mirror of
https://github.com/SileNce5k/discord_bot_mgmt.git
synced 2025-04-20 03:26:14 +02:00
Compare commits
No commits in common. "7b35e1e2b50b082f1af52a9db952f3151b1482b1" and "09165e0544b35ccc21e44e00590d1078a3078215" have entirely different histories.
7b35e1e2b5
...
09165e0544
1 changed files with 6 additions and 29 deletions
|
|
@ -60,28 +60,14 @@ db.prepare(`
|
||||||
|
|
||||||
|
|
||||||
function verifyAuthToken(authToken){
|
function verifyAuthToken(authToken){
|
||||||
let authenticatedUser;
|
const authenticatedUser = db.prepare("SELECT * FROM tokens WHERE token = ?").get(authToken);
|
||||||
try {
|
|
||||||
authenticatedUser = db.prepare("SELECT * FROM tokens WHERE token = ?").get(authToken);
|
|
||||||
} catch (error) {
|
|
||||||
console.error(error)
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
if(!authenticatedUser) return false;
|
if(!authenticatedUser) return false;
|
||||||
if(authenticatedUser.token !== authToken) return false;
|
if(authenticatedUser.token !== authToken) return false;
|
||||||
if(authenticatedUser.expires_at <= new Date().valueOf()) return false;
|
|
||||||
return authenticatedUser;
|
return authenticatedUser;
|
||||||
}
|
}
|
||||||
|
|
||||||
function getUser(userid){
|
function getUser(userid){
|
||||||
let user;
|
const user = db.prepare("SELECT user_id, username, email, created_at, is_verified FROM users WHERE user_id = ?").get(userid)
|
||||||
try {
|
|
||||||
user = db.prepare("SELECT user_id, username, email, created_at, is_verified FROM users WHERE user_id = ?").get(userid)
|
|
||||||
|
|
||||||
} catch (error) {
|
|
||||||
console.error(error);
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
return user;
|
return user;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -135,12 +121,8 @@ app.get('/login', (req, res) => {
|
||||||
app.post('/api/v1/login', async (req, res,) => {
|
app.post('/api/v1/login', async (req, res,) => {
|
||||||
const username = req.body.username;
|
const username = req.body.username;
|
||||||
const password = req.body.password;
|
const password = req.body.password;
|
||||||
let user;
|
|
||||||
try {
|
let user = db.prepare("SELECT user_id, hashed_password FROM users WHERE username = ?").get(username);
|
||||||
user = db.prepare("SELECT user_id, hashed_password FROM users WHERE username = ?").get(username);
|
|
||||||
} catch (error) {
|
|
||||||
console.error(error)
|
|
||||||
}
|
|
||||||
if(!user){
|
if(!user){
|
||||||
res.redirect("/login?invalid=yes")
|
res.redirect("/login?invalid=yes")
|
||||||
}else {
|
}else {
|
||||||
|
|
@ -155,13 +137,8 @@ app.post('/api/v1/login', async (req, res,) => {
|
||||||
const maxAge = 2592000000 // 30 days in milliseconds.
|
const maxAge = 2592000000 // 30 days in milliseconds.
|
||||||
const maxAgeTimestamp = new Date().valueOf() + maxAge
|
const maxAgeTimestamp = new Date().valueOf() + maxAge
|
||||||
const token = crypto.randomBytes(128).toString('base64')
|
const token = crypto.randomBytes(128).toString('base64')
|
||||||
try { // TODO: Improve this logic...
|
db.prepare("INSERT INTO tokens ( token, user_id, expires_at ) VALUES (?, ?, ?)").run(token, user.user_id, maxAgeTimestamp)
|
||||||
db.prepare("INSERT INTO tokens ( token, user_id, expires_at ) VALUES (?, ?, ?)").run(token, user.user_id, maxAgeTimestamp)
|
res.cookie("auth_token", token, {maxAge: maxAge, secure: true, httpOnly: true, sameSite: 'lax'}).redirect("/")
|
||||||
res.cookie("auth_token", token, {maxAge: maxAge, secure: true, httpOnly: true, sameSite: 'lax'}).redirect("/")
|
|
||||||
} catch (error) {
|
|
||||||
console.log(error)
|
|
||||||
res.redirect("/")
|
|
||||||
}
|
|
||||||
}else{
|
}else{
|
||||||
res.redirect("/login?invalid=yes")
|
res.redirect("/login?invalid=yes")
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue