This commit is contained in:
syuilo
3
src/api/common/generate-native-user-token.ts
Normal file
3
src/api/common/generate-native-user-token.ts
Normal file
@ -0,0 +1,3 @@
|
||||
import rndstr from 'rndstr';
|
||||
|
||||
export default () => `!${rndstr('a-zA-Z0-9', 32)}`;
|
||||
@ -159,6 +159,10 @@ const endpoints: Endpoint[] = [
|
||||
},
|
||||
kind: 'account-write'
|
||||
},
|
||||
{
|
||||
name: 'i/regenerate_token',
|
||||
withCredential: true
|
||||
},
|
||||
{
|
||||
name: 'i/appdata/get',
|
||||
withCredential: true
|
||||
|
||||
42
src/api/endpoints/i/regenerate_token.ts
Normal file
42
src/api/endpoints/i/regenerate_token.ts
Normal file
@ -0,0 +1,42 @@
|
||||
/**
|
||||
* Module dependencies
|
||||
*/
|
||||
import $ from 'cafy';
|
||||
import * as bcrypt from 'bcryptjs';
|
||||
import User from '../../models/user';
|
||||
import event from '../../event';
|
||||
import generateUserToken from '../../common/generate-native-user-token';
|
||||
|
||||
/**
|
||||
* Regenerate native token
|
||||
*
|
||||
* @param {any} params
|
||||
* @param {any} user
|
||||
* @return {Promise<any>}
|
||||
*/
|
||||
module.exports = async (params, user) => new Promise(async (res, rej) => {
|
||||
// Get 'password' parameter
|
||||
const [password, passwordErr] = $(params.password).string().$;
|
||||
if (passwordErr) return rej('invalid password param');
|
||||
|
||||
// Compare password
|
||||
const same = bcrypt.compareSync(password, user.password);
|
||||
|
||||
if (!same) {
|
||||
return rej('incorrect password');
|
||||
}
|
||||
|
||||
// Generate secret
|
||||
const secret = generateUserToken();
|
||||
|
||||
await User.update(user._id, {
|
||||
$set: {
|
||||
token: secret
|
||||
}
|
||||
});
|
||||
|
||||
res();
|
||||
|
||||
// Publish i updated event
|
||||
event(user._id, 'my_token_regenerated');
|
||||
});
|
||||
@ -1,10 +1,10 @@
|
||||
import * as express from 'express';
|
||||
import * as bcrypt from 'bcryptjs';
|
||||
import rndstr from 'rndstr';
|
||||
import recaptcha = require('recaptcha-promise');
|
||||
import User from '../models/user';
|
||||
import { validateUsername, validatePassword } from '../models/user';
|
||||
import serialize from '../serializers/user';
|
||||
import generateUserToken from '../common/generate-native-user-token';
|
||||
import config from '../../conf';
|
||||
|
||||
recaptcha.init({
|
||||
@ -58,7 +58,7 @@ export default async (req: express.Request, res: express.Response) => {
|
||||
const hash = bcrypt.hashSync(password, salt);
|
||||
|
||||
// Generate secret
|
||||
const secret = `!${rndstr('a-zA-Z0-9', 32)}`;
|
||||
const secret = generateUserToken();
|
||||
|
||||
// Create account
|
||||
const account = await User.insert({
|
||||
|
||||
Reference in New Issue
Block a user