Device pair logic removed from route

and moved into devices controller using ORM now, not 100% tested
2021-10-03 14:11:34 +01:00 · 2021-10-03 14:11:34 +01:00 · f642360a5d
parent aaedd0bfd6
commit f642360a5d
5 changed files with 61 additions and 59 deletions
--- a/controllers/authentication.js
+++ b/controllers/authentication.js
@ -1,7 +1,7 @@
-
 const jwt = require('jsonwebtoken');
 let models;
 let logger;
+const models_orm = require('./../models/index.model')


 async function validateJWT(token, key) {
@ -33,15 +33,23 @@ async function getAuthenticatedAccount(req, res) {


    // TODO stop storing emails in the cookie
-    const account = await models.users.getAccountFromEmail(email)
-    // Don't really care about this returning.
-    models.users.userPing(account.email);
+    const account = await models_orm.models.accounts.findOne({where: {email: email}});

-    if (!account || account.banned) {
+    if (account.dataValues) {
+        const update = models_orm.models.accounts.update({ last_ping: Date.now() },
+            { where: { id: account.id } }
+        )
+
+
+        if (!account || account.banned) {
+            res ? res.clearCookie('session') : logger.warn(`getAuthenticatedAccount unable to clear banned user (${account.email}) cookie, res not passed`);
+            return false
+        }
+        return account;
+    } else {
        res ? res.clearCookie('session') : logger.warn(`getAuthenticatedAccount unable to clear banned user (${account.email}) cookie, res not passed`);
-        return false
+        return false;
    }
-    return account;
 }


--- a/controllers/devices.js
+++ b/controllers/devices.js
@ -2,39 +2,45 @@ const config = require('./../config');
 let models;
 let logger;
 const authenticationController = require('./authentication')(models, logger);
+const models_orm = require('./../models/index.model')

-function pairDevice(account, qr_string) {

-     // Legacy registrations encode QR data as imei - serial - pairtoken, => 0.8.3 uses only a pairtoken
-     const qrCode = req.body.qr_string;
-     var qrCodeParts = qrCode.split("--");
-     let device;
+async function pairDevice(account, qr_string) {
+     if (qr_string === undefined || qr_string === null) { return {success: false, badQr: true} }
+    // Legacy registrations encode QR data as imei - serial - pairtoken, => 0.8.3 uses only a pairtoken
+
+     var qrCodeParts = qr_string.split("--");
+     let deviceQuery;
     let pairJWT;
     if (qrCodeParts.length > 0) {
-          device = await models.__db.get('SELECT * FROM devices WHERE imei = ? AND serial = ?', qrCodeParts[0], qrCodeParts[1]);
-          pairJWT = qrCodeParts[2];
+        deviceQuery = await models_orm.models.devices.findOne({ where: { imei: qrCodeParts[0], serial: qrCodeParts[1] }});
+        pairJWT = qrCodeParts[2];
     } else {
-         pairJWT = qrCode;
-         const data = controllers.authentication.readJWT(qrCode);
-         device = await models.__db.get('SELECT * FROM devices WHERE dongleId = ?', data.identiy);
+         pairJWT = qr_string;
+         const data = authenticationController.readJWT(qr_string);
+         deviceQuery = await models_orm.models.devices.findOne({ where: { dongle_id: data.identiy }});
     }

-     if (device == null) {
-         res.redirect('/useradmin/overview?linkstatus=' + encodeURIComponent('Device not registered on Server'));
-     }
+     if (deviceQuery.dataValues == null) {
+         return {success: false, registered: false}
+    }
+
+     const device = deviceQuery.dataValues;
     var decoded = controllers.authentication.validateJWT(pairJWT, device.public_key);
     if (decoded == null || decoded.pair == undefined) {
-         res.redirect('/useradmin/overview?linkstatus=' + encodeURIComponent('Device QR Token is invalid or has expired'));
-     }
+        return {success: false, badToken: true}
+    }
     if (device.account_id != 0) {
-         res.redirect('/useradmin/overview?linkstatus=' + encodeURIComponent('Device is already paired, unpair in that account first'));
-     }
+         return {success: false, alreadyPaired: true, dongle_id: device.dongle_id}
+    }

-     const result = await models.__db.run(
-         'UPDATE devices SET account_id = ? WHERE dongle_id = ?',
-         account.id,
-         device.dongle_id
-     );
+    const update = models_orm.models.accounts.update(
+        { account_id: account.id },
+        { where: { dongle_id: device.dongle_id } }
+    )
+    
+
+    return {success: true, paired: true, dongle_id: device.dongle_id, account_id: account.id}
 }


@ -45,6 +51,6 @@ module.exports = (_models, _logger, _controllers) => {
    controllers = _controllers

    return {
-        
+        pairDevice: pairDevice
    }
 }
--- a/controllers/index.js
+++ b/controllers/index.js
@ -10,7 +10,8 @@ module.exports = async (models, logger, models_sqli) => {
        storage: require('./storage')(models, logger),
        mailing: require('./mailing')(models, logger),
        users: require('./users')(models, logger),
-        admin: require('./admin')(models, logger)
+        admin: require('./admin')(models, logger),
+        devices: require('./devices')(models, logger)
    }

 }
--- a/models/drives.model.js
+++ b/models/drives.model.js
@ -68,5 +68,9 @@ module.exports = (sequelize) => {
 			allowNull: true,
 			type: DataTypes.TEXT
 		},
-	});
+	},
+	{
+		timestamps: false,
+	}
+	);
 };
--- a/routes/useradmin.js
+++ b/routes/useradmin.js
@ -256,38 +256,21 @@ router.get('/useradmin/unpair_device/:dongleId', runAsyncWrapper(async (req, res
            return;
        }

-        // Legacy registrations encode QR data as imei - serial - pairtoken, => 0.8.3 uses only a pairtoken
-        const qrCode = req.body.qr_string;
-        var qrCodeParts = qrCode.split("--");
-        let device;
-        let pairJWT;
-        if (qrCodeParts.length > 0) {
-             device = await models.__db.get('SELECT * FROM devices WHERE imei = ? AND serial = ?', qrCodeParts[0], qrCodeParts[1]);
-             pairJWT = qrCodeParts[2];
-        } else {
-            pairJWT = qrCode;
-            const data = controllers.authentication.readJWT(qrCode);
-            device = await models.__db.get('SELECT * FROM devices WHERE dongleId = ?', data.identiy);
-        }
+        const pairDevice = await controllers.devices.pairDevice(req.body.qr_string);

-        if (device == null) {
+        if (pairDevice.success === true) {
+            res.redirect('/useradmin/overview');
+        } else if (pairDevice.registered === true) {
            res.redirect('/useradmin/overview?linkstatus=' + encodeURIComponent('Device not registered on Server'));
-        }
-        var decoded = controllers.authentication.validateJWT(pairJWT, device.public_key);
-        if (decoded == null || decoded.pair == undefined) {
+        } else if (pairDevice.badToken === true) {
            res.redirect('/useradmin/overview?linkstatus=' + encodeURIComponent('Device QR Token is invalid or has expired'));
-        }
-        if (device.account_id != 0) {
+        } else if (pairDevice.alreadyPaired) {
            res.redirect('/useradmin/overview?linkstatus=' + encodeURIComponent('Device is already paired, unpair in that account first'));
+        } else if (pairDevice.badQr) {
+            res.redirect('/useradmin/overview?linkstatus=' + encodeURIComponent('Bad QR'));
+        } else {
+            res.redirect('/useradmin/overview?linkstatus=' + encodeURIComponent(`Unspecified Error ${JSON.stringify(pairDevice)}`));
        }
-
-        const result = await models.__db.run(
-            'UPDATE devices SET account_id = ? WHERE dongle_id = ?',
-            account.id,
-            device.dongle_id
-        );
-
-        res.redirect('/useradmin/overview');
    }))