Updates
This commit is contained in:
parent
a1d2325156
commit
04a4452821
4
index.d.ts
vendored
4
index.d.ts
vendored
@ -17,13 +17,13 @@ export namespace user {
|
|||||||
export { getUser };
|
export { getUser };
|
||||||
export { getToken };
|
export { getToken };
|
||||||
export { validateToken };
|
export { validateToken };
|
||||||
|
export let validateTempEmailCode: typeof import("./users/validate-temp-email-code");
|
||||||
export namespace social {
|
export namespace social {
|
||||||
export { loginWithGoogle };
|
export { loginWithGoogle };
|
||||||
export { loginWithGithub };
|
export { loginWithGithub };
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
import getSchema = require("./utils/get-schema");
|
import getSchema = require("./utils/get-schema");
|
||||||
import sanitizeSql = require("./utils/functions/sanitizeSql");
|
|
||||||
import datasquirelClient = require("./client");
|
import datasquirelClient = require("./client");
|
||||||
export namespace sql {
|
export namespace sql {
|
||||||
export { sqlGenerator };
|
export { sqlGenerator };
|
||||||
@ -68,4 +68,4 @@ export declare namespace utils {
|
|||||||
}) => string;
|
}) => string;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
export { get, post, getSchema, sanitizeSql, datasquirelClient as client };
|
export { get, post, getSchema, datasquirelClient as client };
|
||||||
|
3
index.js
3
index.js
@ -26,7 +26,6 @@ const loginWithGithub = require("./users/social/github-auth");
|
|||||||
const getToken = require("./users/get-token");
|
const getToken = require("./users/get-token");
|
||||||
const validateToken = require("./users/validate-token");
|
const validateToken = require("./users/validate-token");
|
||||||
|
|
||||||
const sanitizeSql = require("./utils/functions/sanitizeSql");
|
|
||||||
const datasquirelClient = require("./client");
|
const datasquirelClient = require("./client");
|
||||||
const sqlGenerator = require("./package-shared/functions/dsql/sql/sql-generator");
|
const sqlGenerator = require("./package-shared/functions/dsql/sql/sql-generator");
|
||||||
const sqlInsertGenerator = require("./package-shared/functions/dsql/sql/sql-insert-generator");
|
const sqlInsertGenerator = require("./package-shared/functions/dsql/sql/sql-insert-generator");
|
||||||
@ -52,6 +51,7 @@ const user = {
|
|||||||
getUser: getUser,
|
getUser: getUser,
|
||||||
getToken: getToken,
|
getToken: getToken,
|
||||||
validateToken: validateToken,
|
validateToken: validateToken,
|
||||||
|
validateTempEmailCode: require("./users/validate-temp-email-code"),
|
||||||
social: {
|
social: {
|
||||||
loginWithGoogle: loginWithGoogle,
|
loginWithGoogle: loginWithGoogle,
|
||||||
loginWithGithub: loginWithGithub,
|
loginWithGithub: loginWithGithub,
|
||||||
@ -86,7 +86,6 @@ const datasquirel = {
|
|||||||
media,
|
media,
|
||||||
user,
|
user,
|
||||||
getSchema,
|
getSchema,
|
||||||
sanitizeSql,
|
|
||||||
client: datasquirelClient,
|
client: datasquirelClient,
|
||||||
sql,
|
sql,
|
||||||
utils: {
|
utils: {
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
declare function _exports({ email, database, email_login_field, mail_domain, mail_port, sender, mail_username, mail_password, html, useLocal, }: {
|
declare function _exports({ email, database, email_login_field, mail_domain, mail_port, sender, mail_username, mail_password, html, useLocal, response, }: {
|
||||||
email: string;
|
email: string;
|
||||||
database: string;
|
database: string;
|
||||||
email_login_field?: string;
|
email_login_field?: string;
|
||||||
@ -9,8 +9,9 @@ declare function _exports({ email, database, email_login_field, mail_domain, mai
|
|||||||
mail_password?: string;
|
mail_password?: string;
|
||||||
html: string;
|
html: string;
|
||||||
useLocal?: boolean;
|
useLocal?: boolean;
|
||||||
}): Promise<{
|
response?: http.ServerResponse & {
|
||||||
success: boolean;
|
[x: string]: any;
|
||||||
msg?: string;
|
};
|
||||||
}>;
|
}): Promise<import("../../../types").SendOneTimeCodeEmailResponse>;
|
||||||
export = _exports;
|
export = _exports;
|
||||||
|
import http = require("http");
|
||||||
|
@ -3,6 +3,9 @@
|
|||||||
const LOCAL_DB_HANDLER = require("../../../utils/backend/global-db/LOCAL_DB_HANDLER");
|
const LOCAL_DB_HANDLER = require("../../../utils/backend/global-db/LOCAL_DB_HANDLER");
|
||||||
const varDatabaseDbHandler = require("../../backend/varDatabaseDbHandler");
|
const varDatabaseDbHandler = require("../../backend/varDatabaseDbHandler");
|
||||||
const nodemailer = require("nodemailer");
|
const nodemailer = require("nodemailer");
|
||||||
|
const http = require("http");
|
||||||
|
const getAuthCookieNames = require("../../backend/cookies/get-auth-cookie-names");
|
||||||
|
const encrypt = require("../../dsql/encrypt");
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* # Send Email Login Code
|
* # Send Email Login Code
|
||||||
@ -18,8 +21,9 @@ const nodemailer = require("nodemailer");
|
|||||||
* @param {string} [param.mail_password]
|
* @param {string} [param.mail_password]
|
||||||
* @param {string} param.html
|
* @param {string} param.html
|
||||||
* @param {boolean} [param.useLocal]
|
* @param {boolean} [param.useLocal]
|
||||||
|
* @param {http.ServerResponse & Object<string,any>} [param.response]
|
||||||
*
|
*
|
||||||
* @returns {Promise<{success: boolean, msg?: string}>}
|
* @returns {Promise<import("../../../types").SendOneTimeCodeEmailResponse>}
|
||||||
*/
|
*/
|
||||||
module.exports = async function apiSendEmailCode({
|
module.exports = async function apiSendEmailCode({
|
||||||
email,
|
email,
|
||||||
@ -32,6 +36,7 @@ module.exports = async function apiSendEmailCode({
|
|||||||
mail_password,
|
mail_password,
|
||||||
html,
|
html,
|
||||||
useLocal,
|
useLocal,
|
||||||
|
response,
|
||||||
}) {
|
}) {
|
||||||
if (email?.match(/ /)) {
|
if (email?.match(/ /)) {
|
||||||
return {
|
return {
|
||||||
@ -39,10 +44,7 @@ module.exports = async function apiSendEmailCode({
|
|||||||
msg: "Invalid Email/Password format",
|
msg: "Invalid Email/Password format",
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
const createdAt = Date.now();
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
|
|
||||||
const foundUserQuery = `SELECT * FROM users WHERE email = ?`;
|
const foundUserQuery = `SELECT * FROM users WHERE email = ?`;
|
||||||
const foundUserValues = [email];
|
const foundUserValues = [email];
|
||||||
@ -74,7 +76,7 @@ module.exports = async function apiSendEmailCode({
|
|||||||
return code;
|
return code;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (foundUser && foundUser[0] && email_login_field) {
|
if (foundUser?.[0] && email_login_field) {
|
||||||
const tempCode = generateCode();
|
const tempCode = generateCode();
|
||||||
|
|
||||||
let transporter = nodemailer.createTransport({
|
let transporter = nodemailer.createTransport({
|
||||||
@ -102,7 +104,7 @@ module.exports = async function apiSendEmailCode({
|
|||||||
if (!info?.accepted) throw new Error("Mail not Sent!");
|
if (!info?.accepted) throw new Error("Mail not Sent!");
|
||||||
|
|
||||||
const setTempCodeQuery = `UPDATE users SET ${email_login_field} = ? WHERE email = ?`;
|
const setTempCodeQuery = `UPDATE users SET ${email_login_field} = ? WHERE email = ?`;
|
||||||
const setTempCodeValues = [tempCode + `-${Date.now()}`, email];
|
const setTempCodeValues = [tempCode + `-${createdAt}`, email];
|
||||||
|
|
||||||
let setTempCode = await varDatabaseDbHandler({
|
let setTempCode = await varDatabaseDbHandler({
|
||||||
queryString: setTempCodeQuery,
|
queryString: setTempCodeQuery,
|
||||||
@ -110,10 +112,34 @@ module.exports = async function apiSendEmailCode({
|
|||||||
database: database,
|
database: database,
|
||||||
useLocal,
|
useLocal,
|
||||||
});
|
});
|
||||||
}
|
|
||||||
|
|
||||||
return {
|
/** @type {import("../../../types").SendOneTimeCodeEmailResponse} */
|
||||||
|
const resObject = {
|
||||||
success: true,
|
success: true,
|
||||||
|
code: tempCode,
|
||||||
|
email: email,
|
||||||
|
createdAt,
|
||||||
msg: "Success",
|
msg: "Success",
|
||||||
};
|
};
|
||||||
|
|
||||||
|
if (response) {
|
||||||
|
const keyNames = getAuthCookieNames();
|
||||||
|
const oneTimeCodeCookieName = keyNames.oneTimeCodeName;
|
||||||
|
|
||||||
|
const encryptedPayload = encrypt({
|
||||||
|
data: JSON.stringify(resObject),
|
||||||
|
});
|
||||||
|
|
||||||
|
response?.setHeader("Set-Cookie", [
|
||||||
|
`${oneTimeCodeCookieName}=${encryptedPayload};samesite=strict;path=/;HttpOnly=true;Secure=true`,
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
|
return resObject;
|
||||||
|
} else {
|
||||||
|
return {
|
||||||
|
success: false,
|
||||||
|
msg: "Invalid Email/Password format",
|
||||||
|
};
|
||||||
|
}
|
||||||
};
|
};
|
||||||
|
@ -4,5 +4,6 @@ declare function _exports(params?: {
|
|||||||
}): {
|
}): {
|
||||||
keyCookieName: string;
|
keyCookieName: string;
|
||||||
csrfCookieName: string;
|
csrfCookieName: string;
|
||||||
|
oneTimeCodeName: string;
|
||||||
};
|
};
|
||||||
export = _exports;
|
export = _exports;
|
||||||
|
@ -7,12 +7,14 @@
|
|||||||
* @param {string} [params.database]
|
* @param {string} [params.database]
|
||||||
* @param {string | number} [params.userId]
|
* @param {string | number} [params.userId]
|
||||||
*
|
*
|
||||||
* @returns {{ keyCookieName: string, csrfCookieName: string }}
|
* @returns {{ keyCookieName: string, csrfCookieName: string, oneTimeCodeName: string }}
|
||||||
*/
|
*/
|
||||||
module.exports = function getAuthCookieNames(params) {
|
module.exports = function getAuthCookieNames(params) {
|
||||||
const cookiesPrefix = process.env.DSQL_COOKIES_PREFIX || "dsql_";
|
const cookiesPrefix = process.env.DSQL_COOKIES_PREFIX || "dsql_";
|
||||||
const cookiesKeyName = process.env.DSQL_COOKIES_KEY_NAME || "key";
|
const cookiesKeyName = process.env.DSQL_COOKIES_KEY_NAME || "key";
|
||||||
const cookiesCSRFName = process.env.DSQL_COOKIES_CSRF_NAME || "csrf";
|
const cookiesCSRFName = process.env.DSQL_COOKIES_CSRF_NAME || "csrf";
|
||||||
|
const cookieOneTimeCodeName =
|
||||||
|
process.env.DSQL_COOKIES_ONE_TIME_CODE_NAME || "one-time-code";
|
||||||
|
|
||||||
const targetDatabase =
|
const targetDatabase =
|
||||||
params?.database ||
|
params?.database ||
|
||||||
@ -28,8 +30,14 @@ module.exports = function getAuthCookieNames(params) {
|
|||||||
if (targetDatabase) csrfCookieName += `${targetDatabase}_`;
|
if (targetDatabase) csrfCookieName += `${targetDatabase}_`;
|
||||||
csrfCookieName += cookiesCSRFName;
|
csrfCookieName += cookiesCSRFName;
|
||||||
|
|
||||||
|
let oneTimeCodeName = cookiesPrefix;
|
||||||
|
if (params?.userId) oneTimeCodeName += `user_${params.userId}_`;
|
||||||
|
if (targetDatabase) oneTimeCodeName += `${targetDatabase}_`;
|
||||||
|
oneTimeCodeName += cookieOneTimeCodeName;
|
||||||
|
|
||||||
return {
|
return {
|
||||||
keyCookieName,
|
keyCookieName,
|
||||||
csrfCookieName,
|
csrfCookieName,
|
||||||
|
oneTimeCodeName,
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
7
package-shared/types/index.d.ts
vendored
7
package-shared/types/index.d.ts
vendored
@ -1195,4 +1195,11 @@ export interface AceEditorOptions {
|
|||||||
wrapBehavioursEnabled?: boolean;
|
wrapBehavioursEnabled?: boolean;
|
||||||
wrapMethod?: "code" | "text" | "auto";
|
wrapMethod?: "code" | "text" | "auto";
|
||||||
}
|
}
|
||||||
|
export type SendOneTimeCodeEmailResponse = {
|
||||||
|
success: boolean;
|
||||||
|
code?: string;
|
||||||
|
createdAt?: number;
|
||||||
|
email?: string;
|
||||||
|
msg?: string;
|
||||||
|
};
|
||||||
export {};
|
export {};
|
||||||
|
@ -1417,3 +1417,11 @@ export interface AceEditorOptions {
|
|||||||
wrapBehavioursEnabled?: boolean;
|
wrapBehavioursEnabled?: boolean;
|
||||||
wrapMethod?: "code" | "text" | "auto";
|
wrapMethod?: "code" | "text" | "auto";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export type SendOneTimeCodeEmailResponse = {
|
||||||
|
success: boolean;
|
||||||
|
code?: string;
|
||||||
|
createdAt?: number;
|
||||||
|
email?: string;
|
||||||
|
msg?: string;
|
||||||
|
};
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
declare function _exports({ request }: {
|
declare function _exports({ request }: {
|
||||||
request?: http.IncomingMessage;
|
request: http.IncomingMessage;
|
||||||
}): any | null;
|
}): any | null;
|
||||||
export = _exports;
|
export = _exports;
|
||||||
import http = require("http");
|
import http = require("http");
|
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "@moduletrace/datasquirel",
|
"name": "@moduletrace/datasquirel",
|
||||||
"version": "2.8.2",
|
"version": "2.8.3",
|
||||||
"description": "Cloud-based SQL data management tool",
|
"description": "Cloud-based SQL data management tool",
|
||||||
"main": "index.js",
|
"main": "index.js",
|
||||||
"bin": {
|
"bin": {
|
||||||
|
12
users/send-email-code.d.ts
vendored
12
users/send-email-code.d.ts
vendored
@ -14,8 +14,8 @@ export = sendEmailCode;
|
|||||||
* @param {String} [params.key] - FULL ACCESS API Key
|
* @param {String} [params.key] - FULL ACCESS API Key
|
||||||
* @param {String} [params.database] - Target Database
|
* @param {String} [params.database] - Target Database
|
||||||
* @param {string} params.email Login Email/Username and Password
|
* @param {string} params.email Login Email/Username and Password
|
||||||
* @param {http.ServerResponse} [params.response] - Http response object
|
|
||||||
* @param {string} [params.temp_code_field_name] - Database table field name for temporary code
|
* @param {string} [params.temp_code_field_name] - Database table field name for temporary code
|
||||||
|
* @param {http.ServerResponse & Object<string,any>} [params.response]
|
||||||
* @param {string} [params.mail_domain]
|
* @param {string} [params.mail_domain]
|
||||||
* @param {string} [params.mail_username]
|
* @param {string} [params.mail_username]
|
||||||
* @param {string} [params.mail_password]
|
* @param {string} [params.mail_password]
|
||||||
@ -24,14 +24,16 @@ export = sendEmailCode;
|
|||||||
* @param {boolean} [params.user_id] - User ID
|
* @param {boolean} [params.user_id] - User ID
|
||||||
* @param {boolean} [params.useLocal]
|
* @param {boolean} [params.useLocal]
|
||||||
*
|
*
|
||||||
* @returns { Promise<boolean>}
|
* @returns { Promise<import("../package-shared/types").SendOneTimeCodeEmailResponse>}
|
||||||
*/
|
*/
|
||||||
declare function sendEmailCode({ key, email, database, temp_code_field_name, mail_domain, mail_password, mail_username, mail_port, sender, user_id, useLocal, }: {
|
declare function sendEmailCode({ key, email, database, temp_code_field_name, mail_domain, mail_password, mail_username, mail_port, sender, user_id, useLocal, response, }: {
|
||||||
key?: string;
|
key?: string;
|
||||||
database?: string;
|
database?: string;
|
||||||
email: string;
|
email: string;
|
||||||
response?: http.ServerResponse;
|
|
||||||
temp_code_field_name?: string;
|
temp_code_field_name?: string;
|
||||||
|
response?: http.ServerResponse & {
|
||||||
|
[x: string]: any;
|
||||||
|
};
|
||||||
mail_domain?: string;
|
mail_domain?: string;
|
||||||
mail_username?: string;
|
mail_username?: string;
|
||||||
mail_password?: string;
|
mail_password?: string;
|
||||||
@ -39,5 +41,5 @@ declare function sendEmailCode({ key, email, database, temp_code_field_name, mai
|
|||||||
sender?: string;
|
sender?: string;
|
||||||
user_id?: boolean;
|
user_id?: boolean;
|
||||||
useLocal?: boolean;
|
useLocal?: boolean;
|
||||||
}): Promise<boolean>;
|
}): Promise<import("../package-shared/types").SendOneTimeCodeEmailResponse>;
|
||||||
import http = require("http");
|
import http = require("http");
|
||||||
|
@ -6,7 +6,6 @@
|
|||||||
* ==============================================================================
|
* ==============================================================================
|
||||||
*/
|
*/
|
||||||
const http = require("http");
|
const http = require("http");
|
||||||
const https = require("https");
|
|
||||||
const fs = require("fs");
|
const fs = require("fs");
|
||||||
const path = require("path");
|
const path = require("path");
|
||||||
const grabHostNames = require("../package-shared/utils/grab-host-names");
|
const grabHostNames = require("../package-shared/utils/grab-host-names");
|
||||||
@ -28,8 +27,8 @@ const apiSendEmailCode = require("../package-shared/functions/api/users/api-send
|
|||||||
* @param {String} [params.key] - FULL ACCESS API Key
|
* @param {String} [params.key] - FULL ACCESS API Key
|
||||||
* @param {String} [params.database] - Target Database
|
* @param {String} [params.database] - Target Database
|
||||||
* @param {string} params.email Login Email/Username and Password
|
* @param {string} params.email Login Email/Username and Password
|
||||||
* @param {http.ServerResponse} [params.response] - Http response object
|
|
||||||
* @param {string} [params.temp_code_field_name] - Database table field name for temporary code
|
* @param {string} [params.temp_code_field_name] - Database table field name for temporary code
|
||||||
|
* @param {http.ServerResponse & Object<string,any>} [params.response]
|
||||||
* @param {string} [params.mail_domain]
|
* @param {string} [params.mail_domain]
|
||||||
* @param {string} [params.mail_username]
|
* @param {string} [params.mail_username]
|
||||||
* @param {string} [params.mail_password]
|
* @param {string} [params.mail_password]
|
||||||
@ -38,7 +37,7 @@ const apiSendEmailCode = require("../package-shared/functions/api/users/api-send
|
|||||||
* @param {boolean} [params.user_id] - User ID
|
* @param {boolean} [params.user_id] - User ID
|
||||||
* @param {boolean} [params.useLocal]
|
* @param {boolean} [params.useLocal]
|
||||||
*
|
*
|
||||||
* @returns { Promise<boolean>}
|
* @returns { Promise<import("../package-shared/types").SendOneTimeCodeEmailResponse>}
|
||||||
*/
|
*/
|
||||||
async function sendEmailCode({
|
async function sendEmailCode({
|
||||||
key,
|
key,
|
||||||
@ -52,6 +51,7 @@ async function sendEmailCode({
|
|||||||
sender,
|
sender,
|
||||||
user_id,
|
user_id,
|
||||||
useLocal,
|
useLocal,
|
||||||
|
response,
|
||||||
}) {
|
}) {
|
||||||
const grabedHostNames = grabHostNames();
|
const grabedHostNames = grabHostNames();
|
||||||
const { host, port, scheme } = grabedHostNames;
|
const { host, port, scheme } = grabedHostNames;
|
||||||
@ -66,11 +66,6 @@ async function sendEmailCode({
|
|||||||
"utf-8"
|
"utf-8"
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
|
||||||
* Initialize HTTP response variable
|
|
||||||
*/
|
|
||||||
let httpResponse;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check for local DB settings
|
* Check for local DB settings
|
||||||
*
|
*
|
||||||
@ -97,7 +92,7 @@ async function sendEmailCode({
|
|||||||
dbSchema = JSON.parse(fs.readFileSync(localDbSchemaPath, "utf8"));
|
dbSchema = JSON.parse(fs.readFileSync(localDbSchemaPath, "utf8"));
|
||||||
} catch (error) {}
|
} catch (error) {}
|
||||||
|
|
||||||
httpResponse = await apiSendEmailCode({
|
return await apiSendEmailCode({
|
||||||
database: DSQL_DB_NAME,
|
database: DSQL_DB_NAME,
|
||||||
email,
|
email,
|
||||||
email_login_field: emailLoginTempCodeFieldName,
|
email_login_field: emailLoginTempCodeFieldName,
|
||||||
@ -108,6 +103,7 @@ async function sendEmailCode({
|
|||||||
mail_username,
|
mail_username,
|
||||||
sender,
|
sender,
|
||||||
useLocal,
|
useLocal,
|
||||||
|
response,
|
||||||
});
|
});
|
||||||
} else {
|
} else {
|
||||||
/**
|
/**
|
||||||
@ -115,9 +111,9 @@ async function sendEmailCode({
|
|||||||
*
|
*
|
||||||
* @description make a request to datasquirel.com
|
* @description make a request to datasquirel.com
|
||||||
*
|
*
|
||||||
* @type {{ success: boolean, payload: import("../package-shared/types").DATASQUIREL_LoggedInUser | null, userId?: number, msg?: string }}
|
* @type {import("../package-shared/types").SendOneTimeCodeEmailResponse}
|
||||||
*/
|
*/
|
||||||
httpResponse = await new Promise((resolve, reject) => {
|
const httpResponse = await new Promise((resolve, reject) => {
|
||||||
const reqPayload = JSON.stringify({
|
const reqPayload = JSON.stringify({
|
||||||
email,
|
email,
|
||||||
database,
|
database,
|
||||||
@ -173,22 +169,8 @@ async function sendEmailCode({
|
|||||||
httpsRequest.write(reqPayload);
|
httpsRequest.write(reqPayload);
|
||||||
httpsRequest.end();
|
httpsRequest.end();
|
||||||
});
|
});
|
||||||
}
|
|
||||||
|
|
||||||
/** ********************************************** */
|
return httpResponse;
|
||||||
/** ********************************************** */
|
|
||||||
/** ********************************************** */
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Make https request
|
|
||||||
*
|
|
||||||
* @description make a request to datasquirel.com
|
|
||||||
*/
|
|
||||||
if (httpResponse?.success) {
|
|
||||||
return true;
|
|
||||||
} else {
|
|
||||||
console.log(httpResponse);
|
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
19
users/validate-temp-email-code.d.ts
vendored
Normal file
19
users/validate-temp-email-code.d.ts
vendored
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
export = validateTempEmailCode;
|
||||||
|
/**
|
||||||
|
* Verify the temp email code sent to the user's email address
|
||||||
|
* ==============================================================================
|
||||||
|
* @async
|
||||||
|
*
|
||||||
|
* @param {object} params - Single Param object containing params
|
||||||
|
* @param {http.IncomingMessage & Object<string, any>} params.request
|
||||||
|
* @param {string} [params.email]
|
||||||
|
*
|
||||||
|
* @returns { Promise<boolean>}
|
||||||
|
*/
|
||||||
|
declare function validateTempEmailCode({ request, email }: {
|
||||||
|
request: http.IncomingMessage & {
|
||||||
|
[x: string]: any;
|
||||||
|
};
|
||||||
|
email?: string;
|
||||||
|
}): Promise<boolean>;
|
||||||
|
import http = require("http");
|
53
users/validate-temp-email-code.js
Normal file
53
users/validate-temp-email-code.js
Normal file
@ -0,0 +1,53 @@
|
|||||||
|
// @ts-check
|
||||||
|
|
||||||
|
const http = require("http");
|
||||||
|
const getAuthCookieNames = require("../package-shared/functions/backend/cookies/get-auth-cookie-names");
|
||||||
|
const parseCookies = require("../package-shared/utils/backend/parseCookies");
|
||||||
|
const decrypt = require("../package-shared/functions/dsql/decrypt");
|
||||||
|
const EJSON = require("../package-shared/utils/ejson");
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Verify the temp email code sent to the user's email address
|
||||||
|
* ==============================================================================
|
||||||
|
* @async
|
||||||
|
*
|
||||||
|
* @param {object} params - Single Param object containing params
|
||||||
|
* @param {http.IncomingMessage & Object<string, any>} params.request
|
||||||
|
* @param {string} [params.email]
|
||||||
|
*
|
||||||
|
* @returns { Promise<boolean>}
|
||||||
|
*/
|
||||||
|
async function validateTempEmailCode({ request, email }) {
|
||||||
|
try {
|
||||||
|
const keyNames = getAuthCookieNames();
|
||||||
|
const oneTimeCodeCookieName = keyNames.oneTimeCodeName;
|
||||||
|
|
||||||
|
const cookies = parseCookies({ request });
|
||||||
|
const encryptedOneTimeCode = cookies[oneTimeCodeCookieName];
|
||||||
|
|
||||||
|
const encryptedPayload = decrypt({
|
||||||
|
encryptedString: encryptedOneTimeCode,
|
||||||
|
});
|
||||||
|
|
||||||
|
const payload =
|
||||||
|
/** @type {import("../package-shared/types").SendOneTimeCodeEmailResponse | undefined} */ (
|
||||||
|
EJSON.parse(encryptedPayload)
|
||||||
|
);
|
||||||
|
|
||||||
|
if (payload?.email && !email) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (payload?.email && payload.email === email) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
} catch (/** @type {any} */ error) {
|
||||||
|
console.log("validateTempEmailCode error:", error.message);
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
module.exports = validateTempEmailCode;
|
@ -1,68 +0,0 @@
|
|||||||
// @ts-check
|
|
||||||
|
|
||||||
/**
|
|
||||||
* ==============================================================================
|
|
||||||
* Imports
|
|
||||||
* ==============================================================================
|
|
||||||
*/
|
|
||||||
const http = require("http");
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Parse request cookies
|
|
||||||
* ==============================================================================
|
|
||||||
*
|
|
||||||
* @description This function takes in a request object and returns the cookies as a JS object
|
|
||||||
*
|
|
||||||
* @async
|
|
||||||
*
|
|
||||||
* @param {object} params - main params object
|
|
||||||
* @param {http.IncomingMessage} [params.request] - HTTPS request object
|
|
||||||
*
|
|
||||||
* @returns {* | null}
|
|
||||||
*/
|
|
||||||
module.exports = function ({ request }) {
|
|
||||||
if (!request) return {};
|
|
||||||
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
|
|
||||||
/** @type {string | undefined} */
|
|
||||||
const cookieString = request.headers.cookie;
|
|
||||||
|
|
||||||
if (!cookieString || typeof cookieString !== "string") {
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
/** @type {string[]} */
|
|
||||||
const cookieSplitArray = cookieString.split(";");
|
|
||||||
|
|
||||||
/** @type {*} */
|
|
||||||
let cookieObject = {};
|
|
||||||
|
|
||||||
cookieSplitArray.forEach((keyValueString) => {
|
|
||||||
const [key, value] = keyValueString.split("=");
|
|
||||||
if (key && typeof key == "string") {
|
|
||||||
cookieObject[key.replace(/^ +| +$/, "")] =
|
|
||||||
value && typeof value == "string"
|
|
||||||
? value.replace(/^ +| +$/, "")
|
|
||||||
: null;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Make https request
|
|
||||||
*
|
|
||||||
* @description make a request to datasquirel.com
|
|
||||||
*/
|
|
||||||
|
|
||||||
return cookieObject;
|
|
||||||
};
|
|
||||||
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
13
utils/functions/sanitizeSql.d.ts
vendored
13
utils/functions/sanitizeSql.d.ts
vendored
@ -1,13 +0,0 @@
|
|||||||
export = sanitizeSql;
|
|
||||||
/**
|
|
||||||
* Sanitize SQL function
|
|
||||||
* ==============================================================================
|
|
||||||
* @description this function takes in a text(or number) or object or array or
|
|
||||||
* boolean and returns a sanitized version of the same input.
|
|
||||||
*
|
|
||||||
* @param {string|number|object|boolean} input - Text or number or object or boolean
|
|
||||||
* @param {boolean?} spaces - Allow spaces?
|
|
||||||
*
|
|
||||||
* @returns {string|number|object|boolean}
|
|
||||||
*/
|
|
||||||
declare function sanitizeSql(input: string | number | object | boolean, spaces: boolean | null): string | number | object | boolean;
|
|
@ -1,184 +0,0 @@
|
|||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Sanitize SQL function
|
|
||||||
* ==============================================================================
|
|
||||||
* @description this function takes in a text(or number) or object or array or
|
|
||||||
* boolean and returns a sanitized version of the same input.
|
|
||||||
*
|
|
||||||
* @param {string|number|object|boolean} input - Text or number or object or boolean
|
|
||||||
* @param {boolean?} spaces - Allow spaces?
|
|
||||||
*
|
|
||||||
* @returns {string|number|object|boolean}
|
|
||||||
*/
|
|
||||||
function sanitizeSql(input, spaces) {
|
|
||||||
/**
|
|
||||||
* Initial Checks
|
|
||||||
*
|
|
||||||
* @description Initial Checks
|
|
||||||
*/
|
|
||||||
if (!input) return "";
|
|
||||||
if (typeof input == "number" || typeof input == "boolean") return input;
|
|
||||||
if (typeof input == "string" && !input?.toString()?.match(/./)) return "";
|
|
||||||
|
|
||||||
if (typeof input == "object" && !Array.isArray(input)) {
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
|
|
||||||
const newObject = sanitizeObjects(input, spaces);
|
|
||||||
return newObject;
|
|
||||||
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
} else if (typeof input == "object" && Array.isArray(input)) {
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
|
|
||||||
const newArray = sanitizeArrays(input, spaces);
|
|
||||||
return newArray;
|
|
||||||
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
}
|
|
||||||
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Declare variables
|
|
||||||
*
|
|
||||||
* @description Declare "results" variable
|
|
||||||
*/
|
|
||||||
let finalText = input;
|
|
||||||
|
|
||||||
if (spaces) {
|
|
||||||
} else {
|
|
||||||
finalText = input
|
|
||||||
.toString()
|
|
||||||
.replace(/\n|\r|\n\r|\r\n/g, "")
|
|
||||||
.replace(/ /g, "");
|
|
||||||
}
|
|
||||||
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
|
|
||||||
const escapeRegex = /select |insert |drop |delete |alter |create |exec | union | or | like | concat|LOAD_FILE|ASCII| COLLATE | HAVING | information_schema|DECLARE |\#|WAITFOR |delay |BENCHMARK |\/\*.*\*\//gi;
|
|
||||||
|
|
||||||
finalText = finalText
|
|
||||||
.replace(/(?<!\\)\'/g, "\\'")
|
|
||||||
.replace(/(?<!\\)\`/g, "\\`")
|
|
||||||
// .replace(/(?<!\\)\"/g, '\\"')
|
|
||||||
.replace(/\/\*\*\//g, "")
|
|
||||||
.replace(escapeRegex, "\\$&");
|
|
||||||
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
|
|
||||||
return finalText;
|
|
||||||
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
////////////////////////////////////////
|
|
||||||
}
|
|
||||||
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Sanitize Objects Function
|
|
||||||
* ==============================================================================
|
|
||||||
* @description Sanitize objects in the form { key: "value" }
|
|
||||||
*
|
|
||||||
* @param {object} object - Database Full Name
|
|
||||||
* @param {boolean?} spaces - Allow spaces
|
|
||||||
*
|
|
||||||
* @returns {object}
|
|
||||||
*/
|
|
||||||
function sanitizeObjects(object, spaces) {
|
|
||||||
let objectUpdated = { ...object };
|
|
||||||
const keys = Object.keys(objectUpdated);
|
|
||||||
|
|
||||||
keys.forEach((key) => {
|
|
||||||
const value = objectUpdated[key];
|
|
||||||
|
|
||||||
if (!value) {
|
|
||||||
delete objectUpdated[key];
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (typeof value == "string" || typeof value == "number") {
|
|
||||||
objectUpdated[key] = sanitizeSql(value, spaces);
|
|
||||||
} else if (typeof value == "object" && !Array.isArray(value)) {
|
|
||||||
objectUpdated[key] = sanitizeObjects(value, spaces);
|
|
||||||
} else if (typeof value == "object" && Array.isArray(value)) {
|
|
||||||
objectUpdated[key] = sanitizeArrays(value, spaces);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
return objectUpdated;
|
|
||||||
}
|
|
||||||
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Sanitize Objects Function
|
|
||||||
* ==============================================================================
|
|
||||||
* @description Sanitize objects in the form { key: "value" }
|
|
||||||
*
|
|
||||||
* @param {string[]|number[]|object[]} array - Database Full Name
|
|
||||||
* @param {boolean?} spaces - Allow spaces
|
|
||||||
*
|
|
||||||
* @returns {string[]|number[]|object[]}
|
|
||||||
*/
|
|
||||||
function sanitizeArrays(array, spaces) {
|
|
||||||
let arrayUpdated = [...array];
|
|
||||||
|
|
||||||
arrayUpdated.forEach((item, index) => {
|
|
||||||
const value = item;
|
|
||||||
|
|
||||||
if (!value) {
|
|
||||||
arrayUpdated.splice(index, 1);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (typeof item == "string" || typeof item == "number") {
|
|
||||||
arrayUpdated[index] = sanitizeSql(value, spaces);
|
|
||||||
} else if (typeof item == "object" && !Array.isArray(value)) {
|
|
||||||
arrayUpdated[index] = sanitizeObjects(value, spaces);
|
|
||||||
} else if (typeof item == "object" && Array.isArray(value)) {
|
|
||||||
arrayUpdated[index] = sanitizeArrays(item, spaces);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
return arrayUpdated;
|
|
||||||
}
|
|
||||||
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
|
||||||
|
|
||||||
module.exports = sanitizeSql;
|
|
2
utils/functions/serialize-query.d.ts
vendored
2
utils/functions/serialize-query.d.ts
vendored
@ -1,2 +0,0 @@
|
|||||||
export = serializeQuery;
|
|
||||||
declare function serializeQuery(param0: import("../../package-shared/types").SerializeQueryParams): string;
|
|
@ -1,18 +0,0 @@
|
|||||||
// @ts-check
|
|
||||||
|
|
||||||
/** @type {import("../../package-shared/types").SerializeQueryFnType} */
|
|
||||||
function serializeQuery({ query }) {
|
|
||||||
let str = "?";
|
|
||||||
const keys = Object.keys(query);
|
|
||||||
|
|
||||||
/** @type {string[]} */
|
|
||||||
const queryArr = [];
|
|
||||||
keys.forEach((key) => {
|
|
||||||
if (!key || !query[key]) return;
|
|
||||||
queryArr.push(`${key}=${query[key]}`);
|
|
||||||
});
|
|
||||||
str += queryArr.join("&");
|
|
||||||
return str;
|
|
||||||
}
|
|
||||||
|
|
||||||
module.exports = serializeQuery;
|
|
Loading…
Reference in New Issue
Block a user