68 lines
1.8 KiB
JavaScript
68 lines
1.8 KiB
JavaScript
import crypto from 'crypto'
|
|
import { Router } from 'express'
|
|
import execawait from '../libs/execawait.js'
|
|
|
|
const AUTH = Router()
|
|
let valid = {}
|
|
|
|
|
|
AUTH.post('/register', (req, res) => {
|
|
// Was input sent?
|
|
if(!req.body.username)
|
|
return(res.send("No username entered!"))
|
|
|
|
if(!req.body.password)
|
|
return(res.send("No password entered!"))
|
|
|
|
if(!req.body.password)
|
|
return(res.send("No captcha entered!"))
|
|
|
|
// does the username match the requirements
|
|
if(!(/^(?=[a-zA-Z0-9]{2,20}$).*$/.test(req.body.username)))
|
|
return(res.send("Username does not match the requirements"))
|
|
|
|
// is captcha valid
|
|
if(!valid[req.body.captcha])
|
|
return(res.send("Invalid captcha!"))
|
|
|
|
const captchaAge = Math.abs((valid[req.body.captcha].getTime() - new Date().getTime())/1000)
|
|
|
|
if(captchaAge > 600)
|
|
return(res.send("Invalid captcha!"))
|
|
|
|
// expire the captcha
|
|
delete valid[req.body.captcha]
|
|
|
|
// Does user already exist?
|
|
if(glauth.prepare(`SELECT * FROM users WHERE name = ?`).get(req.body.username))
|
|
return(res.send("User already exists"))
|
|
|
|
// Create the user!
|
|
glauth.prepare(`
|
|
INSERT INTO users(
|
|
name, primarygroup, passsha256
|
|
) VALUES(?, 0, ?)
|
|
`).run(req.body.username, crypto.createHash('sha256').update(req.body.password).digest('hex'))
|
|
|
|
console.log(`>>> User: ${req.body.username} was succesfully created!`)
|
|
res.send("Account registered!")
|
|
|
|
res.end()
|
|
})
|
|
|
|
AUTH.get('/captcha', async (req, res) => {
|
|
const captcha = crypto.randomBytes(3).toString('hex')
|
|
await execawait(`./captcha.sh ${captcha} > captcha.png`)
|
|
|
|
// Make it valid for 10 minutes
|
|
valid[captcha] = new Date()
|
|
|
|
// Send the captcha image
|
|
res.contentType('image/png');
|
|
res.sendFile('captcha.png', {
|
|
root: './'
|
|
});
|
|
})
|
|
|
|
|
|
export default AUTH |