71 lines
No EOL
3.1 KiB
JavaScript
71 lines
No EOL
3.1 KiB
JavaScript
/*Canopy - The next generation of stoner streaming software
|
|
Copyright (C) 2024-2025 Rainbownapkin and the TTN Community
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU Affero General Public License as
|
|
published by the Free Software Foundation, either version 3 of the
|
|
License, or (at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU Affero General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Affero General Public License
|
|
along with this program. If not, see <https://www.gnu.org/licenses/>.*/
|
|
|
|
//Config
|
|
const config = require('../../config.json');
|
|
|
|
//NPM Imports
|
|
const {validationResult, matchedData} = require('express-validator');
|
|
|
|
//Local Imports
|
|
const sessionUtils = require('../utils/sessionUtils');
|
|
const altchaUtils = require('../utils/altchaUtils');
|
|
const csrfUtils = require('../utils/csrfUtils');
|
|
|
|
//register page functions
|
|
module.exports.get = async function(req, res){
|
|
//Check for validation errors
|
|
const validResult = validationResult(req);
|
|
|
|
//If this request is coming from someone who's already logged in
|
|
if(req.session.user != null){
|
|
//Redirect them to the homepage
|
|
return res.redirect('/');
|
|
}
|
|
|
|
//If there are none
|
|
if(validResult.isEmpty()){
|
|
//Get username from sanatized/validated data
|
|
const {user} = matchedData(req);
|
|
const attempts = sessionUtils.getLoginAttempts(user);
|
|
|
|
//if we have previous attempts for this user
|
|
if(attempts != null){
|
|
if(attempts.count > sessionUtils.maxAttempts){
|
|
return res.render('lockedAccount', {instance: config.instanceName, links: config.links, user: req.session.user, csrfToken: csrfUtils.generateToken(req)});
|
|
}
|
|
|
|
//If the users login's are being throttled
|
|
if(attempts.count > sessionUtils.throttleAttempts){
|
|
//Get diffuculty based on amount of attempts past the max amount
|
|
const difficulty = attempts.count - sessionUtils.throttleAttempts;
|
|
//Generate challenge unique to specific user, with difficulty set based on failed login attempts
|
|
const challenge = await altchaUtils.genCaptcha(difficulty, user);
|
|
|
|
//Render page
|
|
return res.render('login', {instance: config.instanceName, links: config.links, user: req.session.user, challenge, csrfToken: csrfUtils.generateToken(req)});
|
|
}
|
|
//otherwise
|
|
}else{
|
|
//Render generic page
|
|
return res.render('login', {instance: config.instanceName, links: config.links, user: req.session.user, challenge: null, csrfToken: csrfUtils.generateToken(req)});
|
|
}
|
|
//if we received invalid input
|
|
}else{
|
|
//Render pretend nothing happened, send out a generic page
|
|
return res.render('login', {instance: config.instanceName, links: config.links, user: req.session.user, challenge: null, csrfToken: csrfUtils.generateToken(req)});
|
|
}
|
|
} |