3 changed files with 53 additions and 21 deletions
Split View
Diff Options
-
+9 -10app/routes/api/auth.js
-
+43 -10package-lock.json
-
+1 -1package.json
+ 9
- 10
app/routes/api/auth.js
View File
| @@ -11,7 +11,6 @@ const passport = require('passport'); | |||
| const canonicalizeRequest = require('../../util/canonicalize').canonicalizeRequest; | |||
| const requireAuth = require('../../util/auth').requireAuth; | |||
| const wrap = require('../../util/wrap.js'); | |||
| const verifyBody = require('../../util/verifyBody'); | |||
| const rateLimit = require('express-rate-limit'); | |||
| @@ -32,7 +31,7 @@ const login = (user, req) => { | |||
| }; | |||
| // Query the database for a valid invite code. An error message property is set if invalid. | |||
| const validateInvite = wrap(async (req, res, next) => { | |||
| const validateInvite = async (req, res, next) => { | |||
| const invite = await Invite.findOne({code: req.body.invite}).catch(next); | |||
| if (!invite) { | |||
| @@ -49,10 +48,10 @@ const validateInvite = wrap(async (req, res, next) => { | |||
| req.invite = invite; | |||
| next(); | |||
| }); | |||
| }; | |||
| // Check if the requested username is valid | |||
| const validateUsername = wrap(async (req, res, next) => { | |||
| const validateUsername = async (req, res, next) => { | |||
| const username = req.body.username; | |||
| const count = await User.countDocuments({username: username}).catch(next); | |||
| @@ -60,7 +59,7 @@ const validateUsername = wrap(async (req, res, next) => { | |||
| return res.status(422).json({message: 'Username in use.'}); | |||
| next(); | |||
| }); | |||
| }; | |||
| const registerLimiter = config.get('RateLimit.enable') | |||
| ? rateLimit({ | |||
| @@ -83,7 +82,7 @@ router.post('/register', | |||
| registerLimiter, | |||
| verifyBody(registerProps), canonicalizeRequest, | |||
| validateInvite, validateUsername, | |||
| wrap(async (req, res, next) => { | |||
| async (req, res, next) => { | |||
| // Update the database | |||
| await Promise.all([ | |||
| User.register({ | |||
| @@ -96,7 +95,7 @@ router.post('/register', | |||
| ]); | |||
| res.status(200).json({'message': 'Registration successful.'}); | |||
| })); | |||
| }); | |||
| const loginLimiter = config.get('RateLimit.enable') | |||
| ? rateLimit({ | |||
| @@ -113,7 +112,7 @@ router.post('/login', | |||
| loginLimiter, | |||
| verifyBody(loginProps), | |||
| canonicalizeRequest, | |||
| wrap(async (req, res, next) => { | |||
| async (req, res, next) => { | |||
| // Authenticate | |||
| const user = await authenticate(req, res, next); | |||
| if (!user) { | |||
| @@ -130,9 +129,9 @@ router.post('/login', | |||
| req.session.passport.scope = user.scope; | |||
| res.status(200).json({'message': 'Logged in.'}); | |||
| })); | |||
| }); | |||
| router.post('/logout', function (req, res) { | |||
| router.post('/logout', (req, res) => { | |||
| if (!req.isAuthenticated()) | |||
| return res.status(400).json({message: 'Not logged in.'}); | |||
+ 43
- 10
package-lock.json
View File
| @@ -472,9 +472,9 @@ | |||
| "dev": true | |||
| }, | |||
| "array-flatten": { | |||
| "version": "1.1.1", | |||
| "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz", | |||
| "integrity": "sha1-ml9pkFGx5wczKPKgCJaLZOopVdI=" | |||
| "version": "2.1.1", | |||
| "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-2.1.1.tgz", | |||
| "integrity": "sha1-Qmu52oQJDBg42BLIFQryCoMx4pY=" | |||
| }, | |||
| "array-initial": { | |||
| "version": "1.1.0", | |||
| @@ -2945,18 +2945,18 @@ | |||
| "integrity": "sha512-ngXzTfoRGG7fYens3/RMb6yYoVLvLMfmsSllP/mZPxNHgFq41TmPSLF/nLY7fwoclI2vElvAmILFWGUYqdjfCg==" | |||
| }, | |||
| "express": { | |||
| "version": "4.16.4", | |||
| "resolved": "https://registry.npmjs.org/express/-/express-4.16.4.tgz", | |||
| "integrity": "sha512-j12Uuyb4FMrd/qQAm6uCHAkPtO8FDTRJZBDd5D2KOL2eLaz1yUNdUB/NOIyq0iU4q4cFarsUCrnFDPBcnksuOg==", | |||
| "version": "5.0.0-alpha.7", | |||
| "resolved": "https://registry.npmjs.org/express/-/express-5.0.0-alpha.7.tgz", | |||
| "integrity": "sha512-3FW+yXzYCViXf6Ty9TN9IKLW+rC8qok3ktS4hS1FILAEnMnfnDpQ+23rZVvWC0Ul1alYpJXx7xSBSBp073970g==", | |||
| "requires": { | |||
| "accepts": "~1.3.5", | |||
| "array-flatten": "1.1.1", | |||
| "array-flatten": "2.1.1", | |||
| "body-parser": "1.18.3", | |||
| "content-disposition": "0.5.2", | |||
| "content-type": "~1.0.4", | |||
| "cookie": "0.3.1", | |||
| "cookie-signature": "1.0.6", | |||
| "debug": "2.6.9", | |||
| "debug": "3.1.0", | |||
| "depd": "~1.1.2", | |||
| "encodeurl": "~1.0.2", | |||
| "escape-html": "~1.0.3", | |||
| @@ -2967,10 +2967,11 @@ | |||
| "methods": "~1.1.2", | |||
| "on-finished": "~2.3.0", | |||
| "parseurl": "~1.3.2", | |||
| "path-to-regexp": "0.1.7", | |||
| "path-is-absolute": "1.0.1", | |||
| "proxy-addr": "~2.0.4", | |||
| "qs": "6.5.2", | |||
| "range-parser": "~1.2.0", | |||
| "router": "2.0.0-alpha.1", | |||
| "safe-buffer": "5.1.2", | |||
| "send": "0.16.2", | |||
| "serve-static": "1.13.2", | |||
| @@ -2981,6 +2982,14 @@ | |||
| "vary": "~1.1.2" | |||
| }, | |||
| "dependencies": { | |||
| "debug": { | |||
| "version": "3.1.0", | |||
| "resolved": "https://registry.npmjs.org/debug/-/debug-3.1.0.tgz", | |||
| "integrity": "sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==", | |||
| "requires": { | |||
| "ms": "2.0.0" | |||
| } | |||
| }, | |||
| "depd": { | |||
| "version": "1.1.2", | |||
| "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz", | |||
| @@ -3168,7 +3177,7 @@ | |||
| }, | |||
| "finalhandler": { | |||
| "version": "1.1.1", | |||
| "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.1.1.tgz", | |||
| "resolved": "http://registry.npmjs.org/finalhandler/-/finalhandler-1.1.1.tgz", | |||
| "integrity": "sha512-Y1GUDo39ez4aHAw7MysnUD5JzYX+WaIj8I57kO3aEPT1fFRL4sr7mjei97FgnwhAyyzRYmQZaTHb2+9uZ1dPtg==", | |||
| "requires": { | |||
| "debug": "2.6.9", | |||
| @@ -14009,6 +14018,30 @@ | |||
| "inherits": "^2.0.1" | |||
| } | |||
| }, | |||
| "router": { | |||
| "version": "2.0.0-alpha.1", | |||
| "resolved": "https://registry.npmjs.org/router/-/router-2.0.0-alpha.1.tgz", | |||
| "integrity": "sha512-fz/T/qLkJM6RTtbqGqA1+uZ88ejqJoPyKeJAeXPYjebA7HzV/UyflH4gXWqW/Y6SERnp4kDwNARjqy6se3PcOw==", | |||
| "requires": { | |||
| "array-flatten": "2.1.1", | |||
| "debug": "3.1.0", | |||
| "methods": "~1.1.2", | |||
| "parseurl": "~1.3.2", | |||
| "path-to-regexp": "0.1.7", | |||
| "setprototypeof": "1.1.0", | |||
| "utils-merge": "1.0.1" | |||
| }, | |||
| "dependencies": { | |||
| "debug": { | |||
| "version": "3.1.0", | |||
| "resolved": "https://registry.npmjs.org/debug/-/debug-3.1.0.tgz", | |||
| "integrity": "sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==", | |||
| "requires": { | |||
| "ms": "2.0.0" | |||
| } | |||
| } | |||
| } | |||
| }, | |||
| "rw": { | |||
| "version": "1.3.3", | |||
| "resolved": "https://registry.npmjs.org/rw/-/rw-1.3.3.tgz", | |||
+ 1
- 1
package.json
View File
| @@ -13,7 +13,7 @@ | |||
| "connect-mongo": "^2.0.3", | |||
| "crossfilter2": "^1.4.6", | |||
| "dc": "^3.0.9", | |||
| "express": "^4.16.4", | |||
| "express": "^5.0.0-alpha.7", | |||
| "express-rate-limit": "^3.3.2", | |||
| "express-sanitizer": "^1.0.4", | |||
| "express-session": "^1.15.6", | |||