diff options
Diffstat (limited to 'src/server/api/endpoints/i')
| -rw-r--r-- | src/server/api/endpoints/i/2fa/done.ts | 17 | ||||
| -rw-r--r-- | src/server/api/endpoints/i/2fa/register.ts | 17 | ||||
| -rw-r--r-- | src/server/api/endpoints/i/2fa/unregister.ts | 17 | ||||
| -rw-r--r-- | src/server/api/endpoints/i/authorized_apps.ts | 41 | ||||
| -rw-r--r-- | src/server/api/endpoints/i/change_password.ts | 27 | ||||
| -rw-r--r-- | src/server/api/endpoints/i/regenerate_token.ts | 17 | ||||
| -rw-r--r-- | src/server/api/endpoints/i/update_client_setting.ts | 27 | ||||
| -rw-r--r-- | src/server/api/endpoints/i/update_home.ts | 29 | ||||
| -rw-r--r-- | src/server/api/endpoints/i/update_mobile_home.ts | 27 | ||||
| -rw-r--r-- | src/server/api/endpoints/i/update_widget.ts | 39 |
10 files changed, 165 insertions, 93 deletions
diff --git a/src/server/api/endpoints/i/2fa/done.ts b/src/server/api/endpoints/i/2fa/done.ts index 6d38ca1de1..40b45a3d0b 100644 --- a/src/server/api/endpoints/i/2fa/done.ts +++ b/src/server/api/endpoints/i/2fa/done.ts @@ -1,18 +1,25 @@ import $ from 'cafy'; import * as speakeasy from 'speakeasy'; import User, { ILocalUser } from '../../../../../models/user'; +import getParams from '../../../get-params'; export const meta = { requireCredential: true, - secure: true + + secure: true, + + params: { + token: { + validator: $.str + } + } }; export default async (params: any, user: ILocalUser) => new Promise(async (res, rej) => { - // Get 'token' parameter - const [token, tokenErr] = $.str.get(params.token); - if (tokenErr) return rej('invalid token param'); + const [ps, psErr] = getParams(meta, params); + if (psErr) return rej(psErr); - const _token = token.replace(/\s/g, ''); + const _token = ps.token.replace(/\s/g, ''); if (user.twoFactorTempSecret == null) { return rej('二段階認証の設定が開始されていません'); diff --git a/src/server/api/endpoints/i/2fa/register.ts b/src/server/api/endpoints/i/2fa/register.ts index 0466a4f366..4d6b05b787 100644 --- a/src/server/api/endpoints/i/2fa/register.ts +++ b/src/server/api/endpoints/i/2fa/register.ts @@ -4,19 +4,26 @@ import * as speakeasy from 'speakeasy'; import * as QRCode from 'qrcode'; import User, { ILocalUser } from '../../../../../models/user'; import config from '../../../../../config'; +import getParams from '../../../get-params'; export const meta = { requireCredential: true, - secure: true + + secure: true, + + params: { + password: { + validator: $.str + } + } }; export default async (params: any, user: ILocalUser) => new Promise(async (res, rej) => { - // Get 'password' parameter - const [password, passwordErr] = $.str.get(params.password); - if (passwordErr) return rej('invalid password param'); + const [ps, psErr] = getParams(meta, params); + if (psErr) return rej(psErr); // Compare password - const same = await bcrypt.compare(password, user.password); + const same = await bcrypt.compare(ps.password, user.password); if (!same) { return rej('incorrect password'); diff --git a/src/server/api/endpoints/i/2fa/unregister.ts b/src/server/api/endpoints/i/2fa/unregister.ts index accf3ea0f2..e3a1bd43de 100644 --- a/src/server/api/endpoints/i/2fa/unregister.ts +++ b/src/server/api/endpoints/i/2fa/unregister.ts @@ -1,19 +1,26 @@ import $ from 'cafy'; import * as bcrypt from 'bcryptjs'; import User, { ILocalUser } from '../../../../../models/user'; +import getParams from '../../../get-params'; export const meta = { requireCredential: true, - secure: true + + secure: true, + + params: { + password: { + validator: $.str + } + } }; export default async (params: any, user: ILocalUser) => new Promise(async (res, rej) => { - // Get 'password' parameter - const [password, passwordErr] = $.str.get(params.password); - if (passwordErr) return rej('invalid password param'); + const [ps, psErr] = getParams(meta, params); + if (psErr) return rej(psErr); // Compare password - const same = await bcrypt.compare(password, user.password); + const same = await bcrypt.compare(ps.password, user.password); if (!same) { return rej('incorrect password'); diff --git a/src/server/api/endpoints/i/authorized_apps.ts b/src/server/api/endpoints/i/authorized_apps.ts index 9c15670d17..09bcd2dcb6 100644 --- a/src/server/api/endpoints/i/authorized_apps.ts +++ b/src/server/api/endpoints/i/authorized_apps.ts @@ -2,38 +2,47 @@ import $ from 'cafy'; import AccessToken from '../../../../models/access-token'; import { pack } from '../../../../models/app'; import { ILocalUser } from '../../../../models/user'; +import getParams from '../../get-params'; export const meta = { requireCredential: true, - secure: true -}; -export default (params: any, user: ILocalUser) => new Promise(async (res, rej) => { - // Get 'limit' parameter - const [limit = 10, limitErr] = $.num.optional.range(1, 100).get(params.limit); - if (limitErr) return rej('invalid limit param'); + secure: true, + + params: { + limit: { + validator: $.num.optional.range(1, 100), + default: 10, + }, - // Get 'offset' parameter - const [offset = 0, offsetErr] = $.num.optional.min(0).get(params.offset); - if (offsetErr) return rej('invalid offset param'); + offset: { + validator: $.num.optional.min(0), + default: 0, + }, - // Get 'sort' parameter - const [sort = 'desc', sortError] = $.str.optional.or('desc asc').get(params.sort); - if (sortError) return rej('invalid sort param'); + sort: { + validator: $.str.optional.or('desc|asc'), + default: 'desc', + } + } +}; + +export default (params: any, user: ILocalUser) => new Promise(async (res, rej) => { + const [ps, psErr] = getParams(meta, params); + if (psErr) return rej(psErr); // Get tokens const tokens = await AccessToken .find({ userId: user._id }, { - limit: limit, - skip: offset, + limit: ps.limit, + skip: ps.offset, sort: { - _id: sort == 'asc' ? 1 : -1 + _id: ps.sort == 'asc' ? 1 : -1 } }); - // Serialize res(await Promise.all(tokens.map(token => pack(token.appId, user, { detail: true })))); diff --git a/src/server/api/endpoints/i/change_password.ts b/src/server/api/endpoints/i/change_password.ts index dc0f060c08..818637e224 100644 --- a/src/server/api/endpoints/i/change_password.ts +++ b/src/server/api/endpoints/i/change_password.ts @@ -1,23 +1,30 @@ import $ from 'cafy'; import * as bcrypt from 'bcryptjs'; import User, { ILocalUser } from '../../../../models/user'; +import getParams from '../../get-params'; export const meta = { requireCredential: true, - secure: true + + secure: true, + + params: { + currentPassword: { + validator: $.str + }, + + newPassword: { + validator: $.str + } + } }; export default async (params: any, user: ILocalUser) => new Promise(async (res, rej) => { - // Get 'currentPasword' parameter - const [currentPassword, currentPasswordErr] = $.str.get(params.currentPasword); - if (currentPasswordErr) return rej('invalid currentPasword param'); - - // Get 'newPassword' parameter - const [newPassword, newPasswordErr] = $.str.get(params.newPassword); - if (newPasswordErr) return rej('invalid newPassword param'); + const [ps, psErr] = getParams(meta, params); + if (psErr) return rej(psErr); // Compare password - const same = await bcrypt.compare(currentPassword, user.password); + const same = await bcrypt.compare(ps.currentPassword, user.password); if (!same) { return rej('incorrect password'); @@ -25,7 +32,7 @@ export default async (params: any, user: ILocalUser) => new Promise(async (res, // Generate hash of password const salt = await bcrypt.genSalt(8); - const hash = await bcrypt.hash(newPassword, salt); + const hash = await bcrypt.hash(ps.newPassword, salt); await User.update(user._id, { $set: { diff --git a/src/server/api/endpoints/i/regenerate_token.ts b/src/server/api/endpoints/i/regenerate_token.ts index 2d85f06cfa..81997362fc 100644 --- a/src/server/api/endpoints/i/regenerate_token.ts +++ b/src/server/api/endpoints/i/regenerate_token.ts @@ -3,19 +3,26 @@ import * as bcrypt from 'bcryptjs'; import User, { ILocalUser } from '../../../../models/user'; import { publishMainStream } from '../../../../stream'; import generateUserToken from '../../common/generate-native-user-token'; +import getParams from '../../get-params'; export const meta = { requireCredential: true, - secure: true + + secure: true, + + params: { + password: { + validator: $.str + } + } }; export default async (params: any, user: ILocalUser) => new Promise(async (res, rej) => { - // Get 'password' parameter - const [password, passwordErr] = $.str.get(params.password); - if (passwordErr) return rej('invalid password param'); + const [ps, psErr] = getParams(meta, params); + if (psErr) return rej(psErr); // Compare password - const same = await bcrypt.compare(password, user.password); + const same = await bcrypt.compare(ps.password, user.password); if (!same) { return rej('incorrect password'); diff --git a/src/server/api/endpoints/i/update_client_setting.ts b/src/server/api/endpoints/i/update_client_setting.ts index 2c05299dff..a1631b1d95 100644 --- a/src/server/api/endpoints/i/update_client_setting.ts +++ b/src/server/api/endpoints/i/update_client_setting.ts @@ -1,23 +1,30 @@ import $ from 'cafy'; import User, { ILocalUser } from '../../../../models/user'; import { publishMainStream } from '../../../../stream'; +import getParams from '../../get-params'; export const meta = { requireCredential: true, - secure: true + + secure: true, + + params: { + name: { + validator: $.str + }, + + value: { + validator: $.any.nullable + } + } }; export default async (params: any, user: ILocalUser) => new Promise(async (res, rej) => { - // Get 'name' parameter - const [name, nameErr] = $.str.get(params.name); - if (nameErr) return rej('invalid name param'); - - // Get 'value' parameter - const [value, valueErr] = $.any.nullable.get(params.value); - if (valueErr) return rej('invalid value param'); + const [ps, psErr] = getParams(meta, params); + if (psErr) return rej(psErr); const x: any = {}; - x[`clientSettings.${name}`] = value; + x[`clientSettings.${name}`] = ps.value; await User.update(user._id, { $set: x @@ -28,6 +35,6 @@ export default async (params: any, user: ILocalUser) => new Promise(async (res, // Publish event publishMainStream(user._id, 'clientSettingUpdated', { key: name, - value + value: ps.value }); }); diff --git a/src/server/api/endpoints/i/update_home.ts b/src/server/api/endpoints/i/update_home.ts index 27afc9fe5a..eadd0290ab 100644 --- a/src/server/api/endpoints/i/update_home.ts +++ b/src/server/api/endpoints/i/update_home.ts @@ -1,29 +1,36 @@ import $ from 'cafy'; import User, { ILocalUser } from '../../../../models/user'; import { publishMainStream } from '../../../../stream'; +import getParams from '../../get-params'; export const meta = { requireCredential: true, - secure: true + + secure: true, + + params: { + home: { + validator: $.arr($.obj({ + name: $.str, + id: $.str, + place: $.str, + data: $.obj() + }).strict()) + } + } }; export default async (params: any, user: ILocalUser) => new Promise(async (res, rej) => { - // Get 'home' parameter - const [home, homeErr] = $.arr($.obj({ - name: $.str, - id: $.str, - place: $.str, - data: $.obj() - }).strict()).get(params.home); - if (homeErr) return rej('invalid home param'); + const [ps, psErr] = getParams(meta, params); + if (psErr) return rej(psErr); await User.update(user._id, { $set: { - 'clientSettings.home': home + 'clientSettings.home': ps.home } }); res(); - publishMainStream(user._id, 'homeUpdated', home); + publishMainStream(user._id, 'homeUpdated', ps.home); }); diff --git a/src/server/api/endpoints/i/update_mobile_home.ts b/src/server/api/endpoints/i/update_mobile_home.ts index 1d4df389e4..c886574f23 100644 --- a/src/server/api/endpoints/i/update_mobile_home.ts +++ b/src/server/api/endpoints/i/update_mobile_home.ts @@ -1,28 +1,35 @@ import $ from 'cafy'; import User, { ILocalUser } from '../../../../models/user'; import { publishMainStream } from '../../../../stream'; +import getParams from '../../get-params'; export const meta = { requireCredential: true, - secure: true + + secure: true, + + params: { + home: { + validator: $.arr($.obj({ + name: $.str, + id: $.str, + data: $.obj() + }).strict()) + } + } }; export default async (params: any, user: ILocalUser) => new Promise(async (res, rej) => { - // Get 'home' parameter - const [home, homeErr] = $.arr($.obj({ - name: $.str, - id: $.str, - data: $.obj() - }).strict()).get(params.home); - if (homeErr) return rej('invalid home param'); + const [ps, psErr] = getParams(meta, params); + if (psErr) return rej(psErr); await User.update(user._id, { $set: { - 'clientSettings.mobileHome': home + 'clientSettings.mobileHome': ps.home } }); res(); - publishMainStream(user._id, 'mobileHomeUpdated', home); + publishMainStream(user._id, 'mobileHomeUpdated', ps.home); }); diff --git a/src/server/api/endpoints/i/update_widget.ts b/src/server/api/endpoints/i/update_widget.ts index 92499493eb..947a29074c 100644 --- a/src/server/api/endpoints/i/update_widget.ts +++ b/src/server/api/endpoints/i/update_widget.ts @@ -1,31 +1,38 @@ import $ from 'cafy'; import User, { ILocalUser } from '../../../../models/user'; import { publishMainStream } from '../../../../stream'; +import getParams from '../../get-params'; export const meta = { requireCredential: true, - secure: true + + secure: true, + + params: { + id: { + validator: $.str + }, + + data: { + validator: $.obj() + } + } }; export default async (params: any, user: ILocalUser) => new Promise(async (res, rej) => { - // Get 'id' parameter - const [id, idErr] = $.str.get(params.id); - if (idErr) return rej('invalid id param'); - - // Get 'data' parameter - const [data, dataErr] = $.obj().get(params.data); - if (dataErr) return rej('invalid data param'); + const [ps, psErr] = getParams(meta, params); + if (psErr) return rej(psErr); - if (id == null && data == null) return rej('you need to set id and data params if home param unset'); + if (ps.id == null && ps.data == null) return rej('you need to set id and data params if home param unset'); let widget; //#region Desktop home if (widget == null && user.clientSettings.home) { const desktopHome = user.clientSettings.home; - widget = desktopHome.find((w: any) => w.id == id); + widget = desktopHome.find((w: any) => w.id == ps.id); if (widget) { - widget.data = data; + widget.data = ps.data; await User.update(user._id, { $set: { @@ -39,9 +46,9 @@ export default async (params: any, user: ILocalUser) => new Promise(async (res, //#region Mobile home if (widget == null && user.clientSettings.mobileHome) { const mobileHome = user.clientSettings.mobileHome; - widget = mobileHome.find((w: any) => w.id == id); + widget = mobileHome.find((w: any) => w.id == ps.id); if (widget) { - widget.data = data; + widget.data = ps.data; await User.update(user._id, { $set: { @@ -57,11 +64,11 @@ export default async (params: any, user: ILocalUser) => new Promise(async (res, const deck = user.clientSettings.deck; deck.columns.filter((c: any) => c.type == 'widgets').forEach((c: any) => { c.widgets.forEach((w: any) => { - if (w.id == id) widget = w; + if (w.id == ps.id) widget = w; }); }); if (widget) { - widget.data = data; + widget.data = ps.data; await User.update(user._id, { $set: { @@ -74,7 +81,7 @@ export default async (params: any, user: ILocalUser) => new Promise(async (res, if (widget) { publishMainStream(user._id, 'widgetUpdated', { - id, data + id: ps.id, data: ps.data }); res(); |