dandri/server
1
0
Fork 0
mirror of https://github.com/spacebarchat/server.git synced 2026-05-23 10:26:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'feat/latestWebClient' into slowcord

Browse Source
This commit is contained in:
Madeline
2022-07-20 20:49:23 +10:00
parent 428e101a86 3bbaa1a08b
commit 02bb548953
3 changed files with 722 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
api/src/routes/auth/verify/view-backup-codes-challenge.ts
+26
View File
@@ -0,0 +1,26 @@
import { Router, Request, Response } from "express";
import { route } from "@fosscord/api";
import { FieldErrors, User } from "@fosscord/util";
import bcrypt from "bcrypt";
const router = Router();
export interface BackupCodesChallengeSchema {
password: string;
}
router.post("/", route({ body: "BackupCodesChallengeSchema" }), async (req: Request, res: Response) => {
const { password } = req.body as BackupCodesChallengeSchema;
const user = await User.findOneOrFail({ id: req.user_id }, { select: ["data"] });
if (!await bcrypt.compare(password, user.data.hash || "")) {
throw FieldErrors({ password: { message: req.t("auth:login.INVALID_PASSWORD"), code: "INVALID_PASSWORD" } });
}
return res.json({
nonce: "NoncePlaceholder",
regenerate_nonce: "RegenNoncePlaceholder",
})
});
export default router;
api/src/routes/users/@me/mfa/codes-verification.ts
+45
View File
@@ -0,0 +1,45 @@
import { Router, Request, Response } from "express";
import { route } from "@fosscord/api";
import { BackupCode, generateMfaBackupCodes, User } from "@fosscord/util";
const router = Router();
export interface CodesVerificationSchema {
key: string;
nonce: string;
regenerate?: boolean;
}
router.post("/", route({ body: "CodesVerificationSchema" }), async (req: Request, res: Response) => {
const { key, nonce, regenerate } = req.body as CodesVerificationSchema;
// TODO: We don't have email/etc etc, so can't send a verification code.
// Once that's done, this route can verify `key`
const user = await User.findOneOrFail({ id: req.user_id });
var codes: BackupCode[];
if (regenerate) {
await BackupCode.update(
{ user: { id: req.user_id } },
{ expired: true }
);
codes = generateMfaBackupCodes(req.user_id);
await Promise.all(codes.map(x => x.save()));
}
else {
codes = await BackupCode.find({
user: {
id: req.user_id,
},
expired: false,
});
}
return res.json({
backup_codes: codes.map(x => ({ ...x, expired: undefined })),
})
});
export default router;