OpenServer/OpenAuth_server
1
1
Fork 0
Code Issues Pull Requests Actions Releases Wiki Activity

Updating dependencies and switching to ESModules where possible
Some checks failed
CI / build (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Fabian Stamm
2025-09-15 22:04:57 +02:00
parent 8135190cd8
commit c6158fe2e2
66 changed files with 4540 additions and 3752 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
Backend/src/api/jrpc/index.ts
View File

@ -1,13 +1,13 @@
import { Format } from "@hibas123/logging";
import Logging from "@hibas123/nodelogging";
import { Server, } from "@hibas123/openauth-internalapi";
import { RequestObject, ResponseObject } from "@hibas123/openauth-internalapi/lib/service_base";
import { RequestObject, ResponseObject } from "@hibas123/openauth-internalapi/lib/service_base.js";
import { Request, Response } from "express";
import Stacker from "../middlewares/stacker";
import AccountService from "./services/account";
import LoginService from "./services/login";
import SecurityService from "./services/security";
import TFAService from "./services/twofactor";
import Stacker from "../middlewares/stacker.js";
import AccountService from "./services/account.js";
import LoginService from "./services/login.js";
import SecurityService from "./services/security.js";
import TFAService from "./services/twofactor.js";
export type SessionContext = Request;

8
Backend/src/api/jrpc/services/account.ts
View File

@ -1,8 +1,8 @@
import { Profile, ContactInfo, Gender, Server, UserRegisterInfo } from "@hibas123/openauth-internalapi";
import type { SessionContext } from "../index";
import Mail from "../../../models/mail";
import User from "../../../models/user";
import { RequireLogin } from "../../../helper/login";
import type { SessionContext } from "../index.js";
import Mail from "../../../models/mail.js";
import User from "../../../models/user.js";
import { RequireLogin } from "../../../helper/login.js";
export default class AccountService extends Server.AccountService<SessionContext> {
Register(regcode: string, info: UserRegisterInfo, ctx: SessionContext): Promise<void> {

19
Backend/src/api/jrpc/services/login.ts
View File

@ -1,13 +1,13 @@
import { Server, LoginState, TFAOption, TFAType } from "@hibas123/openauth-internalapi";
import type { SessionContext } from "../index";
import type { SessionContext } from "../index.js";
import Logging from "@hibas123/nodelogging";
import User, { IUser } from "../../../models/user";
import User, { IUser } from "../../../models/user.js";
import moment from "moment";
import crypto from "node:crypto";
import TwoFactor, { ITwoFactor, IWebAuthn } from "../../../models/twofactor";
import TwoFactor, { ITwoFactor, IWebAuthn } from "../../../models/twofactor.js";
import speakeasy from "speakeasy";
import { generateAuthenticationOptions, verifyAuthenticationResponse } from "@simplewebauthn/server";
import config from "../../../config";
import config from "../../../config.js";
//FIXME: There are a lot of uneccessary database requests happening here. Since this is not a "hot" path, it should not matter to much, but it should be fixed nontheless.
@ -212,13 +212,12 @@ export default class LoginService extends Server.LoginService<SessionContext> {
const rpID = new URL(config.core.url).hostname;
let options = generateAuthenticationOptions({
let options = await generateAuthenticationOptions({
timeout: 60000,
userVerification: "discouraged",
rpID,
allowCredentials: [{
id: tfa.data.device.credentialID.buffer,
type: "public-key",
id: typeof tfa.data.device.credentialID === "string" ? tfa.data.device.credentialID : Buffer.from(tfa.data.device.credentialID.buffer).toString("base64url"),
transports: tfa.data.device.transports
}]
})
@ -241,10 +240,10 @@ export default class LoginService extends Server.LoginService<SessionContext> {
let verification = await verifyAuthenticationResponse({
response: JSON.parse(response),
authenticator: {
credential: {
id: typeof tfa.data.device.credentialID === "string" ? tfa.data.device.credentialID : Buffer.from(tfa.data.device.credentialID.buffer).toString("base64url"),
publicKey: Buffer.from(tfa.data.device.credentialPublicKey.buffer),
counter: tfa.data.device.counter,
credentialID: tfa.data.device.credentialID.buffer,
credentialPublicKey: tfa.data.device.credentialPublicKey.buffer,
transports: tfa.data.device.transports
},
expectedChallenge: ctx.session.login_state.webauthn_challenge,

6
Backend/src/api/jrpc/services/security.ts
View File

@ -1,9 +1,9 @@
import { Server, Session } from "@hibas123/openauth-internalapi";
import type { SessionContext } from "../index";
import type { SessionContext } from "../index.js";
import Logging from "@hibas123/nodelogging";
import { RequireLogin } from "../../../helper/login";
import { RequireLogin } from "../../../helper/login.js";
import crypto from "node:crypto";
import User from "../../../models/user";
import User from "../../../models/user.js";
export default class SecurityService extends Server.SecurityService<SessionContext> {
@RequireLogin()

27
Backend/src/api/jrpc/services/twofactor.ts
View File

@ -1,15 +1,15 @@
import { TFANewTOTP, Server, TFAOption, UserRegisterInfo, TFAWebAuthRegister } from "@hibas123/openauth-internalapi";
import type { SessionContext } from "../index";
import TwoFactorModel, { ITOTP, IWebAuthn, TFATypes } from "../../../models/twofactor";
import type { SessionContext } from "../index.js";
import TwoFactorModel, { ITOTP, IWebAuthn, TFATypes } from "../../../models/twofactor.js";
import moment = require("moment");
import * as speakeasy from "speakeasy";
import * as qrcode from "qrcode";
import config from "../../../config";
import config from "../../../config.js";
import { generateRegistrationOptions, verifyRegistrationResponse } from '@simplewebauthn/server';
import type { RegistrationResponseJSON } from '@simplewebauthn/typescript-types';
// import type { RegistrationResponseJSON } from '@simplewebauthn/typescript-types';
import Logging from "@hibas123/nodelogging";
import { Binary } from "mongodb";
import { RequireLogin } from "../../../helper/login";
import { RequireLogin } from "../../../helper/login.js";
export default class TFAService extends Server.TFAService<SessionContext> {
@ -111,10 +111,10 @@ export default class TFAService extends Server.TFAService<SessionContext> {
// TODO: Get already registered options
const rpID = new URL(config.core.url).hostname;
const options = generateRegistrationOptions({
const options = await generateRegistrationOptions({
rpName: config.core.name,
rpID,
userID: ctx.user.uid,
userID: Buffer.from(ctx.user.uid, "utf-8"),
userName: ctx.user.username,
attestationType: 'direct',
userDisplayName: ctx.user.name,
@ -156,7 +156,7 @@ export default class TFAService extends Server.TFAService<SessionContext> {
const rpID = new URL(config.core.url).hostname;
const response = JSON.parse(registration) as RegistrationResponseJSON;
const response = JSON.parse(registration); // as RegistrationResponseJSON;
let verification = await verifyRegistrationResponse({
response,
@ -167,7 +167,7 @@ export default class TFAService extends Server.TFAService<SessionContext> {
});
if (verification.verified) {
const { credentialPublicKey, credentialID, counter } = verification.registrationInfo;
const { credential, } = verification.registrationInfo;
//TODO: Check if already registered!
// TwoFactorModel.find({
@ -177,10 +177,11 @@ export default class TFAService extends Server.TFAService<SessionContext> {
twofactor.data = {
device: {
credentialPublicKey: new Binary(credentialPublicKey),
credentialID: new Binary(credentialID),
counter: verification.registrationInfo.counter,
transports: response.response.transports as any[]
counter: credential.counter,
credentialPublicKey: new Binary(credential.publicKey),
credentialID: credential.id,
// counter: verification.registrationInfo.counter,
transports: response.response.transports as any[],
}
}