jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Move ghosts into settings table

Browse Source
This commit is contained in:
Johannes Zellner
2021-09-20 13:05:42 +02:00
parent f66af19458
commit c6c62de68a
2 changed files with 43 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
src/users.js
View File

@@ -254,21 +254,22 @@ async function setGhost(user, password, expiresAt) {
debug(`setGhost: ${user.username} expiresAt ${expiresAt}`);
let ghostData = safe.JSON.parse(safe.fs.readFileSync(paths.GHOST_USER_FILE, 'utf8'));
if (!ghostData) ghostData = {};
const [errorGet, ghostData] = await safe(settings.getGhosts());
if (errorGet) throw errorGet;
ghostData[user.username] = { password, expiresAt };
if (!safe.fs.writeFileSync(paths.GHOST_USER_FILE, JSON.stringify(ghostData, null, 4), 'utf8')) throw new BoxError(BoxError.FS_ERROR);
const [errorSet] = await safe(settings.setGhosts(ghostData));
if (errorSet) throw errorSet;
}
// returns true if ghost user was matched
function verifyGhost(username, password) {
async function verifyGhost(username, password) {
assert.strictEqual(typeof username, 'string');
assert.strictEqual(typeof password, 'string');
var ghostData = safe.JSON.parse(safe.fs.readFileSync(paths.GHOST_USER_FILE, 'utf8'));
if (!ghostData) return false;
const [error, ghostData] = await safe(settings.getGhosts());
if (error) throw error;
// either the username is an object with { password, expiresAt } or a string with the password which will expire on first match
if (username in ghostData) {
@@ -276,7 +277,10 @@ function verifyGhost(username, password) {
if (ghostData[username].expiresAt < Date.now()) {
debug('verifyGhost: password expired');
delete ghostData[username];
safe.fs.writeFileSync(paths.GHOST_USER_FILE, JSON.stringify(ghostData, null, 4), 'utf8');
const [error] = await safe(settings.setGhosts(ghostData));
if (error) throw error;
return false;
} else if (ghostData[username].password === password) {
debug('verifyGhost: matched ghost user');
@@ -287,7 +291,10 @@ function verifyGhost(username, password) {
} else if(ghostData[username] === password) {
debug('verifyGhost: matched ghost user');
delete ghostData[username];
safe.fs.writeFileSync(paths.GHOST_USER_FILE, JSON.stringify(ghostData, null, 4), 'utf8');
const [error] = await safe(settings.setGhosts(ghostData));
if (error) throw error;
return true;
}
}
@@ -320,9 +327,14 @@ async function verify(userId, password, identifier) {
if (!user.active) throw new BoxError(BoxError.NOT_FOUND, 'User not active');
// for just invited users the username may be still null
if (user.username && verifyGhost(user.username, password)) {
user.ghost = true;
return user;
if (user.username) {
const [error, valid] = await safe(verifyGhost(user.username, password));
if (error) console.error('Failed to verify ghost.', error);
if (valid) {
user.ghost = true;
return user;
}
}
const [error] = await safe(verifyAppPassword(user.id, password, identifier));