Updating dependencies and switching to ESModules where possible
Some checks failed
CI / build (push) Has been cancelled
Some checks failed
CI / build (push) Has been cancelled
This commit is contained in:
Fabian Stamm
@ -1,6 +1,6 @@
|
||||
import { Router } from "express";
|
||||
import Register from "./register";
|
||||
import OAuthRoute from "./oauth";
|
||||
import Register from "./register.js";
|
||||
import OAuthRoute from "./oauth/index.js";
|
||||
|
||||
const UserRoute: Router = Router();
|
||||
|
||||
|
||||
@ -1,21 +1,21 @@
|
||||
import RequestError, { HttpStatusCode } from "../../../helper/request_error";
|
||||
import Client, { IClient } from "../../../models/client";
|
||||
|
||||
export async function getClientWithOrigin(client_id: string, origin: string) {
|
||||
const client = await Client.findOne({
|
||||
client_id,
|
||||
});
|
||||
|
||||
const clientNotFoundError = new RequestError(
|
||||
"Client not found!",
|
||||
HttpStatusCode.BAD_REQUEST
|
||||
);
|
||||
|
||||
if (!client) throw clientNotFoundError;
|
||||
|
||||
const clientUrl = new URL(client.redirect_url);
|
||||
|
||||
if (clientUrl.hostname !== origin) throw clientNotFoundError;
|
||||
|
||||
return client;
|
||||
}
|
||||
import RequestError, { HttpStatusCode } from "../../../helper/request_error.js";
|
||||
import Client, { IClient } from "../../../models/client.js";
|
||||
|
||||
export async function getClientWithOrigin(client_id: string, origin: string) {
|
||||
const client = await Client.findOne({
|
||||
client_id,
|
||||
});
|
||||
|
||||
const clientNotFoundError = new RequestError(
|
||||
"Client not found!",
|
||||
HttpStatusCode.BAD_REQUEST
|
||||
);
|
||||
|
||||
if (!client) throw clientNotFoundError;
|
||||
|
||||
const clientUrl = new URL(client.redirect_url);
|
||||
|
||||
if (clientUrl.hostname !== origin) throw clientNotFoundError;
|
||||
|
||||
return client;
|
||||
}
|
||||
|
||||
@ -1,12 +1,12 @@
|
||||
import { Router } from "express";
|
||||
import { GetJWTByUser } from "./jwt";
|
||||
import { GetPermissionsForAuthRequest } from "./permissions";
|
||||
import { GetTokenByUser } from "./refresh_token";
|
||||
|
||||
const router = Router();
|
||||
|
||||
router.get("/jwt", GetJWTByUser);
|
||||
router.get("/permissions", GetPermissionsForAuthRequest);
|
||||
router.get("/refresh_token", GetTokenByUser);
|
||||
|
||||
export default router;
|
||||
import { Router } from "express";
|
||||
import { GetJWTByUser } from "./jwt.js";
|
||||
import { GetPermissionsForAuthRequest } from "./permissions.js";
|
||||
import { GetTokenByUser } from "./refresh_token.js";
|
||||
|
||||
const router = Router();
|
||||
|
||||
router.get("/jwt", GetJWTByUser);
|
||||
router.get("/permissions", GetPermissionsForAuthRequest);
|
||||
router.get("/refresh_token", GetTokenByUser);
|
||||
|
||||
export default router;
|
||||
|
||||
@ -1,25 +1,23 @@
|
||||
import { Request, Response } from "express";
|
||||
import Stacker from "../../middlewares/stacker";
|
||||
import { GetUserMiddleware } from "../../middlewares/user";
|
||||
import { URL } from "url";
|
||||
import Client from "../../../models/client";
|
||||
import RequestError, { HttpStatusCode } from "../../../helper/request_error";
|
||||
import { getAccessTokenJWT } from "../../../helper/jwt";
|
||||
import { getClientWithOrigin } from "./_helper";
|
||||
|
||||
export const GetJWTByUser = Stacker(
|
||||
GetUserMiddleware(true, false),
|
||||
async (req: Request, res: Response) => {
|
||||
const { client_id, origin } = req.query as { [key: string]: string };
|
||||
|
||||
const client = await getClientWithOrigin(client_id, origin);
|
||||
|
||||
const jwt = await getAccessTokenJWT({
|
||||
user: req.user,
|
||||
client: client,
|
||||
permissions: [],
|
||||
});
|
||||
|
||||
res.json({ jwt });
|
||||
}
|
||||
);
|
||||
import { Request, Response } from "express";
|
||||
import Stacker from "../../middlewares/stacker.js";
|
||||
import { GetUserMiddleware } from "../../middlewares/user.js";
|
||||
|
||||
import { getAccessTokenJWT } from "../../../helper/jwt.js";
|
||||
import { getClientWithOrigin } from "./_helper.js";
|
||||
|
||||
export const GetJWTByUser = Stacker(
|
||||
GetUserMiddleware(true, false),
|
||||
async (req: Request, res: Response) => {
|
||||
const { client_id, origin } = req.query as { [key: string]: string };
|
||||
|
||||
const client = await getClientWithOrigin(client_id, origin);
|
||||
|
||||
const jwt = await getAccessTokenJWT({
|
||||
user: req.user,
|
||||
client: client,
|
||||
permissions: [],
|
||||
});
|
||||
|
||||
res.json({ jwt });
|
||||
}
|
||||
);
|
||||
|
||||
@ -1,15 +1,9 @@
|
||||
import { Request, Response } from "express";
|
||||
import Stacker from "../../middlewares/stacker";
|
||||
import { GetUserMiddleware } from "../../middlewares/user";
|
||||
import { URL } from "url";
|
||||
import Client from "../../../models/client";
|
||||
import RequestError, { HttpStatusCode } from "../../../helper/request_error";
|
||||
import { randomBytes } from "crypto";
|
||||
import moment = require("moment");
|
||||
import RefreshToken from "../../../models/refresh_token";
|
||||
import { refreshTokenValidTime } from "../../../config";
|
||||
import { getClientWithOrigin } from "./_helper";
|
||||
import Permission from "../../../models/permissions";
|
||||
import Stacker from "../../middlewares/stacker.js";
|
||||
import { GetUserMiddleware } from "../../middlewares/user.js";
|
||||
import RequestError, { HttpStatusCode } from "../../../helper/request_error.js";
|
||||
import { getClientWithOrigin } from "./_helper.js";
|
||||
import Permission from "../../../models/permissions.js";
|
||||
|
||||
export const GetPermissionsForAuthRequest = Stacker(
|
||||
GetUserMiddleware(true, false),
|
||||
|
||||
@ -1,49 +1,47 @@
|
||||
import { Request, Response } from "express";
|
||||
import Stacker from "../../middlewares/stacker";
|
||||
import { GetUserMiddleware } from "../../middlewares/user";
|
||||
import { URL } from "url";
|
||||
import Client from "../../../models/client";
|
||||
import RequestError, { HttpStatusCode } from "../../../helper/request_error";
|
||||
import { randomBytes } from "crypto";
|
||||
import moment = require("moment");
|
||||
import RefreshToken from "../../../models/refresh_token";
|
||||
import { refreshTokenValidTime } from "../../../config";
|
||||
import { getClientWithOrigin } from "./_helper";
|
||||
import Permission from "../../../models/permissions";
|
||||
|
||||
export const GetTokenByUser = Stacker(
|
||||
GetUserMiddleware(true, false),
|
||||
async (req: Request, res: Response) => {
|
||||
const { client_id, origin, permissions } = req.query as {
|
||||
[key: string]: string;
|
||||
};
|
||||
|
||||
const client = await getClientWithOrigin(client_id, origin);
|
||||
|
||||
const perm = permissions.split(",").filter((e) => !!e);
|
||||
|
||||
const resolved = await Promise.all(
|
||||
perm.map((p) => Permission.findById(p))
|
||||
);
|
||||
|
||||
if (resolved.some((e) => e.grant_type !== "user")) {
|
||||
throw new RequestError(
|
||||
"Invalid Permission requested",
|
||||
HttpStatusCode.BAD_REQUEST
|
||||
);
|
||||
}
|
||||
|
||||
let token = RefreshToken.new({
|
||||
user: req.user._id,
|
||||
client: client._id,
|
||||
permissions: resolved.map((e) => e._id),
|
||||
token: randomBytes(16).toString("hex"),
|
||||
valid: true,
|
||||
validTill: moment().add(refreshTokenValidTime).toDate(),
|
||||
});
|
||||
|
||||
await RefreshToken.save(token);
|
||||
|
||||
res.json({ token });
|
||||
}
|
||||
);
|
||||
import { Request, Response } from "express";
|
||||
import Stacker from "../../middlewares/stacker.js";
|
||||
import { GetUserMiddleware } from "../../middlewares/user.js";
|
||||
import RequestError, { HttpStatusCode } from "../../../helper/request_error.js";
|
||||
import { randomBytes } from "crypto";
|
||||
import moment = require("moment");
|
||||
import RefreshToken from "../../../models/refresh_token.js";
|
||||
import { refreshTokenValidTime } from "../../../config.js";
|
||||
import { getClientWithOrigin } from "./_helper.js";
|
||||
import Permission from "../../../models/permissions.js";
|
||||
|
||||
export const GetTokenByUser = Stacker(
|
||||
GetUserMiddleware(true, false),
|
||||
async (req: Request, res: Response) => {
|
||||
const { client_id, origin, permissions } = req.query as {
|
||||
[key: string]: string;
|
||||
};
|
||||
|
||||
const client = await getClientWithOrigin(client_id, origin);
|
||||
|
||||
const perm = permissions.split(",").filter((e) => !!e);
|
||||
|
||||
const resolved = await Promise.all(
|
||||
perm.map((p) => Permission.findById(p))
|
||||
);
|
||||
|
||||
if (resolved.some((e) => e.grant_type !== "user")) {
|
||||
throw new RequestError(
|
||||
"Invalid Permission requested",
|
||||
HttpStatusCode.BAD_REQUEST
|
||||
);
|
||||
}
|
||||
|
||||
let token = RefreshToken.new({
|
||||
user: req.user._id,
|
||||
client: client._id,
|
||||
permissions: resolved.map((e) => e._id),
|
||||
token: randomBytes(16).toString("hex"),
|
||||
valid: true,
|
||||
validTill: moment().add(refreshTokenValidTime).toDate(),
|
||||
});
|
||||
|
||||
await RefreshToken.save(token);
|
||||
|
||||
res.json({ token });
|
||||
}
|
||||
);
|
||||
|
||||
@ -1,155 +1,155 @@
|
||||
import { Request, Response, Router } from "express";
|
||||
import Stacker from "../middlewares/stacker";
|
||||
import verify, { Types } from "../middlewares/verify";
|
||||
import promiseMiddleware from "../../helper/promiseMiddleware";
|
||||
import User, { Gender } from "../../models/user";
|
||||
import { HttpStatusCode } from "../../helper/request_error";
|
||||
import Mail from "../../models/mail";
|
||||
import RegCode from "../../models/regcodes";
|
||||
|
||||
const Register = Stacker(
|
||||
verify({
|
||||
mail: {
|
||||
type: Types.EMAIL,
|
||||
notempty: true,
|
||||
},
|
||||
username: {
|
||||
type: Types.STRING,
|
||||
notempty: true,
|
||||
},
|
||||
password: {
|
||||
type: Types.STRING,
|
||||
notempty: true,
|
||||
},
|
||||
salt: {
|
||||
type: Types.STRING,
|
||||
notempty: true,
|
||||
},
|
||||
regcode: {
|
||||
type: Types.STRING,
|
||||
notempty: true,
|
||||
},
|
||||
gender: {
|
||||
type: Types.STRING,
|
||||
notempty: true,
|
||||
},
|
||||
name: {
|
||||
type: Types.STRING,
|
||||
notempty: true,
|
||||
},
|
||||
// birthday: {
|
||||
// type: Types.DATE
|
||||
// }
|
||||
}),
|
||||
promiseMiddleware(async (req: Request, res: Response) => {
|
||||
let {
|
||||
username,
|
||||
password,
|
||||
salt,
|
||||
mail,
|
||||
gender,
|
||||
name,
|
||||
birthday,
|
||||
regcode,
|
||||
} = req.body;
|
||||
let u = await User.findOne({ username: username.toLowerCase() });
|
||||
if (u) {
|
||||
let err = {
|
||||
message: [
|
||||
{
|
||||
message: req.__("Username taken"),
|
||||
field: "username",
|
||||
},
|
||||
],
|
||||
status: HttpStatusCode.BAD_REQUEST,
|
||||
nolog: true,
|
||||
};
|
||||
throw err;
|
||||
}
|
||||
|
||||
let m = await Mail.findOne({ mail: mail });
|
||||
if (m) {
|
||||
let err = {
|
||||
message: [
|
||||
{
|
||||
message: req.__("Mail linked with other account"),
|
||||
field: "mail",
|
||||
},
|
||||
],
|
||||
status: HttpStatusCode.BAD_REQUEST,
|
||||
nolog: true,
|
||||
};
|
||||
throw err;
|
||||
}
|
||||
|
||||
let regc = await RegCode.findOne({ token: regcode });
|
||||
if (!regc) {
|
||||
let err = {
|
||||
message: [
|
||||
{
|
||||
message: req.__("Invalid registration code"),
|
||||
field: "regcode",
|
||||
},
|
||||
],
|
||||
status: HttpStatusCode.BAD_REQUEST,
|
||||
nolog: true,
|
||||
};
|
||||
throw err;
|
||||
}
|
||||
|
||||
if (!regc.valid) {
|
||||
let err = {
|
||||
message: [
|
||||
{
|
||||
message: req.__("Registration code already used"),
|
||||
field: "regcode",
|
||||
},
|
||||
],
|
||||
status: HttpStatusCode.BAD_REQUEST,
|
||||
nolog: true,
|
||||
};
|
||||
throw err;
|
||||
}
|
||||
|
||||
let g = -1;
|
||||
switch (gender) {
|
||||
case "male":
|
||||
g = Gender.male;
|
||||
break;
|
||||
case "female":
|
||||
g = Gender.female;
|
||||
break;
|
||||
case "other":
|
||||
g = Gender.other;
|
||||
break;
|
||||
default:
|
||||
g = Gender.none;
|
||||
break;
|
||||
}
|
||||
|
||||
let user = User.new({
|
||||
username: username.toLowerCase(),
|
||||
password: password,
|
||||
salt: salt,
|
||||
gender: g,
|
||||
name: name,
|
||||
// birthday: birthday,
|
||||
admin: false,
|
||||
});
|
||||
|
||||
regc.valid = false;
|
||||
await RegCode.save(regc);
|
||||
|
||||
let ml = Mail.new({
|
||||
mail: mail,
|
||||
primary: true,
|
||||
});
|
||||
|
||||
await Mail.save(ml);
|
||||
|
||||
user.mails.push(ml._id);
|
||||
await User.save(user);
|
||||
res.json({ success: true });
|
||||
})
|
||||
);
|
||||
export default Register;
|
||||
import { Request, Response, Router } from "express";
|
||||
import Stacker from "../middlewares/stacker.js";
|
||||
import verify, { Types } from "../middlewares/verify.js";
|
||||
import promiseMiddleware from "../../helper/promiseMiddleware.js";
|
||||
import User, { Gender } from "../../models/user.js";
|
||||
import { HttpStatusCode } from "../../helper/request_error.js";
|
||||
import Mail from "../../models/mail.js";
|
||||
import RegCode from "../../models/regcodes.js";
|
||||
|
||||
const Register = Stacker(
|
||||
verify({
|
||||
mail: {
|
||||
type: Types.EMAIL,
|
||||
notempty: true,
|
||||
},
|
||||
username: {
|
||||
type: Types.STRING,
|
||||
notempty: true,
|
||||
},
|
||||
password: {
|
||||
type: Types.STRING,
|
||||
notempty: true,
|
||||
},
|
||||
salt: {
|
||||
type: Types.STRING,
|
||||
notempty: true,
|
||||
},
|
||||
regcode: {
|
||||
type: Types.STRING,
|
||||
notempty: true,
|
||||
},
|
||||
gender: {
|
||||
type: Types.STRING,
|
||||
notempty: true,
|
||||
},
|
||||
name: {
|
||||
type: Types.STRING,
|
||||
notempty: true,
|
||||
},
|
||||
// birthday: {
|
||||
// type: Types.DATE
|
||||
// }
|
||||
}),
|
||||
promiseMiddleware(async (req: Request, res: Response) => {
|
||||
let {
|
||||
username,
|
||||
password,
|
||||
salt,
|
||||
mail,
|
||||
gender,
|
||||
name,
|
||||
birthday,
|
||||
regcode,
|
||||
} = req.body;
|
||||
let u = await User.findOne({ username: username.toLowerCase() });
|
||||
if (u) {
|
||||
let err = {
|
||||
message: [
|
||||
{
|
||||
message: req.__("Username taken"),
|
||||
field: "username",
|
||||
},
|
||||
],
|
||||
status: HttpStatusCode.BAD_REQUEST,
|
||||
nolog: true,
|
||||
};
|
||||
throw err;
|
||||
}
|
||||
|
||||
let m = await Mail.findOne({ mail: mail });
|
||||
if (m) {
|
||||
let err = {
|
||||
message: [
|
||||
{
|
||||
message: req.__("Mail linked with other account"),
|
||||
field: "mail",
|
||||
},
|
||||
],
|
||||
status: HttpStatusCode.BAD_REQUEST,
|
||||
nolog: true,
|
||||
};
|
||||
throw err;
|
||||
}
|
||||
|
||||
let regc = await RegCode.findOne({ token: regcode });
|
||||
if (!regc) {
|
||||
let err = {
|
||||
message: [
|
||||
{
|
||||
message: req.__("Invalid registration code"),
|
||||
field: "regcode",
|
||||
},
|
||||
],
|
||||
status: HttpStatusCode.BAD_REQUEST,
|
||||
nolog: true,
|
||||
};
|
||||
throw err;
|
||||
}
|
||||
|
||||
if (!regc.valid) {
|
||||
let err = {
|
||||
message: [
|
||||
{
|
||||
message: req.__("Registration code already used"),
|
||||
field: "regcode",
|
||||
},
|
||||
],
|
||||
status: HttpStatusCode.BAD_REQUEST,
|
||||
nolog: true,
|
||||
};
|
||||
throw err;
|
||||
}
|
||||
|
||||
let g = -1;
|
||||
switch (gender) {
|
||||
case "male":
|
||||
g = Gender.male;
|
||||
break;
|
||||
case "female":
|
||||
g = Gender.female;
|
||||
break;
|
||||
case "other":
|
||||
g = Gender.other;
|
||||
break;
|
||||
default:
|
||||
g = Gender.none;
|
||||
break;
|
||||
}
|
||||
|
||||
let user = User.new({
|
||||
username: username.toLowerCase(),
|
||||
password: password,
|
||||
salt: salt,
|
||||
gender: g,
|
||||
name: name,
|
||||
// birthday: birthday,
|
||||
admin: false,
|
||||
});
|
||||
|
||||
regc.valid = false;
|
||||
await RegCode.save(regc);
|
||||
|
||||
let ml = Mail.new({
|
||||
mail: mail,
|
||||
primary: true,
|
||||
});
|
||||
|
||||
await Mail.save(ml);
|
||||
|
||||
user.mails.push(ml._id);
|
||||
await User.save(user);
|
||||
res.json({ success: true });
|
||||
})
|
||||
);
|
||||
export default Register;
|
||||
|
||||
Reference in New Issue
Block a user