mirror of
https://github.com/spacebarchat/server.git
synced 2024-11-11 05:02:37 +01:00
🎨 added optional captcha to login route
This commit is contained in:
Flam3rboy
parent
5e9fb8a2a2
commit
bbeab4da65
@ -1,15 +1,15 @@
|
||||
{
|
||||
"login": {
|
||||
"INVALID_LOGIN": "Ungültige E-Mail oder Telefonnummer",
|
||||
"INVALID_PASSWORD": "Ungültiges Passwort"
|
||||
},
|
||||
"register": {
|
||||
"REGISTRATION_DISABLED": "Neue Nutzer können sich nicht mehr registrieren",
|
||||
"INVITE_ONLY": "Du musst eingeladen werden, um dich zu registrieren",
|
||||
"EMAIL_INVALID": "Ungültige E-Mail Adresse",
|
||||
"EMAIL_ALREADY_REGISTERED": "Es existiert bereits ein Account mit dieser E-Mail Adresse",
|
||||
"DATE_OF_BIRTH_UNDERAGE": "Du musst mindestens {{years}} Jahre alt sein",
|
||||
"CONSENT_REQUIRED": "Du musst den AGB's und Datenschutzbestimmungen zustimmen",
|
||||
"USERNAME_TOO_MANY_USERS": "Es haben bereits zu viele Nutzer den gleichen Nutzernamen"
|
||||
}
|
||||
}
|
||||
"login": {
|
||||
"INVALID_LOGIN": "E-Mail oder Telefonnummer nicht gefunden",
|
||||
"INVALID_PASSWORD": "Ungültiges Passwort"
|
||||
},
|
||||
"register": {
|
||||
"REGISTRATION_DISABLED": "Neue Nutzer können sich nicht mehr registrieren",
|
||||
"INVITE_ONLY": "Du musst eingeladen werden, um dich zu registrieren",
|
||||
"EMAIL_INVALID": "Ungültige E-Mail Adresse",
|
||||
"EMAIL_ALREADY_REGISTERED": "Es existiert bereits ein Account mit dieser E-Mail Adresse",
|
||||
"DATE_OF_BIRTH_UNDERAGE": "Du musst mindestens {{years}} Jahre alt sein",
|
||||
"CONSENT_REQUIRED": "Du musst den AGB's und Datenschutzbestimmungen zustimmen",
|
||||
"USERNAME_TOO_MANY_USERS": "Es haben bereits zu viele Nutzer den gleichen Nutzernamen"
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,15 +1,15 @@
|
||||
{
|
||||
"login": {
|
||||
"INVALID_LOGIN": "Invalid E-Mail or Phone",
|
||||
"INVALID_PASSWORD": "Invalid Password"
|
||||
},
|
||||
"register": {
|
||||
"REGISTRATION_DISABLED": "New user registration is disabled",
|
||||
"INVITE_ONLY": "You must be invited to register",
|
||||
"EMAIL_INVALID": "Invalid Email",
|
||||
"EMAIL_ALREADY_REGISTERED": "Email is already registered",
|
||||
"DATE_OF_BIRTH_UNDERAGE": "You need to be {{years}} years or older",
|
||||
"CONSENT_REQUIRED": "You must agree to Terms of Service and Privacy Policy.",
|
||||
"USERNAME_TOO_MANY_USERS": "Too many users have this username, please try another"
|
||||
}
|
||||
}
|
||||
"login": {
|
||||
"INVALID_LOGIN": "E-Mail or Phone not found",
|
||||
"INVALID_PASSWORD": "Invalid Password"
|
||||
},
|
||||
"register": {
|
||||
"REGISTRATION_DISABLED": "New user registration is disabled",
|
||||
"INVITE_ONLY": "You must be invited to register",
|
||||
"EMAIL_INVALID": "Invalid Email",
|
||||
"EMAIL_ALREADY_REGISTERED": "Email is already registered",
|
||||
"DATE_OF_BIRTH_UNDERAGE": "You need to be {{years}} years or older",
|
||||
"CONSENT_REQUIRED": "You must agree to Terms of Service and Privacy Policy.",
|
||||
"USERNAME_TOO_MANY_USERS": "Too many users have this username, please try another"
|
||||
}
|
||||
}
|
||||
|
||||
@ -2,7 +2,7 @@ import "missing-native-js-functions";
|
||||
import fs from "fs/promises";
|
||||
import { Connection } from "mongoose";
|
||||
import { Server, ServerOptions } from "lambert-server";
|
||||
import { Authentication, GlobalRateLimit } from "./middlewares/";
|
||||
import { Authentication, CORS, GlobalRateLimit } from "./middlewares/";
|
||||
import Config from "./util/Config";
|
||||
import { db } from "@fosscord/server-util";
|
||||
import i18next from "i18next";
|
||||
@ -15,10 +15,9 @@ import fetch from "node-fetch";
|
||||
import mongoose from "mongoose";
|
||||
|
||||
// this will return the new updated document for findOneAndUpdate
|
||||
mongoose.set('returnOriginal', false); // https://mongoosejs.com/docs/api/model.html#model_Model.findOneAndUpdate
|
||||
mongoose.set("returnOriginal", false); // https://mongoosejs.com/docs/api/model.html#model_Model.findOneAndUpdate
|
||||
|
||||
|
||||
export interface FosscordServerOptions extends ServerOptions { }
|
||||
export interface FosscordServerOptions extends ServerOptions {}
|
||||
|
||||
declare global {
|
||||
namespace Express {
|
||||
@ -56,6 +55,7 @@ export class FosscordServer extends Server {
|
||||
|
||||
this.app.use(GlobalRateLimit);
|
||||
this.app.use(Authentication);
|
||||
this.app.use(CORS);
|
||||
this.app.use(BodyParser({ inflate: true }));
|
||||
const languages = await fs.readdir(__dirname + "/../locales/");
|
||||
const namespaces = await fs.readdir(__dirname + "/../locales/en/");
|
||||
|
||||
@ -5,7 +5,6 @@ export * from "./schema/Channel";
|
||||
export * from "./schema/Guild";
|
||||
export * from "./schema/Invite";
|
||||
export * from "./schema/Message";
|
||||
export * from "./util/Captcha";
|
||||
export * from "./util/Config";
|
||||
export * from "./util/Constants";
|
||||
export * from "./util/Event";
|
||||
|
||||
@ -4,4 +4,11 @@ import { NextFunction, Request, Response } from "express";
|
||||
|
||||
export function CORS(req: Request, res: Response, next: NextFunction) {
|
||||
res.set("Access-Control-Allow-Origin", "*");
|
||||
res.set(
|
||||
"Content-security-policy",
|
||||
"script-src 'https://hcaptcha.com, https://*.hcaptcha.com' frame-src 'https://hcaptcha.com, https://*.hcaptcha.com' style-src 'https://hcaptcha.com, https://*.hcaptcha.com' connect-src 'https://hcaptcha.com, https://*.hcaptcha.com'"
|
||||
);
|
||||
res.set("Access-Control-Allow-Headers", req.header("Access-Control-Request-Headers"));
|
||||
|
||||
next();
|
||||
}
|
||||
|
||||
@ -20,11 +20,26 @@ router.post(
|
||||
$gift_code_sku_id: String,
|
||||
}),
|
||||
async (req: Request, res: Response) => {
|
||||
const { login, password } = req.body;
|
||||
const { login, password, captcha_key } = req.body;
|
||||
const email = adjustEmail(login);
|
||||
const query: any[] = [{ phone: login }];
|
||||
if (email) query.push({ email });
|
||||
|
||||
const config = Config.get();
|
||||
|
||||
if (config.login.requireCaptcha && config.security.captcha.enabled) {
|
||||
if (!captcha_key) {
|
||||
const { sitekey, service } = config.security.captcha;
|
||||
return res.status(400).json({
|
||||
captcha_key: ["captcha-required"],
|
||||
captcha_sitekey: sitekey,
|
||||
captcha_service: service,
|
||||
});
|
||||
}
|
||||
|
||||
// TODO: check captcha
|
||||
}
|
||||
|
||||
const user = await UserModel.findOne({ $or: query }, `user_data.hash id user_settings.locale user_settings.theme`).exec();
|
||||
|
||||
if (!user) {
|
||||
|
||||
@ -1 +0,0 @@
|
||||
export {};
|
||||
@ -1,6 +1,5 @@
|
||||
import { Config, Snowflake } from "@fosscord/server-util";
|
||||
import crypto from "crypto";
|
||||
import fs from "fs";
|
||||
|
||||
export default {
|
||||
init() {
|
||||
@ -75,10 +74,14 @@ export interface DefaultOptions {
|
||||
forwadedFor: string | null;
|
||||
captcha: {
|
||||
enabled: boolean;
|
||||
service: "recaptcha" | null; // TODO: hcaptcha, custom
|
||||
service: "recaptcha" | "hcaptcha" | null; // TODO: hcaptcha, custom
|
||||
sitekey: string | null;
|
||||
secret: string | null;
|
||||
};
|
||||
};
|
||||
login: {
|
||||
requireCaptcha: boolean;
|
||||
};
|
||||
register: {
|
||||
email: {
|
||||
required: boolean;
|
||||
@ -155,8 +158,12 @@ export const DefaultOptions: DefaultOptions = {
|
||||
enabled: false,
|
||||
service: null,
|
||||
sitekey: null,
|
||||
secret: null,
|
||||
},
|
||||
},
|
||||
login: {
|
||||
requireCaptcha: false,
|
||||
},
|
||||
register: {
|
||||
email: {
|
||||
required: true,
|
||||
|
||||
Loading…
Reference in New Issue
Block a user