Working registration/auth
This commit is contained in:
parent
cd9400fec3
commit
81b314ac55
3
.env
3
.env
|
@ -1,2 +1,3 @@
|
|||
SSL=false
|
||||
RECOGNIZE_PROVIDERS=false
|
||||
DISABLE_PROVIDERS=false
|
||||
ENABLE_REGISTER=true
|
|
@ -2,7 +2,7 @@
|
|||
exports.up = function(knex) {
|
||||
return knex.schema.createTable('users', function (table) {
|
||||
table.increments('id');
|
||||
table.string('name');
|
||||
table.string('username');
|
||||
table.string('email').unique();
|
||||
table.string('password');
|
||||
table.timestamps();
|
||||
|
|
|
@ -6,7 +6,8 @@ const argon2 = require('argon2');
|
|||
let config = {
|
||||
domain: process.env.DOMAIN || "localhost:3000",
|
||||
https: (process.env.SSL === 'true') || false,
|
||||
recognizeProviders: (process.env.RECOGNIZE_PROVIDERS === 'true') || true,
|
||||
recognizeProviders: !(process.env.DISABLE_PROVIDERS === 'true'),
|
||||
registrationEnabled: (process.env.ENABLE_REGISTER === 'true'),
|
||||
getBaseUrl() {
|
||||
if (config.https) {
|
||||
return `https://${config.domain}`;
|
||||
|
@ -161,6 +162,39 @@ fastify.get('/api/:shortcode', async (req, res) => {
|
|||
}
|
||||
});
|
||||
|
||||
//User registration
|
||||
fastify.post('/api/register', async (req, res) => {
|
||||
if (!config.registrationEnabled) {
|
||||
res.statusCode = 400;
|
||||
return "Registration was disabled by your admin";
|
||||
}
|
||||
|
||||
const username = req.body?.username;
|
||||
let password = req.body?.password;
|
||||
|
||||
//Check
|
||||
if (!username || !password) {
|
||||
res.statusCode = 400;
|
||||
return "Missing username or password";
|
||||
}
|
||||
|
||||
const exists = await knex.select('username')
|
||||
.from('users')
|
||||
.where('username', '=', username)
|
||||
.limit(1);
|
||||
if (exists.length != 0) {
|
||||
res.statusCode = 400;
|
||||
return "User already exists";
|
||||
}
|
||||
|
||||
password = await argon2.hash(password);
|
||||
|
||||
//Create a new db entry
|
||||
await knex('users').insert({ username, password });
|
||||
|
||||
return "Done!"
|
||||
});
|
||||
|
||||
fastify.after(() => {
|
||||
//Get url api route
|
||||
fastify.get('/api/:shortcode/visits', { onRequest: fastify.basicAuth }, async (req, res) => {
|
||||
|
@ -249,18 +283,15 @@ async function validate(username, password, req, reply) {
|
|||
return new Error('Sorry only authorized users can do that.')
|
||||
}
|
||||
|
||||
const user = await knex.select('name', 'password')
|
||||
const user = await knex.select('username', 'password')
|
||||
.from('users')
|
||||
.where('name', '=', username)
|
||||
.where('username', '=', username)
|
||||
.limit(1);
|
||||
|
||||
if (user.length == 0) {
|
||||
return new Error('Sorry m8, looks like you are not on the inivtation list');
|
||||
}
|
||||
|
||||
password = await argon2.hash(password);
|
||||
|
||||
if (password != user[0].password) {
|
||||
if (!(await argon2.verify(user[0].password, password))) {
|
||||
return new Error('Wrong credentials');
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue