: true}
|
||||
}
|
||||
|
||||
try {
|
||||
await orm.models.accounts.update(
|
||||
{ last_ping: Date.now() },
|
||||
{ where: { id: account.id } },
|
||||
);
|
||||
} catch(error) {
|
||||
console.log(error);
|
||||
}
|
||||
|
||||
if (!account || account.banned) {
|
||||
return null; // {success: false, isBanned: true}
|
||||
|
|
|
@ -17,26 +17,26 @@ async function pairDevice(account, qrString) {
|
|||
// Versions >= 0.8.3 uses only a pairtoken
|
||||
|
||||
const qrCodeParts = qrString.split('--');
|
||||
let deviceQuery;
|
||||
const device;
|
||||
let pairJWT;
|
||||
|
||||
if (qrString.indexOf('--') >= 0) {
|
||||
const [, serial, pairToken] = qrCodeParts;
|
||||
deviceQuery = await orm.models.device.findOne({ where: { serial } });
|
||||
device = await orm.models.device.findOne({ where: { serial } });
|
||||
pairJWT = pairToken;
|
||||
} else {
|
||||
const data = await authenticationController.readJWT(qrString);
|
||||
if (!data.pair) {
|
||||
if (!data || !data.pair) {
|
||||
return { success: false, noPair: true };
|
||||
}
|
||||
deviceQuery = await orm.models.device.findOne({ where: { dongle_id: data.identity } });
|
||||
device = await orm.models.device.findOne({ where: { dongle_id: data.identity } });
|
||||
pairJWT = qrString;
|
||||
}
|
||||
|
||||
if (deviceQuery == null || !deviceQuery.dataValues) {
|
||||
return { success: false, registered: false };
|
||||
return { success: false, registered: false, noPair: true };
|
||||
}
|
||||
|
||||
const device = deviceQuery.dataValues;
|
||||
const decoded = await authenticationController.validateJWT(pairJWT, device.public_key);
|
||||
if (decoded == null || !decoded.pair) {
|
||||
return { success: false, badToken: true };
|
||||
|
|
|
@ -16,9 +16,10 @@ export async function getAccountFromEmail(email) {
|
|||
return null;
|
||||
}
|
||||
|
||||
export async function _dirtyCreateAccount(email, password, created, banned) {
|
||||
export async function _dirtyCreateAccount(email, password, created, admin) {
|
||||
console.log('creating acount: ', email, password, created, admin);
|
||||
return orm.models.accounts.create({
|
||||
email, password, created, banned,
|
||||
email, password, created, admin,
|
||||
});
|
||||
}
|
||||
|
||||
|
|
|
@ -18,11 +18,11 @@ export default (sequelize) => {
|
|||
},
|
||||
created: {
|
||||
allowNull: true,
|
||||
type: DataTypes.INTEGER,
|
||||
type: DataTypes.BIGINT,
|
||||
},
|
||||
last_ping: {
|
||||
allowNull: true,
|
||||
type: DataTypes.INTEGER,
|
||||
type: DataTypes.BIGINT,
|
||||
},
|
||||
'2fa_token': {
|
||||
allowNull: true,
|
|
@ -4,7 +4,7 @@
|
|||
import { Sequelize } from 'sequelize';
|
||||
import devices from './devices.model';
|
||||
import drives from './drives.model';
|
||||
import users from './users.model';
|
||||
import accounts from './accounts.model';
|
||||
import athena_action_log from './athena_action_log.model';
|
||||
import athena_returned_data from './athena_returned_data.model';
|
||||
import device_authorised_users from './device_authorised_users.model';
|
||||
|
@ -25,7 +25,7 @@ sequelize.options.logging = () => {};
|
|||
const modelDefiners = [
|
||||
devices,
|
||||
drives,
|
||||
users,
|
||||
accounts,
|
||||
athena_action_log,
|
||||
athena_returned_data,
|
||||
device_authorised_users,
|
||||
|
|
|
@ -117,12 +117,18 @@ router.post('/useradmin/register/token', bodyParser.urlencoded({ extended: true
|
|||
} else if (req.body.password !== req.body.password2 || req.body.password.length < 3) {
|
||||
infoText = 'The passwords you entered did not match or were shorter than 3 characters, please try again.<br><br>';
|
||||
} else {
|
||||
const result = await userController._dirtyCreateAccount(
|
||||
let result = false;
|
||||
|
||||
try {
|
||||
result = await userController._dirtyCreateAccount(
|
||||
email,
|
||||
crypto.createHash('sha256').update(req.body.password + process.env.APP_SALT).digest('hex'),
|
||||
Date.now(),
|
||||
false,
|
||||
);
|
||||
} catch(error) {
|
||||
console.error(error);
|
||||
}
|
||||
|
||||
console.log(result);
|
||||
|
||||
|
@ -130,6 +136,7 @@ router.post('/useradmin/register/token', bodyParser.urlencoded({ extended: true
|
|||
logger.info(`USERADMIN REGISTRATION - created new account #${result.lastID} with email ${email}`);
|
||||
return res.redirect(`/useradmin?status=${encodeURIComponent('Successfully registered')}`);
|
||||
}
|
||||
|
||||
logger.error(`USERADMIN REGISTRATION - account creation failed, resulting account data for email ${email} is: ${result}`);
|
||||
infoText = 'Unable to complete account registration (database error).<br><br>';
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue