Syndria98/dragonroll
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Added things

Browse Source
This commit is contained in:
Aran Roig
2026-04-26 18:14:29 +02:00
parent 2ec52a78cf
commit 9048bb0f11
5 changed files with 80 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
backend/package-lock.json generated
View File

@@ -19,7 +19,8 @@
"mongoose": "^9.3.0", "mongoose": "^9.3.0",
"multer": "^2.1.1", "multer": "^2.1.1",
"nodemon": "^3.1.14", "nodemon": "^3.1.14",
"passport": "^0.7.0" "passport": "^0.7.0",
"passport-jwt": "^4.0.1"
} }
}, },
"node_modules/@mongodb-js/saslprep": { "node_modules/@mongodb-js/saslprep": {
@@ -1256,6 +1257,16 @@
"url": "https://github.com/sponsors/jaredhanson" "url": "https://github.com/sponsors/jaredhanson"
} }
}, },
"node_modules/passport-jwt": {
"version": "4.0.1",
"resolved": "https://registry.npmjs.org/passport-jwt/-/passport-jwt-4.0.1.tgz",
"integrity": "sha512-UCKMDYhNuGOBE9/9Ycuoyh7vP6jpeTp/+sfMJl7nLff/t6dps+iaeE0hhNkKN8/HZHcJ7lCdOyDxHdDoxoSvdQ==",
"license": "MIT",
"dependencies": {
"jsonwebtoken": "^9.0.0",
"passport-strategy": "^1.0.0"
}
},
"node_modules/passport-strategy": { "node_modules/passport-strategy": {
"version": "1.0.0", "version": "1.0.0",
"resolved": "https://registry.npmjs.org/passport-strategy/-/passport-strategy-1.0.0.tgz", "resolved": "https://registry.npmjs.org/passport-strategy/-/passport-strategy-1.0.0.tgz",

3
backend/package.json
View File

@@ -20,6 +20,7 @@
"mongoose": "^9.3.0", "mongoose": "^9.3.0",
"multer": "^2.1.1", "multer": "^2.1.1",
"nodemon": "^3.1.14", "nodemon": "^3.1.14",
"passport": "^0.7.0" "passport": "^0.7.0",
"passport-jwt": "^4.0.1"
} }
} }

3
backend/src/index.js
View File

@@ -26,6 +26,9 @@ app.use(express.urlencoded({
// connect database // connect database
connectDB(); connectDB();
app.use(passport.initialize());
require('./services/passport')(passport);
// CORS // CORS
app.use(cookieParser()); app.use(cookieParser());

54
backend/src/routes/user.js
View File

@@ -15,24 +15,44 @@ const User = require("../models/User");
const upload = require("../services/storage"); const upload = require("../services/storage");
router.post('/register', async (req, res) => {
// Admin registers new user
router.post('/register', isAdmin, async (req, res) => {
try { try {
let setupCode = crypto.randomBytes(64).toString('base64url'); const existsAdmin = !!(await User.findOne({ admin: true }));
const {
username,
email,
name,
password
} = req.body;
// Check if email or username already exists
const existingUser = await User.findOne({
$or: [
{ email: email },
{ username: username }
]
});
if (existingUser) {
return res.json({
status: "error",
msg: "register.errors.email-username-exists"
});
}
const salt = await bcrypt.genSalt(10);
let user = new User({ let user = new User({
admin: false, admin: !existsAdmin,
name: crypto.randomBytes(16).toString('base64url'), name: name,
username: crypto.randomBytes(16).toString('base64url'), username: username,
email: crypto.randomBytes(16).toString('base64url'), email: email,
setupCode password: await bcrypt.hash(password, salt)
}); });
await user.save(); await user.save();
res.json({ status: "ok", code: setupCode }); res.json({ status: "ok", code: setupCode });
} catch (err) { } catch (err) {
res.json({ status: "error", msg: "internal" }); res.json({ status: "error", msg: "errors.internal" });
} }
}); });
@@ -85,21 +105,21 @@ router.post('/setup', rateLimitMiddleware, async (req, res) => {
// Login post // Login post
router.post('/login', rateLimitMiddleware, async (req, res) => { router.post('/login', rateLimitMiddleware, async (req, res) => {
const { username, password } = req.body; const { usermail, password } = req.body;
if (!(username && password)) { if (!(usermail && password)) {
return res.json({ status: "error", msg: "params" }); return res.json({ status: "error", msg: "login.errors.params" });
} }
try { try {
const user = await User.findOne({ username }); const user = await User.findOne({ $or: [{ username: usermail }, { email: usermail }] });
if (!user) { if (!user) {
return res.json({ status: "error", msg: "wrong" }); return res.json({ status: "error", msg: "login.errors.invalid-credentials" });
} }
const isMatch = await bcrypt.compare(password, user.password); const isMatch = await bcrypt.compare(password, user.password);
if (!isMatch) { if (!isMatch) {
return res.json({ status: "error", msg: "wrong" }); return res.json({ status: "error", msg: "login.errors.invalid-credentials" });
} }
const payload = { const payload = {
@@ -120,7 +140,7 @@ router.post('/login', rateLimitMiddleware, async (req, res) => {
res.json({ status: "ok", token, msg: "success" }); res.json({ status: "ok", token, msg: "success" });
} catch (err) { } catch (err) {
res.json({ status: "error", msg: "internal" }); res.json({ status: "error", msg: "errors.internal" });
} }
}); });

25
backend/src/services/passport.js Normal file
View File

@@ -0,0 +1,25 @@
const JwtStrategy = require('passport-jwt').Strategy;
const ExtractJwt = require('passport-jwt').ExtractJwt;
const User = require('../models/User');
const key = require('./keys').secret;
const opts = {
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
secretOrKey: key
};
module.exports = passport => {
passport.use(
new JwtStrategy(opts, async (jwt_payload, done) => {
try {
const user = await User.findById(jwt_payload._id);
if (user) return done(null, user);
return done(null, false);
} catch (err) {
console.log(err);
return done(err, false);
}
})
)
}