AdamSBlack
parent
6521cda85a
commit
cbea324a05
|
|
@ -8,11 +8,21 @@ async function validateJWT(token, key) {
|
|||
try {
|
||||
return jwt.verify(token.replace("JWT ", ""), key, {algorithms: ['RS256'], ignoreNotBefore: true});
|
||||
} catch (exception) {
|
||||
logger.warn(exception)
|
||||
logger.warn(`failed to validate JWT ${exception}`)
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
async function readJWT(token) {
|
||||
try {
|
||||
return jwt.decode(token);
|
||||
} catch (exception) {
|
||||
logger.warn(`failed to read JWT ${exception}`)
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
async function getAuthenticatedAccount(req, res) {
|
||||
|
|
|
|||
|
|
@ -0,0 +1,27 @@
|
|||
const config = require('./../config');
|
||||
|
||||
let models;
|
||||
let logger;
|
||||
let controllers;
|
||||
|
||||
async function isCurrentUserAdmin(req) {
|
||||
|
||||
}
|
||||
|
||||
|
||||
async function getDeviceFromDongleId(dongleId) {
|
||||
|
||||
models.devices
|
||||
}
|
||||
|
||||
|
||||
|
||||
module.exports = (_models, _logger, _controllers) => {
|
||||
models = _models;
|
||||
logger = _logger;
|
||||
controllers = _controllers
|
||||
|
||||
return {
|
||||
banAccount
|
||||
}
|
||||
}
|
||||
|
|
@ -20,18 +20,26 @@ let transporter = nodemailer.createTransport(
|
|||
|
||||
async function sendEmailVerification(token, email) {
|
||||
if (!config.canSendMail) return logger.warn(`Mailing disabled. ${email} - ${token}`);
|
||||
console.log("mail")
|
||||
let message = {
|
||||
from: config.smtpFrom,
|
||||
to: email.trim(),
|
||||
subject: 'RetroPilot Registration Token',
|
||||
text: 'Your Email Registration Token Is: "' + token + '"'
|
||||
};
|
||||
|
||||
const {error, info} = await transporter.sendMail(message);
|
||||
let message, error, info;
|
||||
|
||||
try {
|
||||
|
||||
message = {
|
||||
from: config.smtpFrom,
|
||||
to: email.trim(),
|
||||
subject: 'RetroPilot Registration Token',
|
||||
text: 'Your Email Registration Token Is: "' + token + '"'
|
||||
};
|
||||
|
||||
error, info = await transporter.sendMail(message);
|
||||
} catch (exception) {
|
||||
logger.warn(`Email to ${email} FAILED ${exception} - ${token}`)
|
||||
}
|
||||
|
||||
|
||||
if (error) {
|
||||
logger.warn(`Email to ${email} FAILED ${error}`);
|
||||
logger.warn(`Email to ${email} FAILED ${error} - ${token}`);
|
||||
return false;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,12 +1,12 @@
|
|||
const config = require('./../config');
|
||||
const crypto = require('crypto');
|
||||
|
||||
const models_orm = require('./../models/index.model')
|
||||
let models;
|
||||
let logger;
|
||||
|
||||
|
||||
async function getAccountFromId(id) {
|
||||
return await models.users.getAccountFromId(id);
|
||||
return await models_orm.models.accounts.findByPk(id)
|
||||
}
|
||||
|
||||
async function createAccount(email, password) {
|
||||
|
|
@ -17,27 +17,47 @@ async function createAccount(email, password) {
|
|||
const emailToken = crypto.createHmac('sha256', config.applicationSalt).update(email.trim()).digest('hex');
|
||||
password = crypto.createHash('sha256').update(password + config.applicationSalt).digest('hex');
|
||||
|
||||
if (await models.users.getAccountFromEmail(email) != null) {
|
||||
|
||||
const account = await models_orm.models.accounts.findOne({ where: { email: email }});
|
||||
if (account != null && account.dataValues != null) {
|
||||
return {success: true, status: 409, data: {alreadyRegistered: true}};
|
||||
}
|
||||
|
||||
const registerAction = await models.users.createUser(email, password, Date.now(), Date.now(), emailToken)
|
||||
const registerAction = await models_orm.models.accounts.create({
|
||||
email: email,
|
||||
password: password,
|
||||
created: Date.now(),
|
||||
last_ping: Date.now(),
|
||||
email_verify_token: emailToken
|
||||
})
|
||||
|
||||
const didAccountRegister = await models.users.getAccountFromEmail(email);
|
||||
|
||||
if (didAccountRegister != null) {
|
||||
return {success: true, status, status: 200}
|
||||
const didAccountRegister = await models_orm.models.accounts.findOne({ where: { email: email }});
|
||||
|
||||
if (didAccountRegister != null && didAccountRegister.dataValues != null) {
|
||||
return {success: true, status: 200}
|
||||
}
|
||||
}
|
||||
|
||||
async function verifyEmailToken(token) {
|
||||
if (!token) return {success: false, status: 400, data: {missingToken: true}}
|
||||
const account = await models_orm.models.accounts.findOne({ where: { email_verify_token: token }});
|
||||
|
||||
const account = await models.users.getAccountFromVerifyToken(token);
|
||||
if (account === null) return {success: false, status: 404, data: {badToken: true}}
|
||||
if (account.verified === 1) return {success: true, status: 404, data: {alreadyVerified: true}}
|
||||
|
||||
const verified = await models.users.verifyAccountEmail(account.email, true, null);
|
||||
const update = models_orm.models.accounts.update(
|
||||
{
|
||||
verified: true
|
||||
},
|
||||
{
|
||||
where: {
|
||||
id: account.id
|
||||
}
|
||||
}
|
||||
)
|
||||
|
||||
|
||||
return {success: true, status: 200, data: {successfullyVerified: true}}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -32,6 +32,7 @@
|
|||
"multer": "^1.4.2",
|
||||
"nodemailer": "^6.6.0",
|
||||
"proper-lockfile": "^4.1.2",
|
||||
"sequelize": "^6.6.5",
|
||||
"sqlite": "^4.0.22",
|
||||
"sqlite3": "^5.0.2",
|
||||
"supertest": "^6.1.3"
|
||||
|
|
|
|||
|
|
@ -19,9 +19,12 @@ const logger = log4js.getLogger('default');
|
|||
global.__basedir = __dirname;
|
||||
|
||||
let models = require('./models/index');
|
||||
let models_sqli = require('./models/index.model');
|
||||
let controllers = require('./controllers');
|
||||
let routers = require('./routes')
|
||||
|
||||
|
||||
|
||||
let db;
|
||||
|
||||
|
||||
|
|
@ -55,7 +58,7 @@ const web = async () => {
|
|||
app.use(routers.useradmin);
|
||||
|
||||
if (config.flags.useUserAdminApi) app.use(routers.useradminapi);
|
||||
app.use(routers.adminApi)
|
||||
//app.use(routers.adminApi)
|
||||
|
||||
|
||||
app.use(cors());
|
||||
|
|
@ -93,9 +96,6 @@ const web = async () => {
|
|||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
lockfile.lock('retropilot_server.lock', {realpath: false, stale: 30000, update: 2000})
|
||||
.then((release) => {
|
||||
console.log("STARTING SERVER...");
|
||||
|
|
|
|||
Loading…
Reference in New Issue