Finished up with email password reset system.

2024-12-28 15:36:42 -05:00 · 2024-12-28 15:36:42 -05:00 · 478edeeddf
commit 478edeeddf
parent 3671b43789
13 changed files with 233 additions and 34 deletions
--- a/src/schemas/passwordResetSchema.js
+++ b/src/schemas/passwordResetSchema.js
@ -26,6 +26,9 @@ const crypto = require("node:crypto");
 //NPM Imports
 const {mongoose} = require('mongoose');

+//Local Imports
+const hashUtil = require('../utils/hashUtils');
+
 const daysToExpire = 7;

 const passwordResetSchema = new mongoose.Schema({
@ -40,19 +43,35 @@ const passwordResetSchema = new mongoose.Schema({
        //Use a cryptographically secure algorythm to create a random hex string from 16 bytes as our reset token
        default: ()=>{return crypto.randomBytes(16).toString('hex')}
    },
+    ipHash: {
+        type: mongoose.SchemaTypes.String,
+        required: true
+    },
    date: {
-
        type: mongoose.SchemaTypes.Date,
        required: true,
        default: new Date()
    }
 });

+
+//Presave function
+passwordResetSchema.pre('save', async function (next){
+    //If we're saving an ip
+    if(this.isModified('ipHash')){
+        //Hash that sunnuvabitch
+        this.ipHash = hashUtil.hashIP(this.ipHash);
+    }
+
+    next();
+});
+
 //statics
 passwordResetSchema.statics.processExpiredRequests = async function(){
    //Pull all requests from the DB
    const requestDB = await this.find({});

+    //Fire em all off at once without waiting for the last one to complete since we don't fuckin' need to
    requestDB.forEach(async (request) => {
        //If the request hasn't been processed and it's been expired
        if(request.getDaysUntilExpiration() <= 0){
@ -97,11 +116,11 @@ passwordResetSchema.methods.getResetURL = function(){
 }

 passwordResetSchema.methods.getDaysUntilExpiration = function(){
-        //Get ban date
+        //Get request date
        const expirationDate = new Date(this.date);
        //Get expiration days and calculate expiration date
        expirationDate.setDate(expirationDate.getDate() + daysToExpire);
-        //Calculate and return days until ban expiration
+        //Calculate and return days until request expiration
        return ((expirationDate - new Date()) / (1000 * 60 * 60 * 24)).toFixed(1);
 }

--- a/src/schemas/userSchema.js
+++ b/src/schemas/userSchema.js
@ -14,10 +14,6 @@ GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see <https://www.gnu.org/licenses/>.*/

-
-//Built-In Imports
-const crypto = require('node:crypto');
-
 //NPM Imports
 const {mongoose} = require('mongoose');

@ -515,14 +511,8 @@ userSchema.methods.deleteEmote = async function(name){
 }

 userSchema.methods.tattooIPRecord = async function(ip){
-    //Create hash
-    const hashObj = crypto.createHash('md5');
-
-    //add IP to the hash
-    hashObj.update(ip);
-
-    //Store the IP hash as a string
-    const ipHash = hashObj.digest('hex');
+    //Hash the users ip
+    const ipHash = hashUtil.hashIP(ip);
   
    //Look for a pre-existing entry for this ipHash
    const foundIndex = this.recentIPs.findIndex(checkHash);