(() => { var exports = {}; exports.id = 7295; exports.ids = [7295]; exports.modules = { /***/ 5184: /***/ ((module) => { "use strict"; module.exports = require("nodemailer"); /***/ }), /***/ 2261: /***/ ((module) => { "use strict"; module.exports = require("serverless-mysql"); /***/ }), /***/ 4300: /***/ ((module) => { "use strict"; module.exports = require("buffer"); /***/ }), /***/ 6113: /***/ ((module) => { "use strict"; module.exports = require("crypto"); /***/ }), /***/ 7147: /***/ ((module) => { "use strict"; module.exports = require("fs"); /***/ }), /***/ 1017: /***/ ((module) => { "use strict"; module.exports = require("path"); /***/ }), /***/ 5425: /***/ ((module, __unused_webpack_exports, __webpack_require__) => { "use strict"; // @ts-check const { scryptSync , createDecipheriv } = __webpack_require__(6113); const { Buffer } = __webpack_require__(4300); /** * @param {string} encryptedString * @returns {string | null} */ const decrypt = (encryptedString)=>{ const algorithm = "aes-192-cbc"; const password = process.env.DSQL_ENCRYPTION_PASSWORD || ""; const salt = process.env.DSQL_ENCRYPTION_SALT || ""; let key = scryptSync(password, salt, 24); let iv = Buffer.alloc(16, 0); // @ts-ignore const decipher = createDecipheriv(algorithm, key, iv); try { let decrypted = decipher.update(encryptedString, "hex", "utf8"); decrypted += decipher.final("utf8"); return decrypted; } catch (error) { return null; } }; module.exports = decrypt; /***/ }), /***/ 5382: /***/ ((__unused_webpack_module, exports, __webpack_require__) => { // @ts-check const { createHmac } = __webpack_require__(6113); // /** * # Password Hash function * @param {string} password * @returns */ function hashPassword(password) { const hmac = createHmac("sha512", process.env.DSQL_ENCRYPTION_PASSWORD || ""); hmac.update(password); let hashed = hmac.digest("base64"); return hashed; } exports.hashPassword = hashPassword; // export const comparePasswords = async (password) => { // const hmac = createHmac("sha512", process.env.DSQL_ENCRYPTION_PASSWORD); // hmac.update(password); // let hashed = hmac.digest("base64"); // let dbPass = await global.DB_HANDLER(`SELECT * FROM users WHERE password = '${hashed}'`); // console.log(dbPass); // return dbPass; // }; /***/ }), /***/ 9916: /***/ ((__unused_webpack_module, __webpack_exports__, __webpack_require__) => { "use strict"; __webpack_require__.r(__webpack_exports__); /* harmony export */ __webpack_require__.d(__webpack_exports__, { /* harmony export */ "default": () => (/* binding */ handler) /* harmony export */ }); /* harmony import */ var _package_shared_functions_backend_decrypt__WEBPACK_IMPORTED_MODULE_0__ = __webpack_require__(5425); /* harmony import */ var _package_shared_functions_backend_decrypt__WEBPACK_IMPORTED_MODULE_0___default = /*#__PURE__*/__webpack_require__.n(_package_shared_functions_backend_decrypt__WEBPACK_IMPORTED_MODULE_0__); /* harmony import */ var _package_shared_functions_backend_passwordHash__WEBPACK_IMPORTED_MODULE_1__ = __webpack_require__(5382); /* harmony import */ var _functions_backend_serverError__WEBPACK_IMPORTED_MODULE_2__ = __webpack_require__(2163); /* harmony import */ var _functions_backend_serverError__WEBPACK_IMPORTED_MODULE_2___default = /*#__PURE__*/__webpack_require__.n(_functions_backend_serverError__WEBPACK_IMPORTED_MODULE_2__); /* harmony import */ var _package_shared_functions_backend_varDatabaseDbHandler__WEBPACK_IMPORTED_MODULE_3__ = __webpack_require__(1311); /* harmony import */ var _package_shared_functions_backend_varDatabaseDbHandler__WEBPACK_IMPORTED_MODULE_3___default = /*#__PURE__*/__webpack_require__.n(_package_shared_functions_backend_varDatabaseDbHandler__WEBPACK_IMPORTED_MODULE_3__); // @ts-check /** * ============================================================================== * Imports * ============================================================================== */ const fs = __webpack_require__(7147); const nodemailer = __webpack_require__(5184); const path = __webpack_require__(1017); /** ****************************************************************************** */ /** ****************************************************************************** */ /** ****************************************************************************** */ /** ****************************************************************************** */ /** ****************************************************************************** */ /** ****************************************************************************** */ /** * API handler * ============================================================================== * @type {import("next").NextApiHandler} */ async function handler(req, res) { /** * Check method * * @description Check request method and return if invalid */ if (req.method !== "POST") return res.json({ msg: "Failed!" }); /** * Send Response * * @description Send a boolean response */ try { /** * User auth * * @description Authenticate user */ const deletedKeys = fs.readFileSync("./apiKeys/deleted.txt", "utf8"); /** @type {string} */ // @ts-ignore const authorization = req.headers.authorization; if (deletedKeys.includes(authorization)) { return res.json({ success: false, msg: "Key Inactive!" }); } const userJSON = _package_shared_functions_backend_decrypt__WEBPACK_IMPORTED_MODULE_0___default()(authorization); if (!userJSON) throw new Error("Failed!"); const user = JSON.parse(userJSON); const { user_id , full_access , csrf } = user; try { const decryptedCsrfJSON = _package_shared_functions_backend_decrypt__WEBPACK_IMPORTED_MODULE_0___default()(csrf); const decryptedCsrf = JSON.parse(decryptedCsrfJSON || ""); } catch (/** @type {any} */ error) { _functions_backend_serverError__WEBPACK_IMPORTED_MODULE_2___default()({ component: "/api/user/login-user/lines-61-64", message: error.message, user: {} }); } if (!full_access || !csrf) return res.json({ success: false, msg: "Unauthorized" }); /** * User auth * * @description Authenticate user */ const reqBody = req.body; const { email , database , email_login_field , mail_domain , mail_password , mail_username , mail_port , sender , html , } = reqBody; const dbFullName = `datasquirel_user_${user_id}_${database}`; /** * Check input validity * * @description Check input validity */ if (email?.match(/ /)) { return res.json({ success: false, msg: "Invalid Email/Password format" }); } //////////////////////////////////////// //////////////////////////////////////// //////////////////////////////////////// let foundUser = await _package_shared_functions_backend_varDatabaseDbHandler__WEBPACK_IMPORTED_MODULE_3___default()({ queryString: `SELECT * FROM users WHERE email = ?`, queryValuesArray: [ email ], database: dbFullName.replace(/[^a-z0-9_]/g, "") }); //////////////////////////////////////// //////////////////////////////////////// //////////////////////////////////////// if (!foundUser || !foundUser[0]) { return res.json({ success: false, payload: null, msg: "No user found" }); } function generateCode() { const chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; let code = ""; for(let i = 0; i < 8; i++){ code += chars[Math.floor(Math.random() * chars.length)]; } return code; } if (foundUser && foundUser[0] && email_login_field) { const tempCode = generateCode(); let transporter = nodemailer.createTransport({ host: mail_domain || process.env.DSQL_MAIL_HOST, port: mail_port || 465, secure: true, auth: { user: mail_username || process.env.DSQL_MAIL_EMAIL, pass: mail_password || process.env.DSQL_MAIL_PASSWORD } }); let mailObject = {}; mailObject["from"] = `"Datasquirel SSO" <${sender || "support@datasquirel.com"}>`; mailObject["sender"] = sender || "support@datasquirel.com"; mailObject["to"] = email; mailObject["subject"] = "One Time Login Code"; mailObject["html"] = html.replace(/{{code}}/, tempCode); const info = await transporter.sendMail(mailObject); if (!info?.accepted) throw new Error("Mail not Sent!"); //////////////////////////////////////// //////////////////////////////////////// //////////////////////////////////////// let setTempCode = await _package_shared_functions_backend_varDatabaseDbHandler__WEBPACK_IMPORTED_MODULE_3___default()({ queryString: `UPDATE users SET ${email_login_field} = ? WHERE email = ?`, queryValuesArray: [ tempCode + `-${Date.now()}`, email ], database: dbFullName.replace(/[^a-z0-9_]/g, "") }); } //////////////////////////////////////// //////////////////////////////////////// //////////////////////////////////////// res.json({ success: true, msg: "Success" }); //////////////////////////////////////// } catch (/** @type {any} */ error1) { //////////////////////////////////////// _functions_backend_serverError__WEBPACK_IMPORTED_MODULE_2___default()({ component: "/api/user/login-user/main-catch-error", message: error1.message, user: {} }); res.json({ success: false, msg: "Failed: " + error1.message }); //////////////////////////////////////// } } /***/ }) }; ; // load runtime var __webpack_require__ = require("../../../webpack-api-runtime.js"); __webpack_require__.C(exports); var __webpack_exec__ = (moduleId) => (__webpack_require__(__webpack_require__.s = moduleId)) var __webpack_exports__ = __webpack_require__.X(0, [2224,2163,3017,3403,8326,1311], () => (__webpack_exec__(9916))); module.exports = __webpack_exports__; })();