Compare commits
	
		
			14 Commits
		
	
	
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| a41758cd9c | |||
| d6755ed134 | |||
| 599c75fc00 | |||
| bb213f001e | |||
| 5415cd38a7 | |||
| 175ba52ffa | |||
| 5c5000a218 | |||
| d559d04031 | |||
| 2af682d1dd | |||
| 30905e481c | |||
| 752d405bda | |||
| 8fa4ed7c33 | |||
| c4201e9a68 | |||
| 78dcad0857 | 
| @@ -14,7 +14,7 @@ jobs: | ||||
|         uses: actions/setup-node@v4 | ||||
|         with: | ||||
|           node-version: 19 | ||||
|       - run: npm i -g pnpm@8 && pnpm i | ||||
|       - run: npm i -g pnpm@10.7 && pnpm i | ||||
|       - run: pnpm licenses:export | ||||
|       - name: Login to registry | ||||
|         uses: docker/login-action@v3 | ||||
|   | ||||
							
								
								
									
										3
									
								
								.vscode/settings.json
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										3
									
								
								.vscode/settings.json
									
									
									
									
										vendored
									
									
								
							| @@ -9,8 +9,7 @@ | ||||
|     "[typescript]": { | ||||
|         "editor.defaultFormatter": "vscode.typescript-language-features", | ||||
|         "editor.codeActionsOnSave": { | ||||
|             "source.organizeImports": true, | ||||
|             // "source.fixAll": true | ||||
|             "source.organizeImports": "explicit" | ||||
|         } | ||||
|     }, | ||||
|     "javascript.preferences.quoteStyle": "single", | ||||
|   | ||||
							
								
								
									
										45
									
								
								CHANGELOG.md
									
									
									
									
									
								
							
							
						
						
									
										45
									
								
								CHANGELOG.md
									
									
									
									
									
								
							| @@ -2,12 +2,57 @@ | ||||
|  | ||||
| All notable changes to this project will be documented in this file. Dates are displayed in UTC. | ||||
|  | ||||
| #### [1.3.6](https://git.odit.services/lfk/backend/compare/1.3.5...1.3.6) | ||||
|  | ||||
| - feat(runners): Allow created via being set via api [`d6755ed`](https://git.odit.services/lfk/backend/commit/d6755ed134071df635bc9d5821ceb2396c0f1d22) | ||||
| - fix(participant): Switch to correct type [`599c75f`](https://git.odit.services/lfk/backend/commit/599c75fc00217eaec3cc87c0de50d059bdde685f) | ||||
|  | ||||
| #### [1.3.5](https://git.odit.services/lfk/backend/compare/1.3.4...1.3.5) | ||||
|  | ||||
| > 8 April 2025 | ||||
|  | ||||
| - feat(runners): Generate selfservice urls on runner if requested or create/update/get single [`5415cd3`](https://git.odit.services/lfk/backend/commit/5415cd38a727e76632a01a4d2634a1777df5542c) | ||||
| - chore(release): 1.3.5 [`bb213f0`](https://git.odit.services/lfk/backend/commit/bb213f001eff2157abf8741128f624f9cc991afe) | ||||
|  | ||||
| #### [1.3.4](https://git.odit.services/lfk/backend/compare/1.3.3...1.3.4) | ||||
|  | ||||
| > 28 March 2025 | ||||
|  | ||||
| - feat: add runnersViaSelfservice to statsControllerGet [`5c5000a`](https://git.odit.services/lfk/backend/commit/5c5000a218b47815e6846ac8b857dcd1995bfa6f) | ||||
| - chore(release): 1.3.4 [`175ba52`](https://git.odit.services/lfk/backend/commit/175ba52ffae8e6ba1fdc1603ac2f5eba15602046) | ||||
|  | ||||
| #### [1.3.3](https://git.odit.services/lfk/backend/compare/v1.3.2...1.3.3) | ||||
|  | ||||
| > 28 March 2025 | ||||
|  | ||||
| - chore(release): 1.3.3 [`d559d04`](https://git.odit.services/lfk/backend/commit/d559d0403191c703fd6da0e3f3dab53eec9258c0) | ||||
| - ci: remove "v" prefix from tags [`2af682d`](https://git.odit.services/lfk/backend/commit/2af682d1dd09df496eb9f3a9111c50c0c4117356) | ||||
|  | ||||
| #### [v1.3.2](https://git.odit.services/lfk/backend/compare/v1.3.1...v1.3.2) | ||||
|  | ||||
| > 28 March 2025 | ||||
|  | ||||
| - chore(release): v1.3.2 [`30905e4`](https://git.odit.services/lfk/backend/commit/30905e481c69cfe62b4261544b4277de3a1a43c2) | ||||
| - ci: pnpm@10.7 [`752d405`](https://git.odit.services/lfk/backend/commit/752d405bda9129f3cd288a956d5444cab316c2af) | ||||
|  | ||||
| #### [v1.3.1](https://git.odit.services/lfk/backend/compare/1.3.0...v1.3.1) | ||||
|  | ||||
| > 28 March 2025 | ||||
|  | ||||
| - fix: TypeError: Cannot read properties of undefined (reading 'filter') - when trying to delete a org/team with runners [`#210`](https://git.odit.services/lfk/backend/issues/210) | ||||
| - pnpm@10.7, node@23, argon->@node-rs/argon2 [`78dcad0`](https://git.odit.services/lfk/backend/commit/78dcad085794c93829499dd550a786c38d6186f5) | ||||
| - chore(release): v1.3.1 [`8fa4ed7`](https://git.odit.services/lfk/backend/commit/8fa4ed7c3319c3e56a71701ba266ceda64d2ef69) | ||||
|  | ||||
| #### [1.3.0](https://git.odit.services/lfk/backend/compare/1.2.1...1.3.0) | ||||
|  | ||||
| > 28 March 2025 | ||||
|  | ||||
| - feat: created_via for tracking how runners got into the system [`#212`](https://git.odit.services/lfk/backend/pull/212) | ||||
| - feat: created_via for tracking how runners got into the system (#212) [`#211`](https://git.odit.services/lfk/backend/issues/211) | ||||
| - ci: move to gitea workflows [`ebde8c6`](https://git.odit.services/lfk/backend/commit/ebde8c6ffd8b17c6752da8c4d8eb3095105f6132) | ||||
| - chore(release): v1.3.0 [`93e0cdf`](https://git.odit.services/lfk/backend/commit/93e0cdf577654898b2d63790d91598c458a2db59) | ||||
| - build: docker "AS" casing [`0a43f1b`](https://git.odit.services/lfk/backend/commit/0a43f1bb5b26d3acb0d4d91648473f0dc55e8637) | ||||
| - ci: change release commit message [`6efcd94`](https://git.odit.services/lfk/backend/commit/6efcd94726957b8c527820f1a9b0130151ce22f1) | ||||
| - refactor(RunnerController.remove): only load necessary relations [`8c6fdb2`](https://git.odit.services/lfk/backend/commit/8c6fdb22390218e385780fadb3bdaf32148ac054) | ||||
| - refactor(RunnerTeamController.remove): only load necessary relations [`c0d5af5`](https://git.odit.services/lfk/backend/commit/c0d5af5d7ab44cfdf19014e0d774fb560d08f6d7) | ||||
| - fix: add .created_via to ResponseParticipant constructor [`2e271bc`](https://git.odit.services/lfk/backend/commit/2e271bcd52f02ab7449cd15916b0afc86e8b0a90) | ||||
|   | ||||
							
								
								
									
										10
									
								
								Dockerfile
									
									
									
									
									
								
							
							
						
						
									
										10
									
								
								Dockerfile
									
									
									
									
									
								
							| @@ -1,10 +1,12 @@ | ||||
| # Typescript Build | ||||
| FROM registry.odit.services/hub/library/node:21.1.0-alpine3.18 AS build | ||||
| FROM registry.odit.services/hub/library/node:23.10.0-alpine3.21 AS build | ||||
| ARG NPM_REGISTRY_URL=https://registry.npmjs.org | ||||
| WORKDIR /app | ||||
|  | ||||
| COPY package.json ./ | ||||
| RUN npm config set registry $NPM_REGISTRY_URL && npm i -g pnpm@8 | ||||
| COPY pnpm-workspace.yaml ./ | ||||
| COPY pnpm-lock.yaml ./ | ||||
| RUN npm config set registry $NPM_REGISTRY_URL && npm i -g pnpm@10.7 | ||||
| RUN mkdir /pnpm && pnpm config set store-dir /pnpm && pnpm i | ||||
|  | ||||
| COPY tsconfig.json ormconfig.js ./ | ||||
| @@ -14,9 +16,11 @@ RUN pnpm run build \ | ||||
|     && pnpm i --production --prefer-offline | ||||
|  | ||||
| # final image | ||||
| FROM registry.odit.services/hub/library/node:21.1.0-alpine3.18 AS final | ||||
| FROM registry.odit.services/hub/library/node:23.10.0-alpine3.21 AS final | ||||
| WORKDIR /app | ||||
| COPY --from=build /app/package.json /app/package.json | ||||
| COPY --from=build /app/pnpm-lock.yaml /app/pnpm-lock.yaml | ||||
| COPY --from=build /app/pnpm-workspace.yaml /app/pnpm-workspace.yaml | ||||
| COPY --from=build /app/ormconfig.js /app/ormconfig.js | ||||
| COPY --from=build /app/dist /app/dist | ||||
| COPY --from=build /app/node_modules /app/node_modules | ||||
|   | ||||
| @@ -1,4 +1,3 @@ | ||||
| version: "3" | ||||
| services: | ||||
|   backend_server: | ||||
|     build: . | ||||
| @@ -14,7 +13,7 @@ services: | ||||
|       DB_NAME: ./db.sqlite | ||||
|       NODE_ENV: production | ||||
|       POSTALCODE_COUNTRYCODE: DE | ||||
|       SEED_TEST_DATA: "false" | ||||
|       SEED_TEST_DATA: "true" | ||||
|       MAILER_URL: https://dev.lauf-fuer-kaya.de/mailer | ||||
|       MAILER_KEY: asdasd | ||||
|       # APP_PORT: 4010 | ||||
|   | ||||
							
								
								
									
										59
									
								
								licenses.md
									
									
									
									
									
								
							
							
						
						
									
										59
									
								
								licenses.md
									
									
									
									
									
								
							| @@ -1,3 +1,32 @@ | ||||
| # @node-rs/argon2 | ||||
| **Author**: undefined | ||||
| **Repo**: [object Object] | ||||
| **License**: MIT | ||||
| **Description**: RustCrypto: Argon2 binding for Node.js | ||||
| ## License Text | ||||
| MIT License | ||||
|  | ||||
| Copyright (c) 2020-present LongYinan | ||||
|  | ||||
| Permission is hereby granted, free of charge, to any person obtaining a copy | ||||
| of this software and associated documentation files (the "Software"), to deal | ||||
| in the Software without restriction, including without limitation the rights | ||||
| to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | ||||
| copies of the Software, and to permit persons to whom the Software is | ||||
| furnished to do so, subject to the following conditions: | ||||
|  | ||||
| The above copyright notice and this permission notice shall be included in all | ||||
| copies or substantial portions of the Software. | ||||
|  | ||||
| THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||||
| IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||||
| FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | ||||
| AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||||
| LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||||
| OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | ||||
| SOFTWARE. | ||||
|   | ||||
|  | ||||
| # @odit/class-validator-jsonschema | ||||
| **Author**: Aleksi Pekkala <aleksipekkala@gmail.com> | ||||
| **Repo**: git@github.com:epiphone/class-validator-jsonschema.git | ||||
| @@ -27,36 +56,6 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | ||||
| SOFTWARE. | ||||
|   | ||||
|  | ||||
| # argon2 | ||||
| **Author**: Ranieri Althoff <ranisalt+argon2@gmail.com> | ||||
| **Repo**: [object Object] | ||||
| **License**: MIT | ||||
| **Description**: An Argon2 library for Node | ||||
| ## License Text | ||||
| The MIT License (MIT) | ||||
|  | ||||
| Copyright (c) 2015 Ranieri Althoff | ||||
|  | ||||
| Permission is hereby granted, free of charge, to any person obtaining a copy | ||||
| of this software and associated documentation files (the "Software"), to deal | ||||
| in the Software without restriction, including without limitation the rights | ||||
| to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | ||||
| copies of the Software, and to permit persons to whom the Software is | ||||
| furnished to do so, subject to the following conditions: | ||||
|  | ||||
| The above copyright notice and this permission notice shall be included in all | ||||
| copies or substantial portions of the Software. | ||||
|  | ||||
| THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||||
| IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||||
| FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | ||||
| AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||||
| LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||||
| OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | ||||
| SOFTWARE. | ||||
|  | ||||
|   | ||||
|  | ||||
| # axios | ||||
| **Author**: Matt Zabriskie | ||||
| **Repo**: [object Object] | ||||
|   | ||||
							
								
								
									
										15
									
								
								package.json
									
									
									
									
									
								
							
							
						
						
									
										15
									
								
								package.json
									
									
									
									
									
								
							| @@ -1,11 +1,8 @@ | ||||
| { | ||||
|   "name": "@odit/lfk-backend", | ||||
|   "version": "1.3.0", | ||||
|   "version": "1.3.6", | ||||
|   "main": "src/app.ts", | ||||
|   "repository": "https://git.odit.services/lfk/backend", | ||||
|   "engines": { | ||||
|     "pnpm": "8" | ||||
|   }, | ||||
|   "author": { | ||||
|     "name": "ODIT.Services", | ||||
|     "email": "info@odit.services", | ||||
| @@ -25,8 +22,8 @@ | ||||
|   ], | ||||
|   "license": "CC-BY-NC-SA-4.0", | ||||
|   "dependencies": { | ||||
|     "@node-rs/argon2": "^2.0.2", | ||||
|     "@odit/class-validator-jsonschema": "2.1.1", | ||||
|     "argon2": "0.31.2", | ||||
|     "axios": "0.21.1", | ||||
|     "body-parser": "1.19.0", | ||||
|     "check-password-strength": "2.0.2", | ||||
| @@ -46,7 +43,7 @@ | ||||
|     "reflect-metadata": "0.1.13", | ||||
|     "routing-controllers": "0.9.0-alpha.6", | ||||
|     "routing-controllers-openapi": "2.2.0", | ||||
|     "sqlite3": "5.1.6", | ||||
|     "sqlite3": "5.1.7", | ||||
|     "typeorm": "0.2.30", | ||||
|     "typeorm-routing-controllers-extensions": "0.2.0", | ||||
|     "typeorm-seeding": "1.6.1", | ||||
| @@ -94,12 +91,12 @@ | ||||
|     "git": { | ||||
|       "commit": true, | ||||
|       "requireCleanWorkingDir": false, | ||||
|       "commitMessage": "chore(release): v${version}", | ||||
|       "commitMessage": "chore(release): ${version}", | ||||
|       "requireBranch": "dev", | ||||
|       "push": true, | ||||
|       "tag": true, | ||||
|       "tagName": "v${version}", | ||||
|       "tagAnnotation": "v${version}" | ||||
|       "tagName": "${version}", | ||||
|       "tagAnnotation": "${version}" | ||||
|     }, | ||||
|     "npm": { | ||||
|       "publish": false | ||||
|   | ||||
							
								
								
									
										10304
									
								
								pnpm-lock.yaml
									
									
									
										generated
									
									
									
								
							
							
						
						
									
										10304
									
								
								pnpm-lock.yaml
									
									
									
										generated
									
									
									
								
							
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							
							
								
								
									
										2
									
								
								pnpm-workspace.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										2
									
								
								pnpm-workspace.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,2 @@ | ||||
| onlyBuiltDependencies: | ||||
|   - sqlite3 | ||||
| @@ -30,7 +30,7 @@ export class RunnerController { | ||||
| 	@Authorized("RUNNER:GET") | ||||
| 	@ResponseSchema(ResponseRunner, { isArray: true }) | ||||
| 	@OpenAPI({ description: 'Lists all runners from all teams/orgs. <br> This includes the runner\'s group and distance ran.' }) | ||||
| 	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) { | ||||
| 	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100, @QueryParam("selfservice_links", { required: false }) selfservice_links: boolean = false) { | ||||
| 		let responseRunners: ResponseRunner[] = new Array<ResponseRunner>(); | ||||
| 		let runners: Array<Runner>; | ||||
|  | ||||
| @@ -41,7 +41,7 @@ export class RunnerController { | ||||
| 		} | ||||
|  | ||||
| 		runners.forEach(runner => { | ||||
| 			responseRunners.push(new ResponseRunner(runner)); | ||||
| 			responseRunners.push(new ResponseRunner(runner, selfservice_links)); | ||||
| 		}); | ||||
| 		return responseRunners; | ||||
| 	} | ||||
| @@ -55,7 +55,7 @@ export class RunnerController { | ||||
| 	async getOne(@Param('id') id: number) { | ||||
| 		let runner = await this.runnerRepository.findOne({ id: id }, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards'] }) | ||||
| 		if (!runner) { throw new RunnerNotFoundError(); } | ||||
| 		return new ResponseRunner(runner); | ||||
| 		return new ResponseRunner(runner, true); | ||||
| 	} | ||||
|  | ||||
| 	@Get('/:id/scans') | ||||
| @@ -98,7 +98,7 @@ export class RunnerController { | ||||
| 		} | ||||
|  | ||||
| 		runner = await this.runnerRepository.save(runner) | ||||
| 		return new ResponseRunner(await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards'] })); | ||||
| 		return new ResponseRunner(await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards'] }), true); | ||||
| 	} | ||||
|  | ||||
| 	@Put('/:id') | ||||
| @@ -119,7 +119,7 @@ export class RunnerController { | ||||
| 		} | ||||
|  | ||||
| 		await this.runnerRepository.save(await runner.update(oldRunner)); | ||||
| 		return new ResponseRunner(await this.runnerRepository.findOne({ id: id }, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards'] })); | ||||
| 		return new ResponseRunner(await this.runnerRepository.findOne({ id: id }, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards'] }), true); | ||||
| 	} | ||||
|  | ||||
| 	@Delete('/:id') | ||||
|   | ||||
| @@ -23,6 +23,7 @@ export class StatsController { | ||||
|     @OpenAPI({ description: "A very basic stats endpoint providing basic counters for a dashboard or simmilar" }) | ||||
|     async get() { | ||||
|         const connection = getConnection(); | ||||
|         const runnersViaSelfservice = await connection.getRepository(Runner).count({ where: { created_via: "selfservice" } }); | ||||
|         const runners = await connection.getRepository(Runner).count(); | ||||
|         const teams = await connection.getRepository(RunnerTeam).count(); | ||||
|         const orgs = await connection.getRepository(RunnerOrganization).count(); | ||||
| @@ -41,7 +42,7 @@ export class StatsController { | ||||
|         let donations = await connection.getRepository(Donation).find({ relations: ['runner', 'runner.scans', 'runner.scans.track'] }); | ||||
|         const donors = await connection.getRepository(Donor).count(); | ||||
|  | ||||
|         return new ResponseStats(runners, teams, orgs, users, scans, donations, distace, donors) | ||||
|         return new ResponseStats(runnersViaSelfservice, runners, teams, orgs, users, scans, donations, distace, donors) | ||||
|     } | ||||
|  | ||||
|     @Get("/runners/distance") | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| import * as argon2 from "argon2"; | ||||
| import { verify } from '@node-rs/argon2'; | ||||
| import { Request, Response } from 'express'; | ||||
| import { getConnectionManager } from 'typeorm'; | ||||
| import { ScanStation } from '../models/entities/ScanStation'; | ||||
| @@ -58,7 +58,7 @@ const ScanAuth = async (req: Request, res: Response, next: () => void) => { | ||||
|         if (station.enabled == false) { | ||||
|             res.status(401).send({ http_code: 401, short: "station_disabled", message: "Station is disabled." }); | ||||
|         } | ||||
|         if (!(await argon2.verify(station.key, provided_token))) { | ||||
|         if (!(await verify(station.key, provided_token))) { | ||||
|             res.status(401).send({ http_code: 401, short: "invalid_token", message: "Api token non-existent or invalid syntax." }); | ||||
|             return; | ||||
|         } | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| import * as argon2 from "argon2"; | ||||
| import { verify } from '@node-rs/argon2'; | ||||
| import { Request, Response } from 'express'; | ||||
| import { getConnectionManager } from 'typeorm'; | ||||
| import { StatsClient } from '../models/entities/StatsClient'; | ||||
| @@ -55,7 +55,7 @@ const StatsAuth = async (req: Request, res: Response, next: () => void) => { | ||||
|         } | ||||
|     } | ||||
|     else { | ||||
|         if (!(await argon2.verify(client.key, provided_token))) { | ||||
|         if (!(await verify(client.key, provided_token))) { | ||||
|             res.status(401).send("Api token invalid."); | ||||
|             return; | ||||
|         } | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| import * as argon2 from "argon2"; | ||||
| import { hash } from '@node-rs/argon2'; | ||||
| import { IsNotEmpty, IsOptional, IsString } from 'class-validator'; | ||||
| import * as jsonwebtoken from 'jsonwebtoken'; | ||||
| import { getConnectionManager } from 'typeorm'; | ||||
| @@ -49,7 +49,7 @@ export class ResetPassword { | ||||
|         if (found_user.refreshTokenCount !== decoded["refreshTokenCount"]) { throw new RefreshTokenCountInvalidError(); } | ||||
|  | ||||
|         found_user.refreshTokenCount = found_user.refreshTokenCount + 1; | ||||
|         found_user.password = await argon2.hash(this.password + found_user.uuid); | ||||
|         found_user.password = await hash(this.password + found_user.uuid); | ||||
|         await getConnectionManager().get().getRepository(User).save(found_user); | ||||
|  | ||||
|         return "password reset successfull"; | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| import * as argon2 from "argon2"; | ||||
| import { verify } from '@node-rs/argon2'; | ||||
| import { IsEmail, IsNotEmpty, IsOptional, IsString } from 'class-validator'; | ||||
| import { getConnectionManager } from 'typeorm'; | ||||
| import { InvalidCredentialsError, PasswordNeededError, UserDisabledError, UserNotFoundError } from '../../../errors/AuthError'; | ||||
| @@ -56,7 +56,7 @@ export class CreateAuth { | ||||
|             throw new UserNotFoundError(); | ||||
|         } | ||||
|         if (found_user.enabled == false) { throw new UserDisabledError(); } | ||||
|         if (!(await argon2.verify(found_user.password, this.password + found_user.uuid))) { | ||||
|         if (!(await verify(found_user.password, this.password + found_user.uuid))) { | ||||
|             throw new InvalidCredentialsError(); | ||||
|         } | ||||
|  | ||||
|   | ||||
| @@ -50,4 +50,11 @@ export abstract class CreateParticipant { | ||||
|     @IsOptional() | ||||
|     @IsObject() | ||||
|     address?: Address; | ||||
|  | ||||
|     /** | ||||
|      * how the participant got into the system | ||||
|      */ | ||||
|     @IsOptional() | ||||
|     @IsString() | ||||
|     created_via?: string; | ||||
| } | ||||
| @@ -32,6 +32,9 @@ export class CreateRunner extends CreateParticipant { | ||||
|         newRunner.email = this.email; | ||||
|         newRunner.group = await this.getGroup(); | ||||
|         newRunner.address = this.address; | ||||
|         if (this.created_via) { | ||||
|             newRunner.created_via = this.created_via; | ||||
|         } | ||||
|         Address.validate(newRunner.address); | ||||
|  | ||||
|         return newRunner; | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| import * as argon2 from "argon2"; | ||||
| import { hash } from '@node-rs/argon2'; | ||||
| import { IsBoolean, IsInt, IsOptional, IsPositive, IsString } from 'class-validator'; | ||||
| import crypto from 'crypto'; | ||||
| import { getConnection } from 'typeorm'; | ||||
| @@ -44,7 +44,7 @@ export class CreateScanStation { | ||||
|  | ||||
|         let newUUID = uuid.v4().toUpperCase(); | ||||
|         newStation.prefix = crypto.createHash("sha3-512").update(newUUID).digest('hex').substring(0, 7).toUpperCase(); | ||||
|         newStation.key = await argon2.hash(newStation.prefix + "." + newUUID); | ||||
|         newStation.key = await hash(newStation.prefix + "." + newUUID); | ||||
|         newStation.cleartextkey = newStation.prefix + "." + newUUID; | ||||
|  | ||||
|         return newStation; | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| import * as argon2 from "argon2"; | ||||
| import { hash } from '@node-rs/argon2'; | ||||
| import { IsOptional, IsString } from 'class-validator'; | ||||
| import crypto from 'crypto'; | ||||
| import * as uuid from 'uuid'; | ||||
| @@ -25,7 +25,7 @@ export class CreateStatsClient { | ||||
|  | ||||
|         let newUUID = uuid.v4().toUpperCase(); | ||||
|         newClient.prefix = crypto.createHash("sha3-512").update(newUUID).digest('hex').substring(0, 7).toUpperCase(); | ||||
|         newClient.key = await argon2.hash(newClient.prefix + "." + newUUID); | ||||
|         newClient.key = await hash(newClient.prefix + "." + newUUID); | ||||
|         newClient.cleartextkey = newClient.prefix + "." + newUUID; | ||||
|  | ||||
|         return newClient; | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| import * as argon2 from "argon2"; | ||||
| import { hash } from "@node-rs/argon2"; | ||||
| import { passwordStrength } from "check-password-strength"; | ||||
| import { IsBoolean, IsEmail, IsNotEmpty, IsOptional, IsPhoneNumber, IsString, IsUrl } from 'class-validator'; | ||||
| import { getConnectionManager } from 'typeorm'; | ||||
| @@ -110,7 +110,7 @@ export class CreateUser { | ||||
|         newUser.lastname = this.lastname | ||||
|         newUser.uuid = uuid.v4() | ||||
|         newUser.phone = this.phone | ||||
|         newUser.password = await argon2.hash(this.password + newUser.uuid); | ||||
|         newUser.password = await hash(this.password + newUser.uuid); | ||||
|         newUser.groups = await this.getGroups(); | ||||
|         newUser.enabled = this.enabled; | ||||
|  | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| import * as argon2 from "argon2"; | ||||
| import { hash } from '@node-rs/argon2'; | ||||
| import { passwordStrength } from "check-password-strength"; | ||||
| import { IsBoolean, IsEmail, IsInt, IsNotEmpty, IsOptional, IsPhoneNumber, IsString, IsUrl } from 'class-validator'; | ||||
| import { getConnectionManager } from 'typeorm'; | ||||
| @@ -111,7 +111,7 @@ export class UpdateUser { | ||||
|             if (!password_strength.contains.includes("lowercase")) { throw new PasswordMustContainLowercaseLetterError(); } | ||||
|             if (!password_strength.contains.includes("number")) { throw new PasswordMustContainNumberError(); } | ||||
|             if (!(password_strength.length > 9)) { throw new PasswordTooShortError(); } | ||||
|             user.password = await argon2.hash(this.password + user.uuid); | ||||
|             user.password = await hash(this.password + user.uuid); | ||||
|             user.refreshTokenCount = user.refreshTokenCount + 1; | ||||
|         } | ||||
|  | ||||
|   | ||||
| @@ -80,7 +80,7 @@ export abstract class Participant { | ||||
|    */ | ||||
|   @Column({ nullable: true, default: "backend" }) | ||||
|   @IsOptional() | ||||
|   @IsEmail() | ||||
|   @IsString() | ||||
|   created_via?: string; | ||||
|  | ||||
|   /** | ||||
|   | ||||
| @@ -57,7 +57,10 @@ export class Runner extends Participant { | ||||
|    * This is implemented here to avoid duplicate code in other files. | ||||
|    */ | ||||
|   public get validScans(): Scan[] { | ||||
|     return this.scans.filter(scan => scan.valid == true); | ||||
|     if (this.scans) { | ||||
|       return this.scans.filter(scan => scan.valid == true); | ||||
|     } | ||||
|     return [] | ||||
|   } | ||||
|  | ||||
|   /** | ||||
|   | ||||
| @@ -1,7 +1,10 @@ | ||||
| import { | ||||
|     IsInt, | ||||
|     IsObject | ||||
|     IsObject, | ||||
|     IsOptional, | ||||
|     IsString | ||||
| } from "class-validator"; | ||||
| import { JwtCreator } from '../../jwtcreator'; | ||||
| import { Runner } from '../entities/Runner'; | ||||
| import { ResponseObjectType } from '../enums/ResponseObjectType'; | ||||
| import { IResponse } from './IResponse'; | ||||
| @@ -30,14 +33,26 @@ export class ResponseRunner extends ResponseParticipant implements IResponse { | ||||
|     @IsObject() | ||||
|     group: ResponseRunnerGroup; | ||||
|  | ||||
|     /** | ||||
|      * A selfservice link for our new runner. | ||||
|      */ | ||||
|     @IsOptional() | ||||
|     @IsString() | ||||
|     selfserviceLink: string; | ||||
|  | ||||
|     /** | ||||
|      * Creates a ResponseRunner object from a runner. | ||||
|      * @param runner The user the response shall be build for. | ||||
|      */ | ||||
|     public constructor(runner: Runner) { | ||||
|     public constructor(runner: Runner, generateSelfServiceLink: boolean = false) { | ||||
|         super(runner); | ||||
|         if (!runner.scans) { this.distance = 0 } | ||||
|         else { this.distance = runner.validScans.reduce((sum, current) => sum + current.distance, 0); } | ||||
|         if (runner.group) { this.group = runner.group.toResponse(); } | ||||
|  | ||||
|         if (generateSelfServiceLink) { | ||||
|             const token = JwtCreator.createSelfService(runner); | ||||
|             this.selfserviceLink = `${process.env.SELFSERVICE_URL}/profile/${token}`; | ||||
|         } | ||||
|     } | ||||
| } | ||||
|   | ||||
| @@ -16,6 +16,12 @@ export class ResponseStats implements IResponse { | ||||
|     */ | ||||
|     responseType: ResponseObjectType = ResponseObjectType.STATS; | ||||
|  | ||||
|     /** | ||||
|      * The amount of runners registered via selfservice. | ||||
|      */ | ||||
|     @IsInt() | ||||
|     runnersViaSelfservice: number; | ||||
|  | ||||
|     /** | ||||
|      * The amount of runners registered in the system. | ||||
|      */ | ||||
| @@ -84,14 +90,16 @@ export class ResponseStats implements IResponse { | ||||
|  | ||||
|     /** | ||||
|      * Creates a new stats response containing some basic statistics for a dashboard or public display. | ||||
|      * @param runners Array containing all runners - the following relations have to be resolved: scans, scans.track | ||||
|      * @param teams Array containing all teams - no relations have to be resolved. | ||||
|      * @param orgs Array containing all orgs - no relations have to be resolved. | ||||
|      * @param users Array containing all users - no relations have to be resolved. | ||||
|      * @param scans Array containing all scans - no relations have to be resolved. | ||||
|      * @param runnersViaSelfservice number of runners registered via selfservice | ||||
|      * @param runners number of runners | ||||
|      * @param teams number of teams - no relations have to be resolved. | ||||
|      * @param orgs number of orgs - no relations have to be resolved. | ||||
|      * @param users number of users - no relations have to be resolved. | ||||
|      * @param scans number of scans - no relations have to be resolved. | ||||
|      * @param donations Array containing all donations - the following relations have to be resolved: runner, runner.scans, runner.scans.track | ||||
|      */ | ||||
|     public constructor(runners: number, teams: number, orgs: number, users: number, scans: number, donations: Donation[], distance: number, donors: number) { | ||||
|     public constructor(runnersViaSelfservice: number, runners: number, teams: number, orgs: number, users: number, scans: number, donations: Donation[], distance: number, donors: number) { | ||||
|         this.runnersViaSelfservice = runnersViaSelfservice; | ||||
|         this.total_runners = runners; | ||||
|         this.total_teams = teams; | ||||
|         this.total_orgs = orgs; | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| import * as argon2 from "argon2"; | ||||
| import { hash } from '@node-rs/argon2'; | ||||
| import { Connection } from 'typeorm'; | ||||
| import { Factory, Seeder } from 'typeorm-seeding'; | ||||
| import * as uuid from 'uuid'; | ||||
| @@ -33,7 +33,7 @@ export default class SeedUsers implements Seeder { | ||||
|         initialUser.lastname = "demo"; | ||||
|         initialUser.username = "demo"; | ||||
|         initialUser.uuid = uuid.v4(); | ||||
|         initialUser.password = await argon2.hash("demo" + initialUser.uuid); | ||||
|         initialUser.password = await hash("demo" + initialUser.uuid); | ||||
|         initialUser.email = "demo@dev.lauf-fuer-kaya.de" | ||||
|         initialUser.groups = [group]; | ||||
|         return await connection.getRepository(User).save(initialUser); | ||||
|   | ||||
		Reference in New Issue
	
	Block a user