Syndria98/dragonroll
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Added things

Browse Source
This commit is contained in:
Aran Roig
2026-04-26 18:14:29 +02:00
parent 2ec52a78cf
commit 9048bb0f11
5 changed files with 80 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
backend/src/index.js
View File

@@ -26,6 +26,9 @@ app.use(express.urlencoded({
// connect database
connectDB();
app.use(passport.initialize());
require('./services/passport')(passport);
// CORS
app.use(cookieParser());

56
backend/src/routes/user.js
View File

@@ -15,24 +15,44 @@ const User = require("../models/User");
const upload = require("../services/storage");
// Admin registers new user
router.post('/register', isAdmin, async (req, res) => {
router.post('/register', async (req, res) => {
try {
let setupCode = crypto.randomBytes(64).toString('base64url');
const existsAdmin = !!(await User.findOne({ admin: true }));
const {
username,
email,
name,
password
} = req.body;
// Check if email or username already exists
const existingUser = await User.findOne({
$or: [
{ email: email },
{ username: username }
]
});
if (existingUser) {
return res.json({
status: "error",
msg: "register.errors.email-username-exists"
});
}
const salt = await bcrypt.genSalt(10);
let user = new User({
admin: false,
name: crypto.randomBytes(16).toString('base64url'),
username: crypto.randomBytes(16).toString('base64url'),
email: crypto.randomBytes(16).toString('base64url'),
setupCode
admin: !existsAdmin,
name: name,
username: username,
email: email,
password: await bcrypt.hash(password, salt)
});
await user.save();
res.json({ status: "ok", code: setupCode });
} catch (err) {
res.json({ status: "error", msg: "internal" });
res.json({ status: "error", msg: "errors.internal" });
}
});
@@ -85,21 +105,21 @@ router.post('/setup', rateLimitMiddleware, async (req, res) => {
// Login post
router.post('/login', rateLimitMiddleware, async (req, res) => {
const { username, password } = req.body;
const { usermail, password } = req.body;
if (!(username && password)) {
return res.json({ status: "error", msg: "params" });
if (!(usermail && password)) {
return res.json({ status: "error", msg: "login.errors.params" });
}
try {
const user = await User.findOne({ username });
const user = await User.findOne({ $or: [{ username: usermail }, { email: usermail }] });
if (!user) {
return res.json({ status: "error", msg: "wrong" });
return res.json({ status: "error", msg: "login.errors.invalid-credentials" });
}
const isMatch = await bcrypt.compare(password, user.password);
if (!isMatch) {
return res.json({ status: "error", msg: "wrong" });
return res.json({ status: "error", msg: "login.errors.invalid-credentials" });
}
const payload = {
@@ -120,7 +140,7 @@ router.post('/login', rateLimitMiddleware, async (req, res) => {
res.json({ status: "ok", token, msg: "success" });
} catch (err) {
res.json({ status: "error", msg: "internal" });
res.json({ status: "error", msg: "errors.internal" });
}
});

25
backend/src/services/passport.js Normal file
View File

@@ -0,0 +1,25 @@
const JwtStrategy = require('passport-jwt').Strategy;
const ExtractJwt = require('passport-jwt').ExtractJwt;
const User = require('../models/User');
const key = require('./keys').secret;
const opts = {
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
secretOrKey: key
};
module.exports = passport => {
passport.use(
new JwtStrategy(opts, async (jwt_payload, done) => {
try {
const user = await User.findById(jwt_payload._id);
if (user) return done(null, user);
return done(null, false);
} catch (err) {
console.log(err);
return done(err, false);
}
})
)
}