diff --git a/controllers/authentication.js b/controllers/authentication.js index df4847d..fb45c63 100644 --- a/controllers/authentication.js +++ b/controllers/authentication.js @@ -8,11 +8,21 @@ async function validateJWT(token, key) { try { return jwt.verify(token.replace("JWT ", ""), key, {algorithms: ['RS256'], ignoreNotBefore: true}); } catch (exception) { - logger.warn(exception) + logger.warn(`failed to validate JWT ${exception}`) } return null; } +async function readJWT(token) { + try { + return jwt.decode(token); + } catch (exception) { + logger.warn(`failed to read JWT ${exception}`) + } + return null; +} + + async function getAuthenticatedAccount(req, res) { diff --git a/controllers/devices.js b/controllers/devices.js index e69de29..3e54e7d 100644 --- a/controllers/devices.js +++ b/controllers/devices.js @@ -0,0 +1,27 @@ +const config = require('./../config'); + +let models; +let logger; +let controllers; + +async function isCurrentUserAdmin(req) { + +} + + +async function getDeviceFromDongleId(dongleId) { + + models.devices +} + + + +module.exports = (_models, _logger, _controllers) => { + models = _models; + logger = _logger; + controllers = _controllers + + return { + banAccount + } +} diff --git a/controllers/mailing.js b/controllers/mailing.js index 0954b85..c65e809 100644 --- a/controllers/mailing.js +++ b/controllers/mailing.js @@ -20,18 +20,26 @@ let transporter = nodemailer.createTransport( async function sendEmailVerification(token, email) { if (!config.canSendMail) return logger.warn(`Mailing disabled. ${email} - ${token}`); - console.log("mail") - let message = { - from: config.smtpFrom, - to: email.trim(), - subject: 'RetroPilot Registration Token', - text: 'Your Email Registration Token Is: "' + token + '"' - }; - const {error, info} = await transporter.sendMail(message); + let message, error, info; + + try { + + message = { + from: config.smtpFrom, + to: email.trim(), + subject: 'RetroPilot Registration Token', + text: 'Your Email Registration Token Is: "' + token + '"' + }; + + error, info = await transporter.sendMail(message); + } catch (exception) { + logger.warn(`Email to ${email} FAILED ${exception} - ${token}`) + } + if (error) { - logger.warn(`Email to ${email} FAILED ${error}`); + logger.warn(`Email to ${email} FAILED ${error} - ${token}`); return false; } diff --git a/controllers/users.js b/controllers/users.js index f6d796c..b439ea9 100644 --- a/controllers/users.js +++ b/controllers/users.js @@ -1,12 +1,12 @@ const config = require('./../config'); const crypto = require('crypto'); - +const models_orm = require('./../models/index.model') let models; let logger; async function getAccountFromId(id) { - return await models.users.getAccountFromId(id); + return await models_orm.models.accounts.findByPk(id) } async function createAccount(email, password) { @@ -17,27 +17,47 @@ async function createAccount(email, password) { const emailToken = crypto.createHmac('sha256', config.applicationSalt).update(email.trim()).digest('hex'); password = crypto.createHash('sha256').update(password + config.applicationSalt).digest('hex'); - if (await models.users.getAccountFromEmail(email) != null) { + + const account = await models_orm.models.accounts.findOne({ where: { email: email }}); + if (account != null && account.dataValues != null) { return {success: true, status: 409, data: {alreadyRegistered: true}}; } - const registerAction = await models.users.createUser(email, password, Date.now(), Date.now(), emailToken) + const registerAction = await models_orm.models.accounts.create({ + email: email, + password: password, + created: Date.now(), + last_ping: Date.now(), + email_verify_token: emailToken + }) - const didAccountRegister = await models.users.getAccountFromEmail(email); - if (didAccountRegister != null) { - return {success: true, status, status: 200} + const didAccountRegister = await models_orm.models.accounts.findOne({ where: { email: email }}); + + if (didAccountRegister != null && didAccountRegister.dataValues != null) { + return {success: true, status: 200} } } async function verifyEmailToken(token) { if (!token) return {success: false, status: 400, data: {missingToken: true}} + const account = await models_orm.models.accounts.findOne({ where: { email_verify_token: token }}); - const account = await models.users.getAccountFromVerifyToken(token); if (account === null) return {success: false, status: 404, data: {badToken: true}} if (account.verified === 1) return {success: true, status: 404, data: {alreadyVerified: true}} - const verified = await models.users.verifyAccountEmail(account.email, true, null); + const update = models_orm.models.accounts.update( + { + verified: true + }, + { + where: { + id: account.id + } + } + ) + + return {success: true, status: 200, data: {successfullyVerified: true}} } diff --git a/package.json b/package.json index 893549c..742443a 100644 --- a/package.json +++ b/package.json @@ -32,6 +32,7 @@ "multer": "^1.4.2", "nodemailer": "^6.6.0", "proper-lockfile": "^4.1.2", + "sequelize": "^6.6.5", "sqlite": "^4.0.22", "sqlite3": "^5.0.2", "supertest": "^6.1.3" diff --git a/server.js b/server.js index 1fa5689..fe030f1 100644 --- a/server.js +++ b/server.js @@ -19,9 +19,12 @@ const logger = log4js.getLogger('default'); global.__basedir = __dirname; let models = require('./models/index'); +let models_sqli = require('./models/index.model'); let controllers = require('./controllers'); let routers = require('./routes') + + let db; @@ -55,7 +58,7 @@ const web = async () => { app.use(routers.useradmin); if (config.flags.useUserAdminApi) app.use(routers.useradminapi); - app.use(routers.adminApi) + //app.use(routers.adminApi) app.use(cors()); @@ -93,9 +96,6 @@ const web = async () => { } - - - lockfile.lock('retropilot_server.lock', {realpath: false, stale: 30000, update: 2000}) .then((release) => { console.log("STARTING SERVER...");