Added logic to keep banned users out of site

2024-11-29 09:00:47 -05:00 · 2024-11-29 09:00:47 -05:00 · 26df91262f
parent c848994c1d
commit 26df91262f
4 changed files with 28 additions and 6 deletions
--- a/src/schemas/userBanSchema.js
+++ b/src/schemas/userBanSchema.js
@ -159,4 +159,14 @@ userBanSchema.statics.getBans = async function(){
    return bans;
 }
 //methods
 userBanSchema.methods.getDaysUntilExpiration = function(){
        //Get ban date
        const expirationDate = new Date(this.banDate);
        //Get expiration days and calculate expiration date
        expirationDate.setDate(expirationDate.getDate() + this.expirationDays);
        //Calculate and return days until ban expiration
        return ((expirationDate - new Date()) / (1000 * 60 * 60 * 24)).toFixed(1);
 }
 module.exports = mongoose.model("userBan", userBanSchema);
--- a/src/utils/sessionUtils.js
+++ b/src/utils/sessionUtils.js
@ -15,14 +15,24 @@ You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see <https://www.gnu.org/licenses/>.*/
 //local imports
-const {userModel} = require('../schemas/userSchema.js');
+const {userModel} = require('../schemas/userSchema');
 const userBanModel = require('../schemas/userBanSchema')
 //this module is good for keeping wrappers for userModel and other shit in that does more session handling than database access/modification.
 module.exports.authenticateSession = async function(user, pass, req){
    //Authenticate the session
-    userDB = await userModel.authenticate(user, pass);
+    const userDB = await userModel.authenticate(user, pass);
    const banDB = await userBanModel.checkBanByUserDoc(userDB);
    if(banDB){
        if(banDB.permanent){
            throw new Error(`Your account has been banned, and will be permanently deleted in: ${banDB.getDaysUntilExpiration()} day(s)`);
        }else{
            throw new Error(`Your account has been temporarily banned, and will be reinstated in: ${banDB.getDaysUntilExpiration()} day(s)`);
        }
    }
    //Tattoo the session with user and metadata
    //unfortunately store.all() does not return sessions w/ their ID so we had to improvise...
--- a/www/js/adminPanel.js
+++ b/www/js/adminPanel.js
@ -317,7 +317,7 @@ class adminUserBanList{
            entryRow.appendChild(newCell(ban.user.user));
            entryRow.appendChild(newCell(new Date(ban.user.date).toDateString()));
            entryRow.appendChild(newCell(new Date(ban.banDate).toDateString()));
-            entryRow.appendChild(newCell(`${expirationDate.toDateString()} (${expirationDays} days left)`));
+            entryRow.appendChild(newCell(`${expirationDate.toDateString()} (${expirationDays} day(s) left)`));
            entryRow.appendChild(newCell(ban.permanent ? "Account Deletion" : "Un-Ban"));
            entryRow.appendChild(newCell([unbanIcon, nukeAccount]));
--- a/www/js/utils.js
+++ b/www/js/utils.js
@ -28,7 +28,7 @@ class canopyUXUtils{
    displayResponseError(body){
        const errors = body.errors;
        errors.forEach((err)=>{
-            window.alert(`ERROR: ${err.msg} \nTYPE: ${err.type} \nDATE: ${err.date}`);
+            new canopyUXUtils.popup(`<h3>Server Error:</h3><p><br>Message: ${err.msg}`);
        });
    }
@ -73,9 +73,11 @@ class canopyUXUtils{
            //display popup nodes
            this.displayPopup();
            if(this.cb){
                //Callbacks are kinda out of vogue, but there really isn't a good way to handle asynchronously constructed objects/classes
                this.cb();
            }
        }
        displayPopup(){
            document.body.prepend(this.popupDiv);