pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-02-28 15:56:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

setup react email and nodemailer

Browse Source
This commit is contained in:
Milo Schwartz
2024-10-03 20:55:54 -04:00
parent c9d98a8e8c
commit 57ebc0e525
11 changed files with 2497 additions and 4754 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
server/routers/auth/disable2fa.ts
View File

@@ -1,5 +1,4 @@
import { Request, Response, NextFunction } from "express";
import { verifySession } from "@server/auth";
import createHttpError from "http-errors";
import HttpCode from "@server/types/HttpCode";
import { fromError } from "zod-validation-error";
@@ -7,7 +6,7 @@ import { unauthorized } from "@server/auth";
import { z } from "zod";
import { verify } from "@node-rs/argon2";
import { db } from "@server/db";
import { users } from "@server/db/schema";
import { User, users } from "@server/db/schema";
import { eq } from "drizzle-orm";
import { response } from "@server/utils";
@@ -34,24 +33,9 @@ export async function disable2fa(
}
const { password } = parsedBody.data;
const user = req.user as User;
const { session, user } = await verifySession(req);
if (!session) {
return next(unauthorized());
}
const existingUser = await db
.select()
.from(users)
.where(eq(users.id, user.id));
if (!existingUser || !existingUser[0]) {
return next(
createHttpError(HttpCode.BAD_REQUEST, "User does not exist"),
);
}
const validPassword = await verify(existingUser[0].passwordHash, password, {
const validPassword = await verify(user.passwordHash, password, {
memoryCost: 19456,
timeCost: 2,
outputLen: 32,

2
server/routers/auth/login.ts
View File

@@ -2,6 +2,8 @@ import { verify } from "@node-rs/argon2";
import lucia, { verifySession } from "@server/auth";
import db from "@server/db";
import { users } from "@server/db/schema";
import { sendEmail } from "@server/emails";
import { VerifyEmail } from "@server/emails/templates/verifyEmailCode";
import HttpCode from "@server/types/HttpCode";
import response from "@server/utils/response";
import { eq } from "drizzle-orm";

22
server/routers/auth/requestTotpSecret.ts
View File

@@ -4,10 +4,10 @@ import { z } from "zod";
import { fromError } from "zod-validation-error";
import { encodeHex } from "oslo/encoding";
import HttpCode from "@server/types/HttpCode";
import { verifySession, unauthorized } from "@server/auth";
import { unauthorized } from "@server/auth";
import { response } from "@server/utils";
import { db } from "@server/db";
import { users } from "@server/db/schema";
import { User, users } from "@server/db/schema";
import { eq } from "drizzle-orm";
import { verify } from "@node-rs/argon2";
import { createTOTPKeyURI } from "oslo/otp";
@@ -40,23 +40,9 @@ export async function requestTotpSecret(
const { password } = parsedBody.data;
const { session, user } = await verifySession(req);
if (!session) {
return next(unauthorized());
}
const user = req.user as User;
const existingUser = await db
.select()
.from(users)
.where(eq(users.id, user.id));
if (!existingUser || !existingUser[0]) {
return next(
createHttpError(HttpCode.BAD_REQUEST, "User does not exist"),
);
}
const validPassword = await verify(existingUser[0].passwordHash, password, {
const validPassword = await verify(user.passwordHash, password, {
memoryCost: 19456,
timeCost: 2,
outputLen: 32,

8
server/routers/auth/verifyTotp.ts
View File

@@ -5,10 +5,9 @@ import { fromError } from "zod-validation-error";
import { decodeHex } from "oslo/encoding";
import { TOTPController } from "oslo/otp";
import HttpCode from "@server/types/HttpCode";
import { verifySession, unauthorized } from "@server/auth";
import { response } from "@server/utils";
import { db } from "@server/db";
import { users } from "@server/db/schema";
import { User, users } from "@server/db/schema";
import { eq } from "drizzle-orm";
export const verifyTotpBody = z.object({
@@ -39,10 +38,7 @@ export async function verifyTotp(
const { code } = parsedBody.data;
const { session, user } = await verifySession(req);
if (!session) {
return next(unauthorized());
}
const user = req.user as User;
if (user.twoFactorEnabled) {
return next(

15
server/routers/external.ts
View File

@@ -50,12 +50,9 @@ authenticated.get("/user/:userId", user.getUser);
authenticated.delete("/user/:userId", user.deleteUser);
// Auth routes
const authRouter = Router();
unauthenticated.use("/auth", authRouter);
authRouter.put("/signup", auth.signup);
authRouter.post("/login", auth.login);
authRouter.post("/logout", auth.logout);
authRouter.post("/verify-totp", auth.verifyTotp);
authRouter.post("/request-totp-secret", auth.requestTotpSecret);
authRouter.post("/disable-2fa", auth.disable2fa);
unauthenticated.put("/auth/signup", auth.signup);
unauthenticated.post("/auth/login", auth.login);
unauthenticated.post("/auth/logout", auth.logout);
authenticated.post("/auth/verify-totp", auth.verifyTotp);
authenticated.post("/auth/request-totp-secret", auth.requestTotpSecret);
authenticated.post("/auth/disable-2fa", auth.disable2fa);