jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Properly detect new user agents and location

Browse Source
This commit is contained in:
Johannes Zellner
2021-04-30 13:21:50 +02:00
parent af2c096975
commit fb5c2a5e52
6 changed files with 72 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/userdb.js
View File

@@ -27,11 +27,12 @@ exports = module.exports = {
var assert = require('assert'),
BoxError = require('./boxerror.js'),
database = require('./database.js'),
mysql = require('mysql');
mysql = require('mysql'),
safe = require('safetydance');
// the avatar field is special and not added here to reduce response sizes
const USERS_FIELDS = [ 'id', 'username', 'email', 'fallbackEmail', 'password', 'salt', 'createdAt', 'resetToken', 'displayName',
'twoFactorAuthenticationEnabled', 'twoFactorAuthenticationSecret', 'active', 'source', 'role', 'resetTokenCreationTime' ].join(',');
'twoFactorAuthenticationEnabled', 'twoFactorAuthenticationSecret', 'active', 'source', 'role', 'resetTokenCreationTime', 'locationJson' ].join(',');
const APP_PASSWORD_FIELDS = [ 'id', 'name', 'userId', 'identifier', 'hashedPassword', 'creationTime' ].join(',');
@@ -41,6 +42,11 @@ function postProcess(result) {
result.twoFactorAuthenticationEnabled = !!result.twoFactorAuthenticationEnabled;
result.active = !!result.active;
// we remove the JSON first locations property, it is only there to have a valid JSON, no toplevel array
const tmp = safe.JSON.parse(result.locationJson) || { locations: [] };
result.locations = tmp.locations || [];
delete result.locationJson;
return result;
}
@@ -238,6 +244,7 @@ function update(userId, user, callback) {
assert(!('twoFactorAuthenticationEnabled' in user) || (typeof user.twoFactorAuthenticationEnabled === 'boolean'));
assert(!('role' in user) || (typeof user.role === 'string'));
assert(!('active' in user) || (typeof user.active === 'boolean'));
assert(!('locations' in user) || (Array.isArray(user.locations)));
var args = [ ];
var fields = [ ];
@@ -245,6 +252,9 @@ function update(userId, user, callback) {
if (k === 'twoFactorAuthenticationEnabled' || k === 'active') {
fields.push(k + ' = ?');
args.push(user[k] ? 1 : 0);
} else if (k === 'locations') {
fields.push('locationJson = ?');
args.push(JSON.stringify({ locations: user[k] || []}));
} else {
fields.push(k + ' = ?');
args.push(user[k]);