diff options
Diffstat (limited to 'app/auth.js')
-rw-r--r-- | app/auth.js | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/app/auth.js b/app/auth.js index 7859a24..8a55857 100644 --- a/app/auth.js +++ b/app/auth.js @@ -1,5 +1,5 @@ -import {readFile as rf, writeFile as wf} from "node:fs/promises"; -import {readFileSync, rename} from "node:fs"; +import {readFile as rf, writeFile as wf, rename} from "node:fs/promises"; +import {readFileSync} from "node:fs"; import {randomBytes} from "node:crypto"; import argon2 from "argon2"; @@ -37,10 +37,10 @@ function debounce(fn, interval=100) { function loadJSONSync(path) { const obj = {}; try { - Object.assign(obj, JSON.parse(readFileSync(path))); + Object.assign(obj, JSON.parse(readFileSync(path, "utf8"))); } catch(e) { console.log(Date.now()+` Error loading ${path}, creating fallback empty set`); - rename(path, path+".bad."+Date.now(), err => {}); + rename(path, path+".bad."+Date.now()).catch(() => {}); // TODO make synchronous? } return obj; } @@ -175,7 +175,7 @@ async function login(req, res, match, data) { if (!uid) return sendError(res); // User doesn't exist let user; - try { user = JSON.parse(await rf(`private/${uid}.json`)); + try { user = JSON.parse(await rf(`private/${uid}.json`, "utf8")); } catch (e) { return err500(res); } // Can't load user data checkReferer(req); @@ -235,7 +235,7 @@ function changePassword(req, res, match, data) { if (!uid) return token? err401(res) : sendError(req); let user; - try { user = JSON.parse(await rf(`private/${uid}.json`)); + try { user = JSON.parse(await rf(`private/${uid}.json`, "utf8")); } catch (e) { return err500(res); } checkReferer(req); @@ -261,7 +261,7 @@ function changePassword(req, res, match, data) { await wf(`private/${uid}.json`, JSON.stringify(user)); if (!res.getHeader("Set-Cookie")) { // Might have been renewed by authed() - if (token) renewToken(res, token, fingerprint, 0); + if (token) renewToken(res, token, collectFingerprint(req), 0); else setTokenCookie(res, createToken(uid, Object.assign(collectFingerprint(req), { sessionID: newSessionID(), @@ -286,7 +286,7 @@ async function changeUsernameReq(req, res, match, data) { const sendError = res => { rateLimitIP(req, 2, 8); sj(res, error); }; let user; - try { user = JSON.parse(await rf(`private/${req.uid}.json`)); + try { user = JSON.parse(await rf(`private/${req.uid}.json`, "utf8")); } catch (e) { return err500(res); } const pass = user.password; |