mirror of
https://github.com/mollersuite/monofile.git
synced 2024-10-06 12:06:26 -07:00
fix a few implementations
This commit is contained in:
parent
2f32644b3d
commit
b130e4e2cb
|
|
@ -21,23 +21,21 @@ export type Account = z.infer<typeof AccountSchemas.Account>
|
|||
* @returns A Promise which returns the new account's ID
|
||||
*/
|
||||
|
||||
export async function create(username:string,pwd:string,admin:boolean=false):Promise<string> {
|
||||
let accId = crypto.randomBytes(12).toString("hex")
|
||||
|
||||
Db.data.push(
|
||||
{
|
||||
id: accId,
|
||||
username: username,
|
||||
password: password.hash(pwd),
|
||||
files: [],
|
||||
admin: admin,
|
||||
defaultFileVisibility: "public",
|
||||
settings: AccountSchemas.Settings.User.parse({})
|
||||
}
|
||||
)
|
||||
export async function create(username:string,pwd:string,admin:boolean=false):Promise<Account> {
|
||||
let acc: Account = {
|
||||
id: crypto.randomUUID(),
|
||||
username: username,
|
||||
password: password.hash(pwd),
|
||||
files: [],
|
||||
admin: admin,
|
||||
defaultFileVisibility: "public",
|
||||
settings: AccountSchemas.Settings.User.parse({})
|
||||
}
|
||||
|
||||
Db.data.push(acc)
|
||||
await Db.save()
|
||||
return accId
|
||||
|
||||
return acc
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -59,7 +59,7 @@ export function makeJwt(_token: TokenResolvable) {
|
|||
sub: token.account,
|
||||
jti: token.id,
|
||||
...(token.type != "User" ? { scope: token.scopes } : {})
|
||||
})
|
||||
}).setProtectedHeader({ alg: "HS256" })
|
||||
|
||||
return jwt.sign(config.jwtSecret)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,19 +10,18 @@ import { codes } from "./codes.js"
|
|||
* @description Middleware which adds an account, if any, to ctx.get("account")
|
||||
*/
|
||||
export const getAccount: RequestHandler = async function (ctx, next) {
|
||||
let account = Accounts.getFromToken((await auth.tokenFor(ctx))!)
|
||||
let uToken = (await auth.tokenFor(ctx))!
|
||||
let account = Accounts.getFromToken(uToken)
|
||||
if (account?.suspension)
|
||||
setCookie(ctx, "auth", "")
|
||||
auth.invalidate(uToken)
|
||||
ctx.set("account", account)
|
||||
return next()
|
||||
}
|
||||
|
||||
export function resolveTarget(actor: Accounts.Account, targetString: string) {
|
||||
return targetString == "me"
|
||||
export function resolveTarget(actor: Accounts.Account, target: Accounts.AccountResolvable) {
|
||||
return target == "me"
|
||||
? actor
|
||||
: targetString.startsWith("@")
|
||||
? Accounts.getFromUsername(targetString.slice(1))
|
||||
: Accounts.getFromId(targetString)
|
||||
: Accounts.resolve(target)
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -36,7 +35,6 @@ export const getTarget: RequestHandler = async (ctx, next) => {
|
|||
permissions = auth.getScopes(tok)
|
||||
|
||||
let actor = ctx.get("account")
|
||||
|
||||
let target = resolveTarget(actor, ctx.req.param("user"))
|
||||
|
||||
if (!target) return ServeError(ctx, 404, "account does not exist")
|
||||
|
|
@ -44,11 +42,12 @@ export const getTarget: RequestHandler = async (ctx, next) => {
|
|||
if (actor && (
|
||||
(
|
||||
target != actor // target is not the current account
|
||||
&& !actor?.admin // account is not admin
|
||||
)
|
||||
|| (
|
||||
actor?.admin // account is admin
|
||||
&& permissions && !permissions.includes("manage_server") // permissions does not include manage_server
|
||||
&& (
|
||||
!actor?.admin // account is not admin
|
||||
|| (
|
||||
permissions && !permissions.includes("manage_server") // account is admin but permissions does not include manage_server
|
||||
)
|
||||
)
|
||||
)
|
||||
))
|
||||
return ServeError(ctx, 403, "you cannot manage this user")
|
||||
|
|
@ -188,7 +187,7 @@ export function scheme(scheme: z.ZodTypeAny, transformer: (ctx: Context) => Prom
|
|||
|
||||
// Not really middleware but a utility
|
||||
|
||||
export const login = async (ctx: Context, account: string) => {
|
||||
export const login = async (ctx: Context, account: Accounts.AccountResolvable) => {
|
||||
let token = auth.create(account, 3 * 24 * 60 * 60 * 1000)
|
||||
setCookie(ctx, "auth", await auth.makeJwt(token), {
|
||||
path: "/",
|
||||
|
|
|
|||
|
|
@ -90,7 +90,7 @@ export default function (files: Files) {
|
|||
})
|
||||
|
||||
router.delete("/:token", async (ctx) => {
|
||||
auth.invalidate(ctx.get("targetToken").id)
|
||||
auth.invalidate(ctx.get("targetToken"))
|
||||
return ctx.text(`deleted token ${ctx.req.param("token")}`)
|
||||
})
|
||||
|
||||
|
|
|
|||
|
|
@ -217,7 +217,12 @@ router.use(getAccount)
|
|||
router.on(
|
||||
["GET","PATCH","DELETE"],
|
||||
"/:user",
|
||||
requiresAccount, getTarget, accountMgmtRoute
|
||||
requiresAccount, getTarget
|
||||
)
|
||||
router.on(
|
||||
["PATCH","DELETE"],
|
||||
"/:user",
|
||||
accountMgmtRoute
|
||||
)
|
||||
|
||||
function isMessage(object: any): object is Message {
|
||||
|
|
@ -278,7 +283,7 @@ export default function (files: Files) {
|
|||
.then((account) => {
|
||||
if (!ctx.get("account"))
|
||||
login(ctx, account)
|
||||
return ctx.text(account)
|
||||
return ctx.text(account.id)
|
||||
})
|
||||
.catch((e) => {
|
||||
console.error(e)
|
||||
|
|
|
|||
|
|
@ -12,6 +12,7 @@ import * as auth from "../../../lib/auth.js"
|
|||
import {
|
||||
getAccount,
|
||||
login,
|
||||
mirror,
|
||||
requiresAccount,
|
||||
scheme
|
||||
} from "../../../lib/middleware.js"
|
||||
|
|
@ -27,7 +28,7 @@ const router = new Hono<{
|
|||
|
||||
router.use(getAccount)
|
||||
|
||||
export default function (files: Files) {
|
||||
export default function (files: Files, apiRoot: Hono) {
|
||||
router.post("/",scheme(z.object({
|
||||
username: AccountSchemas.Username,
|
||||
password: AccountSchemas.StringPassword
|
||||
|
|
@ -59,8 +60,7 @@ export default function (files: Files) {
|
|||
})
|
||||
|
||||
router.get("/", requiresAccount, async ctx => {
|
||||
let sessionToken = (await auth.tokenFor(ctx))!
|
||||
return ctx.redirect(`/api/v1`)
|
||||
return ctx.json(auth.resolve((await auth.tokenFor(ctx))!)!)
|
||||
})
|
||||
|
||||
router.delete("/", requiresAccount, async ctx => {
|
||||
|
|
|
|||
Loading…
Reference in a new issue