Merge 735878fe6a into b59d1b24ff

src/server/lib/codes.ts

@@ -4,14 +4,12 @@ import crypto from "node:crypto"
 export type Intent = "verifyEmail" | "recoverAccount" | "identityProof"
 
 export const Intents = {
-    verifyEmail: {
+    verifyEmail: {},
-        limit: 2
-    },
     recoverAccount: {},
     identityProof: {
         codeGenerator: crypto.randomUUID
     }
-} as Record<Intent, {codeGenerator?: () => string, limit?: number}>
+} as Record<Intent, {codeGenerator?: () => string}>
 
 export function isIntent(intent: string): intent is Intent {
     return intent in Intents
@@ -74,15 +72,4 @@ export class Code {
     check(forUser: string) {
         return forUser === this.for
     }
-}
-
-export function code(...params: ConstructorParameters<typeof Code>): { success: true, code: Code } | { success: false, error: string } {
-    const [intent, forUser] = params
-    const {limit = 100} = Intents[intent]
-    const {length: codeCount} = codes[intent].byUser.get(forUser) || [];
-
-    if (codeCount >= limit)
-        return { success: false, error: `Too many active codes for intent ${intent} (${limit})` }
-    else
-        return { success: true, code: new Code(...params) }
 }

src/server/routes/api/v1/account/index.ts

@@ -111,12 +111,12 @@ const validators: {
 
             // send verification email
 
-            const tryCode = CodeMgr.code("verifyEmail", target.id, params.email)
+            if (
+                (CodeMgr.codes.verifyEmail.byUser.get(target.id)?.length || 0) >= 2
+            )
+                return [429, "you have too many active codes"]
 
-            if (!tryCode.success)
+            let code = new CodeMgr.Code("verifyEmail", target.id, params.email)
-                return [429, tryCode.error]
-
-            const { code } = tryCode
 
             sendMail(
                 params.email,
@@ -264,7 +264,7 @@ export default function (files: Files) {
         password: AccountSchemas.StringPassword,
         invite: z.string().max(6)
     }).omit(
-        !Configuration.accounts.requiredForUpload
+        Configuration.accounts.requiredForUpload
         ? { invite: true }
         : {}
     )), async (ctx) => {
@@ -302,9 +302,7 @@ export default function (files: Files) {
 
     router.patch(
         "/:user",
-        scheme(
+        scheme(UserUpdateScheme),
-            UserUpdateScheme
-        ),
         assertAPI(
             ctx =>
                 Object.keys(ctx.get("parsedScheme"))

src/server/routes/api/v1/account/prove.ts

@@ -49,7 +49,7 @@ export default function () {
         return ctx.json(["none"]) // if we add 2fa in the future, return available 2fa methods
     })
 
-    router.post("/", requiresAccount, scheme(
+    router.post("/", scheme(
         ProofCreationSchema
     ), async (ctx) => {
 
@@ -68,17 +68,12 @@ export default function () {
 
         // if actor does have 2fa in an else block here
 
-        const tryCode = CodeMgr.code(
+        return ctx.text(new CodeMgr.Code(
             "identityProof",
             target.id,
             Boolean(actor), // so that you can only log in with proofs created when logged out
             5 * 60 * 1000
-        )
+        ).id)
-
-        if (!tryCode.success)
-            return ServeError(ctx, 429, tryCode.error)
-
-        return ctx.text(tryCode.code.id)
     })
 
     return router