first batch of requested changes

2023-02-24 06:52:01 -05:00 · 2023-02-24 06:52:01 -05:00 · 91e9d60040
commit 91e9d60040
parent ed38d74b3e
3 changed files with 75 additions and 51 deletions
--- a/src/api/routes/auth/reset.ts
+++ b/src/api/routes/auth/reset.ts
@ -10,7 +10,6 @@ import {
 } from "@fosscord/util";
 import bcrypt from "bcrypt";
 import { Request, Response, Router } from "express";
 import { HTTPError } from "lambert-server";
 const router = Router();
@ -20,37 +19,37 @@ router.post(
 	async (req: Request, res: Response) => {
 		const { password, token } = req.body as PasswordResetSchema;
 		const { jwtSecret } = Config.get().security;
 		let user;
 		try {
-			const { jwtSecret } = Config.get().security;
+			const userTokenData = await checkToken(token, jwtSecret, true);
-			const { user } = await checkToken(token, jwtSecret, true);
+			user = userTokenData.user;
-
+		} catch {
-			// the salt is saved in the password refer to bcrypt docs
+			throw FieldErrors({
-			const hash = await bcrypt.hash(password, 12);
+				password: {
-
+					message: req.t("auth:password_reset.INVALID_TOKEN"),
-			const data = {
+					code: "INVALID_TOKEN",
 				data: {
 					hash,
 					valid_tokens_since: new Date(),
 				},
-			};
+			});
 			await User.update({ id: user.id }, data);
 			// come on, the user has to have an email to reset their password in the first place
 			// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
 			await Email.sendPasswordChanged(user, user.email!);
 			res.json({ token: await generateToken(user.id) });
 		} catch (e) {
 			if ((e as Error).toString() === "Invalid Token")
 				throw FieldErrors({
 					password: {
 						message: req.t("auth:password_reset.INVALID_TOKEN"),
 						code: "INVALID_TOKEN",
 					},
 				});
 			throw new HTTPError((e as Error).toString(), 400);
 		}
 		// the salt is saved in the password refer to bcrypt docs
 		const hash = await bcrypt.hash(password, 12);
 		const data = {
 			data: {
 				hash,
 				valid_tokens_since: new Date(),
 			},
 		};
 		await User.update({ id: user.id }, data);
 		// come on, the user has to have an email to reset their password in the first place
 		// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
 		await Email.sendPasswordChanged(user, user.email!);
 		res.json({ token: await generateToken(user.id) });
 	},
 );
--- a/src/api/routes/auth/verify/index.ts
+++ b/src/api/routes/auth/verify/index.ts
@ -16,10 +16,15 @@
 	along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
-import { route, verifyCaptcha } from "@fosscord/api";
+import { getIpAdress, route, verifyCaptcha } from "@fosscord/api";
-import { checkToken, Config, generateToken, User } from "@fosscord/util";
+import {
 	checkToken,
 	Config,
 	FieldErrors,
 	generateToken,
 	User,
 } from "@fosscord/util";
 import { Request, Response, Router } from "express";
 import { HTTPError } from "lambert-server";
 const router = Router();
 async function getToken(user: User) {
@ -38,9 +43,21 @@ router.post(
 	async (req: Request, res: Response) => {
 		const { captcha_key, token } = req.body;
-		if (captcha_key) {
+		const config = Config.get();
-			const { sitekey, service } = Config.get().security.captcha;
+
-			const verify = await verifyCaptcha(captcha_key);
+		if (config.register.requireCaptcha) {
 			const { sitekey, service } = config.security.captcha;
 			if (!captcha_key) {
 				return res.status(400).json({
 					captcha_key: ["captcha-required"],
 					captcha_sitekey: sitekey,
 					captcha_service: service,
 				});
 			}
 			const ip = getIpAdress(req);
 			const verify = await verifyCaptcha(captcha_key, ip);
 			if (!verify.success) {
 				return res.status(400).json({
 					captcha_key: verify["error-codes"],
@ -50,19 +67,26 @@ router.post(
 			}
 		}
 		const { jwtSecret } = Config.get().security;
 		let user;
 		try {
-			const { jwtSecret } = Config.get().security;
+			const userTokenData = await checkToken(token, jwtSecret, true);
-
+			user = userTokenData.user;
-			const { user } = await checkToken(token, jwtSecret, true);
+		} catch {
-
+			throw FieldErrors({
-			if (user.verified) return res.json(await getToken(user));
+				password: {
-
+					message: req.t("auth:password_reset.INVALID_TOKEN"),
-			await User.update({ id: user.id }, { verified: true });
+					code: "INVALID_TOKEN",
-
+				},
-			return res.json(await getToken(user));
+			});
 		} catch (error) {
 			throw new HTTPError((error as Error).toString(), 400);
 		}
 		if (user.verified) return res.json(await getToken(user));
 		await User.update({ id: user.id }, { verified: true });
 		return res.json(await getToken(user));
 	},
 );
--- a/src/util/util/Email.ts
+++ b/src/util/util/Email.ts
@ -52,7 +52,9 @@ export function adjustEmail(email?: string): string | undefined {
 	// return email;
 }
-const transporters = {
+const transporters: {
 	[key: string]: () => Promise<nodemailer.Transporter<unknown> | void>;
 } = {
 	smtp: async function () {
 		// get configuration
 		const { host, port, secure, username, password } =
@ -223,8 +225,7 @@ export const Email: {
 		const { provider } = Config.get().email;
 		if (!provider) return;
-		const transporterFn =
+		const transporterFn = transporters[provider];
 			transporters[provider as keyof typeof transporters];
 		if (!transporterFn)
 			return console.error(`[Email] Invalid provider: ${provider}`);
 		console.log(`[Email] Initializing ${provider} transport...`);
@ -346,7 +347,7 @@ export const Email: {
 		const link = await this.generateLink("reset", user.id, email);
 		// load the email template
-		const rawTemplate = fs.readFileSync(
+		const rawTemplate = await fs.promises.readFile(
 			path.join(
 				ASSET_FOLDER_PATH,
 				"email_templates",
@ -380,7 +381,7 @@ export const Email: {
 		if (!this.transporter) return;
 		// load the email template
-		const rawTemplate = fs.readFileSync(
+		const rawTemplate = await fs.promises.readFile(
 			path.join(
 				ASSET_FOLDER_PATH,
 				"email_templates",