Resolve #2623

author: syuilo <syuilotan@yahoo.co.jp> 2018-11-02 12:49:08 +0900
committer: syuilo <syuilotan@yahoo.co.jp> 2018-11-02 12:49:08 +0900
commit: a7e6b766be6b30b37839beb13f31d96b141cc25a (patch)
tree: b6bf96ae808260f0aa94767835d59d25f7f889a7 /src/server/api/endpoints/i
parent: Update src/server/api/endpoints/meta.ts (diff)
download: sharkey-a7e6b766be6b30b37839beb13f31d96b141cc25a.tar.gz
sharkey-a7e6b766be6b30b37839beb13f31d96b141cc25a.tar.bz2
sharkey-a7e6b766be6b30b37839beb13f31d96b141cc25a.zip
10 files changed, 165 insertions, 93 deletions
diff --git a/src/server/api/endpoints/i/2fa/done.ts b/src/server/api/endpoints/i/2fa/done.ts
index 6d38ca1de1..40b45a3d0b 100644
--- a/src/server/api/endpoints/i/2fa/done.ts
+++ b/src/server/api/endpoints/i/2fa/done.ts
@@ -1,18 +1,25 @@
 import $ from 'cafy';
 import * as speakeasy from 'speakeasy';
 import User, { ILocalUser } from '../../../../../models/user';
+import getParams from '../../../get-params';
 
 export const meta = {
 	requireCredential: true,
-	secure: true
+
+	secure: true,
+
+	params: {
+		token: {
+			validator: $.str
+		}
+	}
 };
 
 export default async (params: any, user: ILocalUser) => new Promise(async (res, rej) => {
-	// Get 'token' parameter
-	const [token, tokenErr] = $.str.get(params.token);
-	if (tokenErr) return rej('invalid token param');
+	const [ps, psErr] = getParams(meta, params);
+	if (psErr) return rej(psErr);
 
-	const _token = token.replace(/\s/g, '');
+	const _token = ps.token.replace(/\s/g, '');
 
 	if (user.twoFactorTempSecret == null) {
 		return rej('二段階認証の設定が開始されていません');
diff --git a/src/server/api/endpoints/i/2fa/register.ts b/src/server/api/endpoints/i/2fa/register.ts
index 0466a4f366..4d6b05b787 100644
--- a/src/server/api/endpoints/i/2fa/register.ts
+++ b/src/server/api/endpoints/i/2fa/register.ts
@@ -4,19 +4,26 @@ import * as speakeasy from 'speakeasy';
 import * as QRCode from 'qrcode';
 import User, { ILocalUser } from '../../../../../models/user';
 import config from '../../../../../config';
+import getParams from '../../../get-params';
 
 export const meta = {
 	requireCredential: true,
-	secure: true
+
+	secure: true,
+
+	params: {
+		password: {
+			validator: $.str
+		}
+	}
 };
 
 export default async (params: any, user: ILocalUser) => new Promise(async (res, rej) => {
-	// Get 'password' parameter
-	const [password, passwordErr] = $.str.get(params.password);
-	if (passwordErr) return rej('invalid password param');
+	const [ps, psErr] = getParams(meta, params);
+	if (psErr) return rej(psErr);
 
 	// Compare password
-	const same = await bcrypt.compare(password, user.password);
+	const same = await bcrypt.compare(ps.password, user.password);
 
 	if (!same) {
 		return rej('incorrect password');
diff --git a/src/server/api/endpoints/i/2fa/unregister.ts b/src/server/api/endpoints/i/2fa/unregister.ts
index accf3ea0f2..e3a1bd43de 100644
--- a/src/server/api/endpoints/i/2fa/unregister.ts
+++ b/src/server/api/endpoints/i/2fa/unregister.ts
@@ -1,19 +1,26 @@
 import $ from 'cafy';
 import * as bcrypt from 'bcryptjs';
 import User, { ILocalUser } from '../../../../../models/user';
+import getParams from '../../../get-params';
 
 export const meta = {
 	requireCredential: true,
-	secure: true
+
+	secure: true,
+
+	params: {
+		password: {
+			validator: $.str
+		}
+	}
 };
 
 export default async (params: any, user: ILocalUser) => new Promise(async (res, rej) => {
-	// Get 'password' parameter
-	const [password, passwordErr] = $.str.get(params.password);
-	if (passwordErr) return rej('invalid password param');
+	const [ps, psErr] = getParams(meta, params);
+	if (psErr) return rej(psErr);
 
 	// Compare password
-	const same = await bcrypt.compare(password, user.password);
+	const same = await bcrypt.compare(ps.password, user.password);
 
 	if (!same) {
 		return rej('incorrect password');
diff --git a/src/server/api/endpoints/i/authorized_apps.ts b/src/server/api/endpoints/i/authorized_apps.ts
index 9c15670d17..09bcd2dcb6 100644
--- a/src/server/api/endpoints/i/authorized_apps.ts
+++ b/src/server/api/endpoints/i/authorized_apps.ts
@@ -2,38 +2,47 @@ import $ from 'cafy';
 import AccessToken from '../../../../models/access-token';
 import { pack } from '../../../../models/app';
 import { ILocalUser } from '../../../../models/user';
+import getParams from '../../get-params';
 
 export const meta = {
 	requireCredential: true,
-	secure: true
-};
 
-export default (params: any, user: ILocalUser) => new Promise(async (res, rej) => {
-	// Get 'limit' parameter
-	const [limit = 10, limitErr] = $.num.optional.range(1, 100).get(params.limit);
-	if (limitErr) return rej('invalid limit param');
+	secure: true,
+
+	params: {
+		limit: {
+			validator: $.num.optional.range(1, 100),
+			default: 10,
+		},
 
-	// Get 'offset' parameter
-	const [offset = 0, offsetErr] = $.num.optional.min(0).get(params.offset);
-	if (offsetErr) return rej('invalid offset param');
+		offset: {
+			validator: $.num.optional.min(0),
+			default: 0,
+		},
 
-	// Get 'sort' parameter
-	const [sort = 'desc', sortError] = $.str.optional.or('desc asc').get(params.sort);
-	if (sortError) return rej('invalid sort param');
+		sort: {
+			validator: $.str.optional.or('desc|asc'),
+			default: 'desc',
+		}
+	}
+};
+
+export default (params: any, user: ILocalUser) => new Promise(async (res, rej) => {
+	const [ps, psErr] = getParams(meta, params);
+	if (psErr) return rej(psErr);
 
 	// Get tokens
 	const tokens = await AccessToken
 		.find({
 			userId: user._id
 		}, {
-			limit: limit,
-			skip: offset,
+			limit: ps.limit,
+			skip: ps.offset,
 			sort: {
-				_id: sort == 'asc' ? 1 : -1
+				_id: ps.sort == 'asc' ? 1 : -1
 			}
 		});
 
-	// Serialize
 	res(await Promise.all(tokens.map(token => pack(token.appId, user, {
 		detail: true
 	}))));
diff --git a/src/server/api/endpoints/i/change_password.ts b/src/server/api/endpoints/i/change_password.ts
index dc0f060c08..818637e224 100644
--- a/src/server/api/endpoints/i/change_password.ts
+++ b/src/server/api/endpoints/i/change_password.ts
@@ -1,23 +1,30 @@
 import $ from 'cafy';
 import * as bcrypt from 'bcryptjs';
 import User, { ILocalUser } from '../../../../models/user';
+import getParams from '../../get-params';
 
 export const meta = {
 	requireCredential: true,
-	secure: true
+
+	secure: true,
+
+	params: {
+		currentPassword: {
+			validator: $.str
+		},
+
+		newPassword: {
+			validator: $.str
+		}
+	}
 };
 
 export default async (params: any, user: ILocalUser) => new Promise(async (res, rej) => {
-	// Get 'currentPasword' parameter
-	const [currentPassword, currentPasswordErr] = $.str.get(params.currentPasword);
-	if (currentPasswordErr) return rej('invalid currentPasword param');
-
-	// Get 'newPassword' parameter
-	const [newPassword, newPasswordErr] = $.str.get(params.newPassword);
-	if (newPasswordErr) return rej('invalid newPassword param');
+	const [ps, psErr] = getParams(meta, params);
+	if (psErr) return rej(psErr);
 
 	// Compare password
-	const same = await bcrypt.compare(currentPassword, user.password);
+	const same = await bcrypt.compare(ps.currentPassword, user.password);
 
 	if (!same) {
 		return rej('incorrect password');
@@ -25,7 +32,7 @@ export default async (params: any, user: ILocalUser) => new Promise(async (res,
 
 	// Generate hash of password
 	const salt = await bcrypt.genSalt(8);
-	const hash = await bcrypt.hash(newPassword, salt);
+	const hash = await bcrypt.hash(ps.newPassword, salt);
 
 	await User.update(user._id, {
 		$set: {
diff --git a/src/server/api/endpoints/i/regenerate_token.ts b/src/server/api/endpoints/i/regenerate_token.ts
index 2d85f06cfa..81997362fc 100644
--- a/src/server/api/endpoints/i/regenerate_token.ts
+++ b/src/server/api/endpoints/i/regenerate_token.ts
@@ -3,19 +3,26 @@ import * as bcrypt from 'bcryptjs';
 import User, { ILocalUser } from '../../../../models/user';
 import { publishMainStream } from '../../../../stream';
 import generateUserToken from '../../common/generate-native-user-token';
+import getParams from '../../get-params';
 
 export const meta = {
 	requireCredential: true,
-	secure: true
+
+	secure: true,
+
+	params: {
+		password: {
+			validator: $.str
+		}
+	}
 };
 
 export default async (params: any, user: ILocalUser) => new Promise(async (res, rej) => {
-	// Get 'password' parameter
-	const [password, passwordErr] = $.str.get(params.password);
-	if (passwordErr) return rej('invalid password param');
+	const [ps, psErr] = getParams(meta, params);
+	if (psErr) return rej(psErr);
 
 	// Compare password
-	const same = await bcrypt.compare(password, user.password);
+	const same = await bcrypt.compare(ps.password, user.password);
 
 	if (!same) {
 		return rej('incorrect password');
diff --git a/src/server/api/endpoints/i/update_client_setting.ts b/src/server/api/endpoints/i/update_client_setting.ts
index 2c05299dff..a1631b1d95 100644
--- a/src/server/api/endpoints/i/update_client_setting.ts
+++ b/src/server/api/endpoints/i/update_client_setting.ts
@@ -1,23 +1,30 @@
 import $ from 'cafy';
 import User, { ILocalUser } from '../../../../models/user';
 import { publishMainStream } from '../../../../stream';
+import getParams from '../../get-params';
 
 export const meta = {
 	requireCredential: true,
-	secure: true
+
+	secure: true,
+
+	params: {
+		name: {
+			validator: $.str
+		},
+
+		value: {
+			validator: $.any.nullable
+		}
+	}
 };
 
 export default async (params: any, user: ILocalUser) => new Promise(async (res, rej) => {
-	// Get 'name' parameter
-	const [name, nameErr] = $.str.get(params.name);
-	if (nameErr) return rej('invalid name param');
-
-	// Get 'value' parameter
-	const [value, valueErr] = $.any.nullable.get(params.value);
-	if (valueErr) return rej('invalid value param');
+	const [ps, psErr] = getParams(meta, params);
+	if (psErr) return rej(psErr);
 
 	const x: any = {};
-	x[`clientSettings.${name}`] = value;
+	x[`clientSettings.${name}`] = ps.value;
 
 	await User.update(user._id, {
 		$set: x
@@ -28,6 +35,6 @@ export default async (params: any, user: ILocalUser) => new Promise(async (res,
 	// Publish event
 	publishMainStream(user._id, 'clientSettingUpdated', {
 		key: name,
-		value
+		value: ps.value
 	});
 });
diff --git a/src/server/api/endpoints/i/update_home.ts b/src/server/api/endpoints/i/update_home.ts
index 27afc9fe5a..eadd0290ab 100644
--- a/src/server/api/endpoints/i/update_home.ts
+++ b/src/server/api/endpoints/i/update_home.ts
@@ -1,29 +1,36 @@
 import $ from 'cafy';
 import User, { ILocalUser } from '../../../../models/user';
 import { publishMainStream } from '../../../../stream';
+import getParams from '../../get-params';
 
 export const meta = {
 	requireCredential: true,
-	secure: true
+
+	secure: true,
+
+	params: {
+		home: {
+			validator: $.arr($.obj({
+				name: $.str,
+				id: $.str,
+				place: $.str,
+				data: $.obj()
+			}).strict())
+		}
+	}
 };
 
 export default async (params: any, user: ILocalUser) => new Promise(async (res, rej) => {
-	// Get 'home' parameter
-	const [home, homeErr] = $.arr($.obj({
-		name: $.str,
-		id: $.str,
-		place: $.str,
-		data: $.obj()
-	}).strict()).get(params.home);
-	if (homeErr) return rej('invalid home param');
+	const [ps, psErr] = getParams(meta, params);
+	if (psErr) return rej(psErr);
 
 	await User.update(user._id, {
 		$set: {
-			'clientSettings.home': home
+			'clientSettings.home': ps.home
 		}
 	});
 
 	res();
 
-	publishMainStream(user._id, 'homeUpdated', home);
+	publishMainStream(user._id, 'homeUpdated', ps.home);
 });
diff --git a/src/server/api/endpoints/i/update_mobile_home.ts b/src/server/api/endpoints/i/update_mobile_home.ts
index 1d4df389e4..c886574f23 100644
--- a/src/server/api/endpoints/i/update_mobile_home.ts
+++ b/src/server/api/endpoints/i/update_mobile_home.ts
@@ -1,28 +1,35 @@
 import $ from 'cafy';
 import User, { ILocalUser } from '../../../../models/user';
 import { publishMainStream } from '../../../../stream';
+import getParams from '../../get-params';
 
 export const meta = {
 	requireCredential: true,
-	secure: true
+
+	secure: true,
+
+	params: {
+		home: {
+			validator: $.arr($.obj({
+				name: $.str,
+				id: $.str,
+				data: $.obj()
+			}).strict())
+		}
+	}
 };
 
 export default async (params: any, user: ILocalUser) => new Promise(async (res, rej) => {
-	// Get 'home' parameter
-	const [home, homeErr] = $.arr($.obj({
-		name: $.str,
-		id: $.str,
-		data: $.obj()
-	}).strict()).get(params.home);
-	if (homeErr) return rej('invalid home param');
+	const [ps, psErr] = getParams(meta, params);
+	if (psErr) return rej(psErr);
 
 	await User.update(user._id, {
 		$set: {
-			'clientSettings.mobileHome': home
+			'clientSettings.mobileHome': ps.home
 		}
 	});
 
 	res();
 
-	publishMainStream(user._id, 'mobileHomeUpdated', home);
+	publishMainStream(user._id, 'mobileHomeUpdated', ps.home);
 });
diff --git a/src/server/api/endpoints/i/update_widget.ts b/src/server/api/endpoints/i/update_widget.ts
index 92499493eb..947a29074c 100644
--- a/src/server/api/endpoints/i/update_widget.ts
+++ b/src/server/api/endpoints/i/update_widget.ts
@@ -1,31 +1,38 @@
 import $ from 'cafy';
 import User, { ILocalUser } from '../../../../models/user';
 import { publishMainStream } from '../../../../stream';
+import getParams from '../../get-params';
 
 export const meta = {
 	requireCredential: true,
-	secure: true
+
+	secure: true,
+
+	params: {
+		id: {
+			validator: $.str
+		},
+
+		data: {
+			validator: $.obj()
+		}
+	}
 };
 
 export default async (params: any, user: ILocalUser) => new Promise(async (res, rej) => {
-	// Get 'id' parameter
-	const [id, idErr] = $.str.get(params.id);
-	if (idErr) return rej('invalid id param');
-
-	// Get 'data' parameter
-	const [data, dataErr] = $.obj().get(params.data);
-	if (dataErr) return rej('invalid data param');
+	const [ps, psErr] = getParams(meta, params);
+	if (psErr) return rej(psErr);
 
-	if (id == null && data == null) return rej('you need to set id and data params if home param unset');
+	if (ps.id == null && ps.data == null) return rej('you need to set id and data params if home param unset');
 
 	let widget;
 
 	//#region Desktop home
 	if (widget == null && user.clientSettings.home) {
 		const desktopHome = user.clientSettings.home;
-		widget = desktopHome.find((w: any) => w.id == id);
+		widget = desktopHome.find((w: any) => w.id == ps.id);
 		if (widget) {
-				widget.data = data;
+				widget.data = ps.data;
 
 			await User.update(user._id, {
 				$set: {
@@ -39,9 +46,9 @@ export default async (params: any, user: ILocalUser) => new Promise(async (res,
 	//#region Mobile home
 	if (widget == null && user.clientSettings.mobileHome) {
 		const mobileHome = user.clientSettings.mobileHome;
-		widget = mobileHome.find((w: any) => w.id == id);
+		widget = mobileHome.find((w: any) => w.id == ps.id);
 		if (widget) {
-				widget.data = data;
+				widget.data = ps.data;
 
 			await User.update(user._id, {
 				$set: {
@@ -57,11 +64,11 @@ export default async (params: any, user: ILocalUser) => new Promise(async (res,
 		const deck = user.clientSettings.deck;
 		deck.columns.filter((c: any) => c.type == 'widgets').forEach((c: any) => {
 			c.widgets.forEach((w: any) => {
-				if (w.id == id) widget = w;
+				if (w.id == ps.id) widget = w;
 			});
 		});
 		if (widget) {
-				widget.data = data;
+				widget.data = ps.data;
 
 			await User.update(user._id, {
 				$set: {
@@ -74,7 +81,7 @@ export default async (params: any, user: ILocalUser) => new Promise(async (res,
 
 	if (widget) {
 		publishMainStream(user._id, 'widgetUpdated', {
-			id, data
+			id: ps.id, data: ps.data
 		});
 
 		res();
author	syuilo <syuilotan@yahoo.co.jp>	2018-11-02 12:49:08 +0900
committer	syuilo <syuilotan@yahoo.co.jp>	2018-11-02 12:49:08 +0900
commit	a7e6b766be6b30b37839beb13f31d96b141cc25a (patch)
tree	b6bf96ae808260f0aa94767835d59d25f7f889a7 /src/server/api/endpoints/i
parent	Update src/server/api/endpoints/meta.ts (diff)
download	sharkey-a7e6b766be6b30b37839beb13f31d96b141cc25a.tar.gz sharkey-a7e6b766be6b30b37839beb13f31d96b141cc25a.tar.bz2 sharkey-a7e6b766be6b30b37839beb13f31d96b141cc25a.zip