rainbownapkin/canopy
1
0
Fork 0
Code Issues 2 Pull requests Actions Packages Projects Releases Wiki Activity

Updated login API to throw 301 when an un-migrated user attempts to login.

Browse source
This commit is contained in:
rainbow napkin 2025-10-16 06:55:36 -04:00
parent 66ec2fabc5
commit 6ae652b47c
2 changed files with 25 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
src/controllers/api/account/loginController.js
View file

@ -21,10 +21,10 @@ const config = require('../../../../config.json');
const {validationResult, matchedData} = require('express-validator'); const {validationResult, matchedData} = require('express-validator');
//local imports //local imports
const migrationModel = require('../../../schemas/user/migrationSchema.js');
const sessionUtils = require('../../../utils/sessionUtils'); const sessionUtils = require('../../../utils/sessionUtils');
const hashUtils = require('../../../utils/hashUtils.js');
const {exceptionHandler, errorHandler} = require('../../../utils/loggerUtils'); const {exceptionHandler, errorHandler} = require('../../../utils/loggerUtils');
const altchaUtils = require('../../../utils/altchaUtils');
const session = require('express-session');
//api account functions //api account functions
module.exports.post = async function(req, res){ module.exports.post = async function(req, res){
@ -51,20 +51,35 @@ module.exports.post = async function(req, res){
//if we don't have errors //if we don't have errors
if(validResult.isEmpty()){ if(validResult.isEmpty()){
//Get login attempts for current user //Get login attempts for current user
const {user} = matchedData(req); const {user, pass} = matchedData(req);
const attempts = sessionUtils.getLoginAttempts(user)
//if we've gone over max attempts and //Look for the username in the migration DB
if(attempts.count > sessionUtils.throttleAttempts){ const migrationDB = await migrationModel.findOne({user});
//tell client it needs a captcha
return res.sendStatus(429); //If this isn't a migration
if(migrationDB == null){
//Get login attempts
const attempts = sessionUtils.getLoginAttempts(user)
//if we've gone over max attempts
if(attempts.count > sessionUtils.throttleAttempts){
//tell client it needs a captcha
return res.sendStatus(429);
}
//otherwise
}else{
//If the user has a good password
if(hashUtils.compareLegacyPassword(pass, migrationDB.pass)){
//Redirect to migrate
return res.sendStatus(301);
}
} }
}else{ }else{
res.status(400); res.status(400);
return res.send({errors: validResult.array()}) return res.send({errors: validResult.array()})
} }
// //Scream about any un-caught errors
return exceptionHandler(res, err); return exceptionHandler(res, err);
} }

2
src/utils/sessionUtils.js
View file

@ -17,7 +17,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.*/
//Local Imports //Local Imports
const config = require('../../config.json'); const config = require('../../config.json');
const {userModel} = require('../schemas/user/userSchema.js'); const {userModel} = require('../schemas/user/userSchema.js');
const userBanModel = require('../schemas/user/userBanSchema.js') const userBanModel = require('../schemas/user/userBanSchema.js');
const altchaUtils = require('../utils/altchaUtils.js'); const altchaUtils = require('../utils/altchaUtils.js');
const loggerUtils = require('../utils/loggerUtils.js'); const loggerUtils = require('../utils/loggerUtils.js');