qwik-account-manager/routes/auth.js

import crypto from 'crypto'
import { Router } from 'express'
import execawait from '../libs/execawait.js'

const AUTH = Router()
let valid = {}


AUTH.post('/register', (req, res) => {
    // Was input sent?
    if(!req.body.username)
        return(res.send("No username entered!"))

    if(!req.body.password)
        return(res.send("No password entered!"))

    if(!req.body.password)
        return(res.send("No captcha entered!"))

    // does the username match the requirements
    if(!(/^(?=[a-zA-Z0-9]{2,20}$).*$/.test(req.body.username)))
        return(res.send("Username does not match the requirements"))

    // is captcha valid
    if(!valid[req.body.captcha])
        return(res.send("Invalid captcha!"))

    const captchaAge = Math.abs((valid[req.body.captcha].getTime() - new Date().getTime())/1000)

    if(captchaAge > 600)
        return(res.send("Invalid captcha!"))

    // expire the captcha
    delete valid[req.body.captcha]

    // Does user already exist?
    if(glauth.prepare(`SELECT * FROM users WHERE name = ?`).get(req.body.username))
        return(res.send("User already exists"))

    // Create the user!
    glauth.prepare(`
        INSERT INTO users(
            name, primarygroup, passsha256
        ) VALUES(?, 0, ?)
    `).run(req.body.username, crypto.createHash('sha256').update(req.body.password).digest('hex'))

    console.log(`>>> User: ${req.body.username} was succesfully created!`)
    res.send("Account registered!")

    res.end()
})

AUTH.get('/captcha', async (req, res) => {
    const captcha = crypto.randomBytes(3).toString('hex')
    await execawait(`./captcha.sh ${captcha} > captcha.png`)

    // Make it valid for 10 minutes
    valid[captcha] = new Date()

    // Send the captcha image
    res.contentType('image/png');
    res.sendFile('captcha.png', {
        root: './'
    });
})


export default AUTH
Refactor 2022-01-15 19:27:18 +01:00			`import crypto from 'crypto'`
			`import { Router } from 'express'`
			`import execawait from '../libs/execawait.js'`

			`const AUTH = Router()`
			`let valid = {}`


			`AUTH.post('/register', (req, res) => {`
			`// Was input sent?`
			`if(!req.body.username)`
			`return(res.send("No username entered!"))`

			`if(!req.body.password)`
			`return(res.send("No password entered!"))`

			`if(!req.body.password)`
			`return(res.send("No captcha entered!"))`

			`// does the username match the requirements`
			`if(!(/^(?=[a-zA-Z0-9]{2,20}$).*$/.test(req.body.username)))`
			`return(res.send("Username does not match the requirements"))`

			`// is captcha valid`
			`if(!valid[req.body.captcha])`
			`return(res.send("Invalid captcha!"))`

			`const captchaAge = Math.abs((valid[req.body.captcha].getTime() - new Date().getTime())/1000)`

			`if(captchaAge > 600)`
			`return(res.send("Invalid captcha!"))`

			`// expire the captcha`
			`delete valid[req.body.captcha]`

			`// Does user already exist?`
			if(glauth.prepare(`SELECT * FROM users WHERE name = ?`).get(req.body.username))
			`return(res.send("User already exists"))`

			`// Create the user!`
			glauth.prepare(`
			`INSERT INTO users(`
			`name, primarygroup, passsha256`
			`) VALUES(?, 0, ?)`
			`).run(req.body.username, crypto.createHash('sha256').update(req.body.password).digest('hex'))

			console.log(`>>> User: ${req.body.username} was succesfully created!`)
			`res.send("Account registered!")`

			`res.end()`
			`})`

			`AUTH.get('/captcha', async (req, res) => {`
			`const captcha = crypto.randomBytes(3).toString('hex')`
			await execawait(`./captcha.sh ${captcha} > captcha.png`)

			`// Make it valid for 10 minutes`
			`valid[captcha] = new Date()`

			`// Send the captcha image`
			`res.contentType('image/png');`
			`res.sendFile('captcha.png', {`
			`root: './'`
			`});`
			`})`


			`export default AUTH`