Mirror/filesafe
1
0
Fork 0
mirror of https://github.com/BobbyWibowo/lolisafe.git synced 2024-12-13 16:06:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1382afd8c8
filesafe/controllers/tokenController.js
Bobby Wibowo 47dd512910
Removed custom ESLint curly rule 
Sigh, why did you do this, past me..?

Also fixed "Delete uploads by names".
2020-10-31 01:12:09 +07:00

103 lines
2.5 KiB
JavaScript
Raw Blame History

const randomstring = require('randomstring')
const perms = require('./permissionController')
const utils = require('./utilsController')
const config = require('./../config')
const logger = require('./../logger')
const db = require('knex')(config.database)
const self = {
tokenLength: 64,
tokenMaxTries: 3,
onHold: new Set()
}
self.generateUniqueToken = async () => {
for (let i = 0; i < self.tokenMaxTries; i++) {
const token = randomstring.generate(self.tokenLength)
if (self.onHold.has(token)) continue
// Put token on-hold (wait for it to be inserted to DB)
self.onHold.add(token)
const user = await db.table('users')
.where('token', token)
.select('id')
.first()
if (user) {
self.onHold.delete(token)
continue
}
return token
}
return null
}
self.verify = async (req, res, next) => {
const token = typeof req.body.token === 'string'
? req.body.token.trim()
: ''
if (!token) return res.json({ success: false, description: 'No token provided.' })
try {
const user = await db.table('users')
.where('token', token)
.select('username', 'permission')
.first()
if (!user) return res.json({ success: false, description: 'Invalid token.' })
const obj = {
success: true,
username: user.username,
permissions: perms.mapPermissions(user)
}
if (utils.clientVersion) obj.version = utils.clientVersion
return res.json(obj)
} catch (error) {
logger.error(error)
return res.status(500).json({ success: false, description: 'An unexpected error occurred. Try again?' })
}
}
self.list = async (req, res, next) => {
const user = await utils.authorize(req, res)
if (!user) return
return res.json({ success: true, token: user.token })
}
self.change = async (req, res, next) => {
const user = await utils.authorize(req, res)
if (!user) return
const newToken = await self.generateUniqueToken()
if (!newToken) {
return res.json({
success: false,
description: 'Sorry, we could not allocate a unique token. Try again?'
})
}
try {
await db.table('users')
.where('token', user.token)
.update({
token: newToken,
timestamp: Math.floor(Date.now() / 1000)
})
self.onHold.delete(newToken)
return res.json({
success: true,
token: newToken
})
} catch (error) {
logger.error(error)
return res.status(500).json({ success: false, description: 'An unexpected error occurred. Try again?' })
}
}
module.exports = self
Reference in New Issue View Git Blame Copy Permalink