Working registration/auth
This commit is contained in:
parent
cd9400fec3
commit
81b314ac55
3
.env
3
.env
|
@ -1,2 +1,3 @@
|
||||||
SSL=false
|
SSL=false
|
||||||
RECOGNIZE_PROVIDERS=false
|
DISABLE_PROVIDERS=false
|
||||||
|
ENABLE_REGISTER=true
|
|
@ -2,7 +2,7 @@
|
||||||
exports.up = function(knex) {
|
exports.up = function(knex) {
|
||||||
return knex.schema.createTable('users', function (table) {
|
return knex.schema.createTable('users', function (table) {
|
||||||
table.increments('id');
|
table.increments('id');
|
||||||
table.string('name');
|
table.string('username');
|
||||||
table.string('email').unique();
|
table.string('email').unique();
|
||||||
table.string('password');
|
table.string('password');
|
||||||
table.timestamps();
|
table.timestamps();
|
||||||
|
|
|
@ -6,7 +6,8 @@ const argon2 = require('argon2');
|
||||||
let config = {
|
let config = {
|
||||||
domain: process.env.DOMAIN || "localhost:3000",
|
domain: process.env.DOMAIN || "localhost:3000",
|
||||||
https: (process.env.SSL === 'true') || false,
|
https: (process.env.SSL === 'true') || false,
|
||||||
recognizeProviders: (process.env.RECOGNIZE_PROVIDERS === 'true') || true,
|
recognizeProviders: !(process.env.DISABLE_PROVIDERS === 'true'),
|
||||||
|
registrationEnabled: (process.env.ENABLE_REGISTER === 'true'),
|
||||||
getBaseUrl() {
|
getBaseUrl() {
|
||||||
if (config.https) {
|
if (config.https) {
|
||||||
return `https://${config.domain}`;
|
return `https://${config.domain}`;
|
||||||
|
@ -161,6 +162,39 @@ fastify.get('/api/:shortcode', async (req, res) => {
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
|
//User registration
|
||||||
|
fastify.post('/api/register', async (req, res) => {
|
||||||
|
if (!config.registrationEnabled) {
|
||||||
|
res.statusCode = 400;
|
||||||
|
return "Registration was disabled by your admin";
|
||||||
|
}
|
||||||
|
|
||||||
|
const username = req.body?.username;
|
||||||
|
let password = req.body?.password;
|
||||||
|
|
||||||
|
//Check
|
||||||
|
if (!username || !password) {
|
||||||
|
res.statusCode = 400;
|
||||||
|
return "Missing username or password";
|
||||||
|
}
|
||||||
|
|
||||||
|
const exists = await knex.select('username')
|
||||||
|
.from('users')
|
||||||
|
.where('username', '=', username)
|
||||||
|
.limit(1);
|
||||||
|
if (exists.length != 0) {
|
||||||
|
res.statusCode = 400;
|
||||||
|
return "User already exists";
|
||||||
|
}
|
||||||
|
|
||||||
|
password = await argon2.hash(password);
|
||||||
|
|
||||||
|
//Create a new db entry
|
||||||
|
await knex('users').insert({ username, password });
|
||||||
|
|
||||||
|
return "Done!"
|
||||||
|
});
|
||||||
|
|
||||||
fastify.after(() => {
|
fastify.after(() => {
|
||||||
//Get url api route
|
//Get url api route
|
||||||
fastify.get('/api/:shortcode/visits', { onRequest: fastify.basicAuth }, async (req, res) => {
|
fastify.get('/api/:shortcode/visits', { onRequest: fastify.basicAuth }, async (req, res) => {
|
||||||
|
@ -249,18 +283,15 @@ async function validate(username, password, req, reply) {
|
||||||
return new Error('Sorry only authorized users can do that.')
|
return new Error('Sorry only authorized users can do that.')
|
||||||
}
|
}
|
||||||
|
|
||||||
const user = await knex.select('name', 'password')
|
const user = await knex.select('username', 'password')
|
||||||
.from('users')
|
.from('users')
|
||||||
.where('name', '=', username)
|
.where('username', '=', username)
|
||||||
.limit(1);
|
.limit(1);
|
||||||
|
|
||||||
if (user.length == 0) {
|
if (user.length == 0) {
|
||||||
return new Error('Sorry m8, looks like you are not on the inivtation list');
|
return new Error('Sorry m8, looks like you are not on the inivtation list');
|
||||||
}
|
}
|
||||||
|
if (!(await argon2.verify(user[0].password, password))) {
|
||||||
password = await argon2.hash(password);
|
|
||||||
|
|
||||||
if (password != user[0].password) {
|
|
||||||
return new Error('Wrong credentials');
|
return new Error('Wrong credentials');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue