Basic Cleanup (#1)
Reviewed-on: #1 Co-authored-by: Armored-Dragon <forgejo3829105@armoreddragon.com> Co-committed-by: Armored-Dragon <forgejo3829105@armoreddragon.com>pull/2/head
parent
66c463f80a
commit
f5cab625ec
|
@ -14,9 +14,10 @@ const s3 = new S3Client({
|
||||||
});
|
});
|
||||||
const settings = require("../settings");
|
const settings = require("../settings");
|
||||||
|
|
||||||
|
// FIXME: This does not properly validate that a user was created
|
||||||
async function registerUser(username, password, options) {
|
async function registerUser(username, password, options) {
|
||||||
const new_user = await prisma.user.create({ data: { username: username, password: password, ...options } });
|
const new_user = await prisma.user.create({ data: { username: username, password: password, ...options } });
|
||||||
await settings.setSetupComplete();
|
settings.act("SETUP_COMPLETE", true);
|
||||||
if (new_user) return { success: true, message: `Successfully created ${new_user.username}` };
|
if (new_user) return { success: true, message: `Successfully created ${new_user.username}` };
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,3 @@
|
||||||
const { PrismaClient } = require("@prisma/client");
|
|
||||||
const prisma = new PrismaClient();
|
|
||||||
const core = require("./core");
|
|
||||||
const settings = require("../settings");
|
const settings = require("../settings");
|
||||||
|
|
||||||
async function userRegistration(username, password) {
|
async function userRegistration(username, password) {
|
||||||
|
@ -9,20 +6,16 @@ async function userRegistration(username, password) {
|
||||||
// TODO: Admin customizable minimum password length
|
// TODO: Admin customizable minimum password length
|
||||||
if (password.length < 4) return { success: false, message: "Password not long enough" };
|
if (password.length < 4) return { success: false, message: "Password not long enough" };
|
||||||
|
|
||||||
const existing_user = await core.getUser({ username: username });
|
// Check if username only uses URL safe characters
|
||||||
|
if (!is_url_safe(username)) return { success: false, message: "Username is not URL safe" };
|
||||||
if (existing_user.success) return { success: false, message: "Username already exists" };
|
|
||||||
|
|
||||||
|
// All good! Validation complete
|
||||||
return { success: true };
|
return { success: true };
|
||||||
}
|
}
|
||||||
|
|
||||||
async function userLogin(username, password) {
|
function is_url_safe(str) {
|
||||||
const existing_user = await core.getUser({ username: username });
|
const pattern = /^[A-Za-z0-9\-_.~]+$/;
|
||||||
|
return pattern.test(str);
|
||||||
if (!existing_user.success) return { success: false, message: "User does not exist" };
|
|
||||||
if (existing_user.role === "LOCKED") return { success: false, message: "Account is locked: Contact your administrator" };
|
|
||||||
|
|
||||||
return { success: true, data: existing_user.data };
|
|
||||||
}
|
}
|
||||||
|
|
||||||
module.exports = { userRegistration, userLogin };
|
module.exports = { userRegistration };
|
||||||
|
|
|
@ -3,35 +3,37 @@ const core = require("./core");
|
||||||
const settings = require("../settings");
|
const settings = require("../settings");
|
||||||
|
|
||||||
async function registerUser(username, password) {
|
async function registerUser(username, password) {
|
||||||
const registration_allowed = await settings.userRegistrationAllowed(); // Check if user registration is allowed
|
// Get current and relevant settings
|
||||||
|
const s = Promise.all([settings.act("ACCOUNT_REGISTRATION"), settings.act("SETUP_COMPLETE")]);
|
||||||
const form_valid = await validate.userRegistration(username, password); // Check form for errors
|
const form_valid = await validate.userRegistration(username, password); // Check form for errors
|
||||||
|
|
||||||
const is_setup_complete = await settings.setupComplete();
|
// Set variables for easy reading
|
||||||
let role = is_setup_complete ? undefined : "ADMIN";
|
const registration_allowed = s[0];
|
||||||
|
const setup_complete = s[1];
|
||||||
|
|
||||||
|
if (!registration_allowed && setup_complete) return { success: false, message: "Registration is disabled" }; // Registration disabled
|
||||||
|
if (!form_valid.success) return form_valid; // Registration details did not validate
|
||||||
|
|
||||||
|
// Does a user using that username exist already?
|
||||||
|
const existing_user = await core.getUser({ username: username });
|
||||||
|
if (existing_user.success) return { success: false, message: "Username is taken" };
|
||||||
|
|
||||||
// Register the user in the database
|
// Register the user in the database
|
||||||
if (registration_allowed && form_valid.success) return await core.registerUser(username, password, { role: role });
|
const role = setup_complete ? undefined : "ADMIN";
|
||||||
|
const registration_status = await core.registerUser(username, password, { role: role });
|
||||||
|
|
||||||
// Something went wrong!
|
if (registration_status.success) return registration_status;
|
||||||
return { success: false, message: form_valid.message };
|
else return registration_status;
|
||||||
}
|
}
|
||||||
|
|
||||||
async function loginUser(username, password) {
|
async function loginUser(username, password) {
|
||||||
const user = await validate.userLogin(username);
|
// Get the user by username
|
||||||
if (!user.success) return user;
|
const existing_user = await core.getUser({ username: username });
|
||||||
|
|
||||||
return { success: true, data: { username: user.data.username, id: user.data.id, password: user.data.password } };
|
// Check for errors or problems
|
||||||
|
if (!existing_user.success) return { success: false, message: "User does not exist" };
|
||||||
|
if (existing_user.role === "LOCKED") return { success: false, message: "Account is locked: Contact your administrator" };
|
||||||
|
return { success: true, data: { username: existing_user.data.username, id: existing_user.data.id, password: existing_user.data.password } };
|
||||||
}
|
}
|
||||||
|
|
||||||
async function getUser({ id, username } = {}) {
|
module.exports = { registerUser, loginUser };
|
||||||
let user;
|
|
||||||
if (id) user = await core.getUser({ id: id });
|
|
||||||
else if (username) user = await core.getUser({ username: username });
|
|
||||||
|
|
||||||
// Make sure we only get important identifier and nothing sensitive!
|
|
||||||
if (user.success) return { success: true, data: { username: user.data.username, id: user.data.id, role: user.data.role } };
|
|
||||||
|
|
||||||
return { success: false, message: "No user found" };
|
|
||||||
}
|
|
||||||
|
|
||||||
module.exports = { registerUser, loginUser, getUser };
|
|
||||||
|
|
|
@ -4,7 +4,7 @@ const settings = require("./settings");
|
||||||
|
|
||||||
async function index(request, response) {
|
async function index(request, response) {
|
||||||
// Check if the master admin has been created
|
// Check if the master admin has been created
|
||||||
const is_setup_complete = (await settings.setupComplete()) || false;
|
const is_setup_complete = (await settings.act("SETUP_COMPLETE")) || false;
|
||||||
if (!is_setup_complete) return response.redirect("/register");
|
if (!is_setup_complete) return response.redirect("/register");
|
||||||
|
|
||||||
response.render("index.ejs", { user: request.session.user || null, website_name: process.env.WEBSITE_NAME });
|
response.render("index.ejs", { user: request.session.user || null, website_name: process.env.WEBSITE_NAME });
|
||||||
|
@ -36,8 +36,10 @@ async function registerPost(request, response) {
|
||||||
async function loginPost(request, response) {
|
async function loginPost(request, response) {
|
||||||
const login = await internal.loginUser(request.body.username, request.body.password);
|
const login = await internal.loginUser(request.body.username, request.body.password);
|
||||||
|
|
||||||
|
if (!login.success) return response.json(login);
|
||||||
|
|
||||||
const password_match = await bcrypt.compare(request.body.password, login.data.password);
|
const password_match = await bcrypt.compare(request.body.password, login.data.password);
|
||||||
if (!password_match) return { success: false, message: "Incorrect password" };
|
if (!password_match) return response.json({ success: false, message: "Incorrect password" });
|
||||||
|
|
||||||
request.session.user = { username: login.data.username, id: login.data.id };
|
request.session.user = { username: login.data.username, id: login.data.id };
|
||||||
response.json({ success: true });
|
response.json({ success: true });
|
||||||
|
|
|
@ -1,14 +1,40 @@
|
||||||
const persistent_setting = require("node-persist");
|
const persistent_setting = require("node-persist");
|
||||||
persistent_setting.init({ dir: "data/" });
|
persistent_setting.init({ dir: "data/site/" });
|
||||||
|
|
||||||
const setupComplete = async () => (await persistent_setting.getItem("SETUP_COMPLETE")) || false;
|
let settings = {
|
||||||
const userRegistrationAllowed = async () => {
|
SETUP_COMPLETE: false,
|
||||||
const setting = await persistent_setting.getItem("REGISTRATION_ALLOWED");
|
ACCOUNT_REGISTRATION: false,
|
||||||
if (typeof setting == "undefined") return true;
|
BLOG_UPLOADING: false,
|
||||||
console.log(setting);
|
|
||||||
return setting == "true";
|
USER_MINIMUM_PASSWORD_LENGTH: 6,
|
||||||
};
|
};
|
||||||
const setSetupComplete = async () => await persistent_setting.setItem("SETUP_COMPLETE", "true");
|
|
||||||
const setUserRegistrationAllowed = (new_value) => persistent_setting.setItem("REGISTRATION_ALLOWED", String(new_value));
|
|
||||||
|
|
||||||
module.exports = { setupComplete, userRegistrationAllowed, setSetupComplete, setUserRegistrationAllowed };
|
async function act(key, value) {
|
||||||
|
// Change value if we have a value field
|
||||||
|
if (value) {
|
||||||
|
// Just incase the value is a string instead of a boolean
|
||||||
|
value = String(value).toLowerCase() === "true";
|
||||||
|
|
||||||
|
await persistent_setting.setItem(key, value);
|
||||||
|
settings[key] = value;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Return the current setting
|
||||||
|
return settings[key];
|
||||||
|
}
|
||||||
|
|
||||||
|
function getSettings() {
|
||||||
|
return settings;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Initialize our settings
|
||||||
|
setTimeout(async () => {
|
||||||
|
for (let i = 0; Object.keys(settings).length > i; i++) {
|
||||||
|
const setting_title = Object.keys(settings)[i];
|
||||||
|
const setting_value = await persistent_setting.getItem(setting_title);
|
||||||
|
|
||||||
|
settings[setting_title] = setting_value == true || setting_value == "true";
|
||||||
|
}
|
||||||
|
}, 3000);
|
||||||
|
|
||||||
|
module.exports = { act, getSettings };
|
||||||
|
|
|
@ -42,6 +42,11 @@
|
||||||
width: 100%;
|
width: 100%;
|
||||||
margin-bottom: 10px;
|
margin-bottom: 10px;
|
||||||
}
|
}
|
||||||
|
.e-image-area .placeholder {
|
||||||
|
margin: auto;
|
||||||
|
grid-row: 1/-1;
|
||||||
|
grid-column: 1/-1;
|
||||||
|
}
|
||||||
.e-image-area .image {
|
.e-image-area .image {
|
||||||
height: 100px;
|
height: 100px;
|
||||||
aspect-ratio: 16/9;
|
aspect-ratio: 16/9;
|
||||||
|
|
|
@ -49,6 +49,12 @@ $background-body: #222;
|
||||||
width: 100%;
|
width: 100%;
|
||||||
margin-bottom: 10px;
|
margin-bottom: 10px;
|
||||||
|
|
||||||
|
.placeholder {
|
||||||
|
margin: auto;
|
||||||
|
grid-row: 1 / -1;
|
||||||
|
grid-column: 1 / -1;
|
||||||
|
}
|
||||||
|
|
||||||
.image {
|
.image {
|
||||||
height: 100px;
|
height: 100px;
|
||||||
aspect-ratio: 16/9;
|
aspect-ratio: 16/9;
|
||||||
|
|
|
@ -23,9 +23,7 @@
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="e-image-area">
|
<div class="e-image-area">
|
||||||
<div class="image">
|
<div class="placeholder">Drop images here</div>
|
||||||
<img src="/img/.dev/screenshot.png" />
|
|
||||||
</div>
|
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="e-content">
|
<div class="e-content">
|
||||||
|
|
Loading…
Reference in New Issue