From ba1efe3a9ed9c4ca985af4a8cf93c967addf99f6 Mon Sep 17 00:00:00 2001 From: maxall4 Date: Mon, 21 Mar 2022 10:09:57 -1000 Subject: [PATCH] Fixed conflicts --- server/src/routes/auth.ts | 36 ++++++++++++++++++++++++++++++++++-- 1 file changed, 34 insertions(+), 2 deletions(-) diff --git a/server/src/routes/auth.ts b/server/src/routes/auth.ts index 6701d3c2..b5d6e812 100644 --- a/server/src/routes/auth.ts +++ b/server/src/routes/auth.ts @@ -8,12 +8,32 @@ import { celebrate, Joi } from "celebrate"; const NO_EMPTY_SPACE_REGEX = /^\S*$/; +export const requiresServerPassword = + (process.env.MEMORY_DB || process.env.ENV === "production") && + !!process.env.REGISTRATION_PASSWORD; +console.log(`Registration password required: ${requiresServerPassword}`); + export const auth = Router(); -const validateAuthPayload = (username: string, password: string): void => { +const validateAuthPayload = ( + username: string, + password: string, + serverPassword?: string +): void => { if (!NO_EMPTY_SPACE_REGEX.test(username) || password.length < 6) { throw new Error("Authentication data does not fulfill requirements"); } + + if (requiresServerPassword) { + if ( + !serverPassword || + process.env.REGISTRATION_PASSWORD !== serverPassword + ) { + throw new Error( + "Server password is incorrect. Please contact the server administrator." + ); + } + } }; auth.post( @@ -26,7 +46,11 @@ auth.post( }), async (req, res, next) => { try { - validateAuthPayload(req.body.username, req.body.password); + validateAuthPayload( + req.body.username, + req.body.password, + req.body.serverPassword + ); const username = req.body.username.toLowerCase(); @@ -89,6 +113,14 @@ auth.post( } ); +auth.get("/requires-passcode", async (req, res, next) => { + if (requiresServerPassword) { + res.status(200).json({ requiresPasscode: true }); + } else { + res.status(200).json({ requiresPasscode: false }); + } +}); + function generateAccessToken(id: string) { return sign({ id: id }, config.jwt_secret, { expiresIn: "2d" }); }