Added alt-detection. Just need to set up pre-delete for userModel function to remove refrences to itself on alt accounts

2024-12-24 10:57:55 -05:00 · 2024-12-24 10:57:55 -05:00 · 980c84afff
commit 980c84afff
parent 6e785dc211
14 changed files with 346 additions and 12 deletions
--- a/src/schemas/userSchema.js
+++ b/src/schemas/userSchema.js
@ -31,6 +31,7 @@ const permissionModel = require('./permissionSchema');
 const emoteModel = require('./emoteSchema');
 //Utils
 const hashUtil = require('../utils/hashUtils');
+const { profile } = require('console');


 const userSchema = new mongoose.Schema({
@ -135,6 +136,10 @@ const userSchema = new mongoose.Schema({
            required: true,
            default: new Date()
        }
+    }],
+    alts:[{
+        type: mongoose.SchemaTypes.ObjectID,
+        ref: "user"
    }]
 });

@ -183,18 +188,33 @@ userSchema.pre('save', async function (next){
 });

 //statics
-userSchema.statics.register = async function(userObj){
+userSchema.statics.register = async function(userObj, ip){
+    //Pull values from user object
    const {user, pass, passConfirm, email} = userObj;

+    //Check password confirmation matches
    if(pass == passConfirm){
-        const userDB = await this.findOne({$or: email ? [{user}, {email}] : [{user}]});
+        //Look for a user (case insensitive)
+        var userDB = await this.findOne({user: new RegExp(user, 'i')});
+
+        //If we didn't find a user and we submitted an email
+        if(userDB == null && email != null){
+            //Check to make sure no one's used this email address
+            userDB = await this.findOne({email});
+        }

        //If the user is found or someones trying to impersonate tokeboi
        if(userDB || user.toLowerCase() == "tokebot"){
            throw new Error("User name/email already taken!");
        }else{
+            //Increment the user count, pulling the id to tattoo to the user
            const id = await statModel.incrementUserCount();
+
+            //Create user document in the database
            const newUser = await this.create({id, user, pass, email});
+
+            //Tattoo the hashed IP used to register to the new user
+            await newUser.tattooIPRecord(ip);
        }
    }else{
        throw new Error("Confirmation password doesn't match!");
@ -397,6 +417,23 @@ userSchema.methods.getProfile = function(){
    return profile;
 }

+userSchema.methods.getAltProfiles = async function(){
+    //Create an empty list to hold alt profiles
+    const profileList = [];
+
+    //populate the users alt list
+    await this.populate('alts');
+
+    //For every alt for the current user
+    for(let alt of this.alts){
+        //get the alts profile and push it to the profile list
+        profileList.push(alt.getProfile());
+    }
+
+    //return our generated profile list
+    return profileList;
+}
+
 userSchema.methods.setFlair = async function(flair){
    //Find flair by name
    const flairDB = await flairModel.findOne({name: flair});
@ -471,6 +508,10 @@ userSchema.methods.tattooIPRecord = async function(ip){

    //If there is no entry
    if(foundIndex == -1){
+        //Pull the entire userlist
+        //TODO: update query to only pull users with recentIPs, so we aren't looping through inactive users
+        const users = await this.model().find({});
+
        //create record object
        const record = {
            ipHash: ipHash,
@ -478,6 +519,35 @@ userSchema.methods.tattooIPRecord = async function(ip){
            lastLog: new Date()
        };

+        //We should really start using for loops and stop acting like its 2008
+        //Though to be quite honest this bit would be particularly brutal without them
+        //For every user in the userlist
+        for(let curUser of users){
+            //Ensure we're not checking the user against itself
+            if(curUser._id != this._id){
+                //For every IP record in the current user
+                for(let curRecord of curUser.recentIPs){
+                    //If it matches the current ipHash
+                    if(curRecord.ipHash == ipHash){
+                        //Check if we've already marked the user as an alt
+                        const foundAlt = this.alts.indexOf(curUser._id);
+
+                        //If these accounts aren't already marked as alts
+                        if(foundAlt == -1){
+                            //Add found user to this users alt list
+                            this.alts.push(curUser._id);
+
+                            //add this user to found users alt list
+                            curUser.alts.push(this._id);
+
+                            //Save changes to the found user, this user will save at the end of the function
+                            await curUser.save();
+                        }
+                    }
+                }
+            }
+        }
+
        //Pop it into place
        this.recentIPs.push(record);