Merge branch 'develop'

author: syuilo <syuilotan@yahoo.co.jp> 2019-04-14 20:38:55 +0900
committer: syuilo <syuilotan@yahoo.co.jp> 2019-04-14 20:38:55 +0900
commit: d66e4b7ff97d512e2a2523815e2eef170456b37f (patch)
tree: 59ae1a102d88b5c2c2236b734ea4a584b4f9ba46 /src/server/api/endpoints/i/2fa
parent: 10.100.0 (diff)
parent: 11.0.0 (diff)
download: misskey-d66e4b7ff97d512e2a2523815e2eef170456b37f.tar.gz
misskey-d66e4b7ff97d512e2a2523815e2eef170456b37f.tar.bz2
misskey-d66e4b7ff97d512e2a2523815e2eef170456b37f.zip
3 files changed, 26 insertions, 27 deletions
diff --git a/src/server/api/endpoints/i/2fa/done.ts b/src/server/api/endpoints/i/2fa/done.ts
index 556354c386..e23678dcbb 100644
--- a/src/server/api/endpoints/i/2fa/done.ts
+++ b/src/server/api/endpoints/i/2fa/done.ts
@@ -1,7 +1,8 @@
 import $ from 'cafy';
 import * as speakeasy from 'speakeasy';
-import User from '../../../../../models/user';
 import define from '../../../define';
+import { UserProfiles } from '../../../../../models';
+import { ensure } from '../../../../../prelude/ensure';
 
 export const meta = {
 	requireCredential: true,
@@ -16,28 +17,26 @@ export const meta = {
 };
 
 export default define(meta, async (ps, user) => {
-	const _token = ps.token.replace(/\s/g, '');
+	const token = ps.token.replace(/\s/g, '');
 
-	if (user.twoFactorTempSecret == null) {
+	const profile = await UserProfiles.findOne({ userId: user.id }).then(ensure);
+
+	if (profile.twoFactorTempSecret == null) {
 		throw new Error('二段階認証の設定が開始されていません');
 	}
 
 	const verified = (speakeasy as any).totp.verify({
-		secret: user.twoFactorTempSecret,
+		secret: profile.twoFactorTempSecret,
 		encoding: 'base32',
-		token: _token
+		token: token
 	});
 
 	if (!verified) {
 		throw new Error('not verified');
 	}
 
-	await User.update(user._id, {
-		$set: {
-			'twoFactorSecret': user.twoFactorTempSecret,
-			'twoFactorEnabled': true
-		}
+	await UserProfiles.update({ userId: user.id }, {
+		twoFactorSecret: profile.twoFactorTempSecret,
+		twoFactorEnabled: true
 	});
-
-	return;
 });
diff --git a/src/server/api/endpoints/i/2fa/register.ts b/src/server/api/endpoints/i/2fa/register.ts
index 302b51ec0b..76d79b3a49 100644
--- a/src/server/api/endpoints/i/2fa/register.ts
+++ b/src/server/api/endpoints/i/2fa/register.ts
@@ -2,9 +2,10 @@ import $ from 'cafy';
 import * as bcrypt from 'bcryptjs';
 import * as speakeasy from 'speakeasy';
 import * as QRCode from 'qrcode';
-import User from '../../../../../models/user';
 import config from '../../../../../config';
 import define from '../../../define';
+import { UserProfiles } from '../../../../../models';
+import { ensure } from '../../../../../prelude/ensure';
 
 export const meta = {
 	requireCredential: true,
@@ -19,8 +20,10 @@ export const meta = {
 };
 
 export default define(meta, async (ps, user) => {
+	const profile = await UserProfiles.findOne({ userId: user.id }).then(ensure);
+
 	// Compare password
-	const same = await bcrypt.compare(ps.password, user.password);
+	const same = await bcrypt.compare(ps.password, profile.password!);
 
 	if (!same) {
 		throw new Error('incorrect password');
@@ -31,10 +34,8 @@ export default define(meta, async (ps, user) => {
 		length: 32
 	});
 
-	await User.update(user._id, {
-		$set: {
-			twoFactorTempSecret: secret.base32
-		}
+	await UserProfiles.update({ userId: user.id }, {
+		twoFactorTempSecret: secret.base32
 	});
 
 	// Get the data URL of the authenticator URL
diff --git a/src/server/api/endpoints/i/2fa/unregister.ts b/src/server/api/endpoints/i/2fa/unregister.ts
index 37b2639198..9c7857e7ef 100644
--- a/src/server/api/endpoints/i/2fa/unregister.ts
+++ b/src/server/api/endpoints/i/2fa/unregister.ts
@@ -1,7 +1,8 @@
 import $ from 'cafy';
 import * as bcrypt from 'bcryptjs';
-import User from '../../../../../models/user';
 import define from '../../../define';
+import { UserProfiles } from '../../../../../models';
+import { ensure } from '../../../../../prelude/ensure';
 
 export const meta = {
 	requireCredential: true,
@@ -16,19 +17,17 @@ export const meta = {
 };
 
 export default define(meta, async (ps, user) => {
+	const profile = await UserProfiles.findOne({ userId: user.id }).then(ensure);
+
 	// Compare password
-	const same = await bcrypt.compare(ps.password, user.password);
+	const same = await bcrypt.compare(ps.password, profile.password!);
 
 	if (!same) {
 		throw new Error('incorrect password');
 	}
 
-	await User.update(user._id, {
-		$set: {
-			'twoFactorSecret': null,
-			'twoFactorEnabled': false
-		}
+	await UserProfiles.update({ userId: user.id }, {
+		twoFactorSecret: null,
+		twoFactorEnabled: false
 	});
-
-	return;
 });
author	syuilo <syuilotan@yahoo.co.jp>	2019-04-14 20:38:55 +0900
committer	syuilo <syuilotan@yahoo.co.jp>	2019-04-14 20:38:55 +0900
commit	d66e4b7ff97d512e2a2523815e2eef170456b37f (patch)
tree	59ae1a102d88b5c2c2236b734ea4a584b4f9ba46 /src/server/api/endpoints/i/2fa
parent	10.100.0 (diff)
parent	11.0.0 (diff)
download	misskey-d66e4b7ff97d512e2a2523815e2eef170456b37f.tar.gz misskey-d66e4b7ff97d512e2a2523815e2eef170456b37f.tar.bz2 misskey-d66e4b7ff97d512e2a2523815e2eef170456b37f.zip