summaryrefslogtreecommitdiff
path: root/app/auth.js
diff options
context:
space:
mode:
Diffstat (limited to 'app/auth.js')
-rw-r--r--app/auth.js24
1 files changed, 12 insertions, 12 deletions
diff --git a/app/auth.js b/app/auth.js
index 7859a24..4d5c1cb 100644
--- a/app/auth.js
+++ b/app/auth.js
@@ -1,5 +1,5 @@
-import {readFile as rf, writeFile as wf} from "node:fs/promises";
-import {readFileSync, rename} from "node:fs";
+import {readFile as rf, writeFile as wf, rename} from "node:fs/promises";
+import {readFileSync} from "node:fs";
import {randomBytes} from "node:crypto";
import argon2 from "argon2";
@@ -37,10 +37,10 @@ function debounce(fn, interval=100) {
function loadJSONSync(path) {
const obj = {};
try {
- Object.assign(obj, JSON.parse(readFileSync(path)));
+ Object.assign(obj, JSON.parse(readFileSync(path, "utf8")));
} catch(e) {
console.log(Date.now()+` Error loading ${path}, creating fallback empty set`);
- rename(path, path+".bad."+Date.now(), err => {});
+ rename(path, path+".bad."+Date.now()).catch(() => {}); // TODO make synchronous?
}
return obj;
}
@@ -165,7 +165,7 @@ const checkReferer = req => {
if (req.headers["referer"] && !req.headers["referer"].includes(DOMAIN))
console.log(Date.now()+" [WARN] Unexpected HTTP Referer: "+req.headers["referer"]); };
-async function login(req, res, match, data) {
+async function signIn(req, res, match, data) {
const currentToken = parseCookies(req)?.token;
if (currentToken || !data.username || !data.password) return err400(res);
const error = {success:false, msg:"Bad username or password"};
@@ -175,7 +175,7 @@ async function login(req, res, match, data) {
if (!uid) return sendError(res); // User doesn't exist
let user;
- try { user = JSON.parse(await rf(`private/${uid}.json`));
+ try { user = JSON.parse(await rf(`private/${uid}.json`, "utf8"));
} catch (e) { return err500(res); } // Can't load user data
checkReferer(req);
@@ -206,7 +206,7 @@ async function login(req, res, match, data) {
} else return err500(res);
}
-function logout(req, res) {
+function signOut(req, res) {
const token = parseCookies(req)?.token;
const tokenData = getToken(token);
if (tokenData) {
@@ -235,7 +235,7 @@ function changePassword(req, res, match, data) {
if (!uid) return token? err401(res) : sendError(req);
let user;
- try { user = JSON.parse(await rf(`private/${uid}.json`));
+ try { user = JSON.parse(await rf(`private/${uid}.json`, "utf8"));
} catch (e) { return err500(res); }
checkReferer(req);
@@ -261,7 +261,7 @@ function changePassword(req, res, match, data) {
await wf(`private/${uid}.json`, JSON.stringify(user));
if (!res.getHeader("Set-Cookie")) { // Might have been renewed by authed()
- if (token) renewToken(res, token, fingerprint, 0);
+ if (token) renewToken(res, token, collectFingerprint(req), 0);
else setTokenCookie(res, createToken(uid,
Object.assign(collectFingerprint(req), {
sessionID: newSessionID(),
@@ -286,7 +286,7 @@ async function changeUsernameReq(req, res, match, data) {
const sendError = res => { rateLimitIP(req, 2, 8); sj(res, error); };
let user;
- try { user = JSON.parse(await rf(`private/${req.uid}.json`));
+ try { user = JSON.parse(await rf(`private/${req.uid}.json`, "utf8"));
} catch (e) { return err500(res); }
const pass = user.password;
@@ -419,8 +419,8 @@ export function authed(fn) { return rateLimit((req, res, ...rest) => {
}); }
export const attach = (app) => { // TODO make endpoints RESTier?
- app.jpost("/login", rateLimit(login)); // {username, password[, keepSession]} -> {success[, msg][, mustChangePassword]}
- app.post("/logout", rateLimit(logout));
+ app.jpost("/sign-in", rateLimit(signIn)); // {username, password[, keepSession]} -> {success[, msg][, mustChangePassword]}
+ app.post("/sign-out", rateLimit(signOut));
app.jpost("/change-password", rateLimit(changePassword)); // {password, newPassword[, username[, keepSession]]} -> {success[, msg]}
app.jpost("/change-username", authed(changeUsernameReq)); // {newUsername, password} -> {success[, msg]}
app.get("/session-list", authed(sessionList)); // -> {active:[{id:<sessionID>, ...}, ...], recent:[...]}