removed validation check, added pw check

2025-04-01 20:24:18 +02:00 · 2023-05-06 09:56:49 +02:00 · 2023-05-06 09:56:49 +02:00 · 413aad47bd
commit 413aad47bd
parent a61e473df0
4 changed files with 24 additions and 67 deletions
--- a/src/middlewares/auth.middleware.ts
+++ b/src/middlewares/auth.middleware.ts
@ -27,7 +27,7 @@ import dbtools from '../utils/dbtools'
 const EXCEPTIONS = [
    '/api/registerscript',
    '/api/login',
-    '/api/validationtoken',
+    '/api/ispwvalid',
    '/api/syncp2pdata',
    '/api/selfInfo',
    '/favicon.ico',
--- a/src/modules/api/p2p/p2putils.ts
+++ b/src/modules/api/p2p/p2putils.ts
@ -211,7 +211,7 @@ export async function loginAndPostDataToAllPeers<
            ) {
                results.errors.push(peer)
                console.error(
-                    `Error: posting data to ${peerToString(peer)}`,
+                    `Error posting data to ${peerToString(peer)}`,
                    res.error || JSON.stringify(res.data)
                )
            } else {
--- a/src/modules/api/submodules/userManagement.ts
+++ b/src/modules/api/submodules/userManagement.ts
@ -18,7 +18,7 @@

 ------------------------------------------------------------------------- */

-import { v4 as uuidv4, v5, validate as validateuuid } from 'uuid'
+import { v4 as uuidv4 } from 'uuid'
 import type { Database } from 'better-sqlite3'

 import logger from '../../../utils/logger'
@ -80,19 +80,6 @@ function createDefaultUser(userDb: Database) {
    logger.Log('It can be also viewed in the users db file.')
 }

-// TODO: figure out if this is needed
-// const validationTokenNameFile = 'data/validationTokenName'
-// function readValidationTokenName() {
-//     if (utils.FileExists(validationTokenNameFile)) {
-//         return utils.ReadFile(validationTokenNameFile)
-//     } else {
-//         throw new Error(
-//             `Validation token file does not exist! Should be: "${validationTokenNameFile}", content should be: "name for uuidv5 (any text)"`
-//         )
-//     }
-// }
-const validationTokenName = 'qmining' // readValidationTokenName()
-
 function setup(data: SubmoduleData): Submodule {
    const { app, userDB } = data

@ -186,6 +173,26 @@ function setup(data: SubmoduleData): Submodule {
        })
    })

+    app.post('/ispwvalid', (req: Request, res: any) => {
+        logger.LogReq(req)
+
+        const pw = req.body.pw
+            ? req.body.pw.replace(/'/g, '').replace(/"/g, '').replace(/;/g, '')
+            : false
+
+        console.log(req.body)
+
+        const user: User = dbtools.Select(userDB, 'users', {
+            pw: pw,
+        })[0]
+
+        if (user) {
+            res.json({ success: true })
+        } else {
+            res.json({ success: false })
+        }
+    })
+
    app.post('/login', (req: Request, res: any) => {
        logger.LogReq(req)
        const pw = req.body.pw
@ -320,56 +327,6 @@ function setup(data: SubmoduleData): Submodule {
        })
    })

-    app.get(
-        '/validationtoken',
-        (req: Request<{ token: string; userid: string }>, res: any) => {
-            logger.LogReq(req)
-            const user: User = req.session.user
-            const { token, userid } = req.query
-            const isQueryValid = validateuuid(token) && !Number.isNaN(+userid)
-
-            if (isQueryValid) {
-                const specifiedUser = dbtools.Select(userDB, 'users', {
-                    id: +userid,
-                })
-
-                if (specifiedUser.length === 0 || !specifiedUser[0]) {
-                    res.json({
-                        result: 'nouserid',
-                        msg: 'couldnt find user',
-                    })
-                }
-                const key = v5(validationTokenName, specifiedUser[0].pw)
-                const isValid = key === token
-
-                res.json({
-                    result: 'success',
-                    isValid: isValid,
-                })
-            } else if ((token || userid) && !isQueryValid) {
-                res.json({
-                    result: 'invalid',
-                    msg: 'token or user id is not valid, or undefined',
-                })
-            } else if (!user) {
-                res.json({
-                    result: 'nouser',
-                    msg: 'you are not logged in',
-                })
-            } else {
-                const key = v5(validationTokenName, user.pw)
-
-                res.json({
-                    result: 'newtoken',
-                    key: key,
-                    ...((token || userid) && {
-                        msg: 'userid or token was provided, but was invalid',
-                    }),
-                })
-            }
-        }
-    )
-
    function getDayDiff(dateString: string | Date | number) {
        const msdiff = new Date().getTime() - new Date(dateString).getTime()
        return Math.floor(msdiff / (1000 * 3600 * 24))
--- a/submodules/qmining-page
+++ b/submodules/qmining-page
@ -1 +1 @@
-Subproject commit 96d1dafe90a55a476876958b384958b3d394f963
+Subproject commit b008eee6f17441ea833ed4036b687da180dcf370