Added logic to keep banned users out of site
This commit is contained in:
parent
c848994c1d
commit
26df91262f
|
|
@ -159,4 +159,14 @@ userBanSchema.statics.getBans = async function(){
|
|||
return bans;
|
||||
}
|
||||
|
||||
//methods
|
||||
userBanSchema.methods.getDaysUntilExpiration = function(){
|
||||
//Get ban date
|
||||
const expirationDate = new Date(this.banDate);
|
||||
//Get expiration days and calculate expiration date
|
||||
expirationDate.setDate(expirationDate.getDate() + this.expirationDays);
|
||||
//Calculate and return days until ban expiration
|
||||
return ((expirationDate - new Date()) / (1000 * 60 * 60 * 24)).toFixed(1);
|
||||
}
|
||||
|
||||
module.exports = mongoose.model("userBan", userBanSchema);
|
||||
|
|
@ -15,14 +15,24 @@ You should have received a copy of the GNU Affero General Public License
|
|||
along with this program. If not, see <https://www.gnu.org/licenses/>.*/
|
||||
|
||||
//local imports
|
||||
const {userModel} = require('../schemas/userSchema.js');
|
||||
const {userModel} = require('../schemas/userSchema');
|
||||
const userBanModel = require('../schemas/userBanSchema')
|
||||
|
||||
//this module is good for keeping wrappers for userModel and other shit in that does more session handling than database access/modification.
|
||||
|
||||
module.exports.authenticateSession = async function(user, pass, req){
|
||||
|
||||
//Authenticate the session
|
||||
userDB = await userModel.authenticate(user, pass);
|
||||
const userDB = await userModel.authenticate(user, pass);
|
||||
const banDB = await userBanModel.checkBanByUserDoc(userDB);
|
||||
|
||||
if(banDB){
|
||||
if(banDB.permanent){
|
||||
throw new Error(`Your account has been banned, and will be permanently deleted in: ${banDB.getDaysUntilExpiration()} day(s)`);
|
||||
}else{
|
||||
throw new Error(`Your account has been temporarily banned, and will be reinstated in: ${banDB.getDaysUntilExpiration()} day(s)`);
|
||||
}
|
||||
}
|
||||
|
||||
//Tattoo the session with user and metadata
|
||||
//unfortunately store.all() does not return sessions w/ their ID so we had to improvise...
|
||||
|
|
|
|||
|
|
@ -317,7 +317,7 @@ class adminUserBanList{
|
|||
entryRow.appendChild(newCell(ban.user.user));
|
||||
entryRow.appendChild(newCell(new Date(ban.user.date).toDateString()));
|
||||
entryRow.appendChild(newCell(new Date(ban.banDate).toDateString()));
|
||||
entryRow.appendChild(newCell(`${expirationDate.toDateString()} (${expirationDays} days left)`));
|
||||
entryRow.appendChild(newCell(`${expirationDate.toDateString()} (${expirationDays} day(s) left)`));
|
||||
entryRow.appendChild(newCell(ban.permanent ? "Account Deletion" : "Un-Ban"));
|
||||
entryRow.appendChild(newCell([unbanIcon, nukeAccount]));
|
||||
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ class canopyUXUtils{
|
|||
displayResponseError(body){
|
||||
const errors = body.errors;
|
||||
errors.forEach((err)=>{
|
||||
window.alert(`ERROR: ${err.msg} \nTYPE: ${err.type} \nDATE: ${err.date}`);
|
||||
new canopyUXUtils.popup(`<h3>Server Error:</h3><p><br>Message: ${err.msg}`);
|
||||
});
|
||||
}
|
||||
|
||||
|
|
@ -73,9 +73,11 @@ class canopyUXUtils{
|
|||
//display popup nodes
|
||||
this.displayPopup();
|
||||
|
||||
if(this.cb){
|
||||
//Callbacks are kinda out of vogue, but there really isn't a good way to handle asynchronously constructed objects/classes
|
||||
this.cb();
|
||||
}
|
||||
}
|
||||
|
||||
displayPopup(){
|
||||
document.body.prepend(this.popupDiv);
|
||||
|
|
|
|||
Loading…
Reference in a new issue