added disable route & check if user is disabled

2024-11-11 05:02:37 +01:00 · 2021-08-10 20:55:47 +02:00 · 2021-08-10 20:55:47 +02:00 · d5a9e2c378
commit d5a9e2c378
parent b4e973c3ca
3 changed files with 29 additions and 10 deletions
--- a/locales/en/auth.json
+++ b/locales/en/auth.json
@ -1,7 +1,8 @@
 {
 	"login": {
 		"INVALID_LOGIN": "E-Mail or Phone not found",
-		"INVALID_PASSWORD": "Invalid Password"
+		"INVALID_PASSWORD": "Invalid Password",
+		"ACCOUNT_DISABLED": "This account is disabled"
 	},
 	"register": {
 		"REGISTRATION_DISABLED": "New user registration is disabled",
--- a/src/routes/auth/login.ts
+++ b/src/routes/auth/login.ts
@ -9,7 +9,8 @@ import RateLimit from "../../middlewares/RateLimit";
 const router: Router = Router();
 export default router;

-// TODO: check if user is deleted/restricted
+// TODO: check if user is deleted --> prohibit login
+
 router.post(
 	"/",
 	RateLimit({ count: 5, window: 60, onylIp: true }),
@ -22,7 +23,7 @@ router.post(
 		$gift_code_sku_id: String
 	}),
 	async (req: Request, res: Response) => {
-		const { login, password, captcha_key } = req.body;
+		const { login, password, captcha_key, undelete } = req.body;
 		const email = adjustEmail(login);
 		const query: any[] = [{ phone: login }];
 		if (email) query.push({ email });
@ -62,6 +63,13 @@ router.post(
 				throw FieldErrors({ login: { message: req.t("auth:login.INVALID_LOGIN"), code: "INVALID_LOGIN" } });
 			});

+		if (user.disabled && undelete) {
+			// undelete refers to un'disable' here
+			await UserModel.updateOne({ id: req.user_id }, { disabled: false }).exec();
+		} else if (user.disabled) {
+			return res.status(400).json({ message: req.t("auth:login.ACCOUNT_DISABLED"), code: 20013 });
+		}
+
 		// the salt is saved in the password refer to bcrypt docs
 		const same_password = await bcrypt.compare(password, user.user_data.hash || "");
 		if (!same_password) {
@ -100,14 +108,14 @@ export async function generateToken(id: string) {
 /**
 * POST /auth/login
 * @argument { login: "email@gmail.com", password: "cleartextpassword", undelete: false, captcha_key: null, login_source: null, gift_code_sku_id: null, }
- 
+
 * MFA required:
 * @returns {"token": null, "mfa": true, "sms": true, "ticket": "SOME TICKET JWT TOKEN"}
- 
+
 * Captcha required:
 * @returns {"captcha_key": ["captcha-required"], "captcha_sitekey": null, "captcha_service": "recaptcha"}
- 
+
 * Sucess:
 * @returns {"token": "USERTOKEN", "user_settings": {"locale": "en", "theme": "dark"}}
- 
+
 */
--- a/src/routes/users/@me/disable.ts
+++ b/src/routes/users/@me/disable.ts
@ -1,10 +1,20 @@
+import { UserModel } from "@fosscord/server-util";
 import { Router, Response, Request } from "express";
+import bcrypt from "bcrypt";

 const router = Router();

-router.post("/", (req: Request, res: Response) => {
-	// TODO:
-	res.sendStatus(204);
+router.post("/", async (req: Request, res: Response) => {
+	const user = await UserModel.findOne({ id: req.user_id }).exec(); //User object
+
+	let correctpass = await bcrypt.compare(req.body.password, user!.user_data.hash); //Not sure if user typed right password :/
+	if (correctpass) {
+		await UserModel.updateOne({ id: req.user_id }, { disabled: true }).exec();
+
+		res.sendStatus(204);
+	} else {
+		res.status(400).json({ message: "Password does not match", code: 50018 });
+	}
 });

 export default router;