VSinerva/freesewing
1
0
Fork 0
Code Activity
freesewing/sites/backend/src/models/user.mjs

1348 lines
36 KiB
JavaScript
Raw Blame History

import jwt from 'jsonwebtoken'
import { log } from '../utils/log.mjs'
import { hash, hashPassword, randomString, verifyPassword } from '../utils/crypto.mjs'
import { replaceImage, importImage } from '../utils/cloudflare-images.mjs'
import { clean, asJson, i18nUrl } from '../utils/index.mjs'
import { decorateModel } from '../utils/model-decorator.mjs'
/*
* This model handles all user updates
*/
export function UserModel(tools) {
return decorateModel(this, tools, {
name: 'user',
encryptedFields: ['bio', 'github', 'email', 'initial', 'img', 'mfaSecret'],
models: ['confirmation', 'set', 'pattern'],
})
}
/*
* Loads a user from the database based on the where clause you pass it
* In addition prepares it for returning the account data
* This is guarded so it enforces access control and validates input
*
* @param {where} object - The where clasuse for the Prisma query
* @returns {UserModel} object - The UserModel
*/
UserModel.prototype.guardedRead = async function (where, { user }) {
/*
* Enforce RBAC
*/
if (!this.rbac.readSome(user)) return this.setResponse(403, 'insufficientAccessLevel')
/*
* Ensure the account is active
*/
if (user.iss && user.status < 1) return this.setResponse(403, 'accountStatusLacking')
/*
* Read record from database
*/
await this.read(where)
return this.setResponse200({
result: 'success',
account: this.asAccount(),
})
}
/*
* Finds a user based on one of the accepted unique fields which are:
* - lusername (lowercase username)
* - ehash
* - id
*
* @param {body} object - The request body
* @returns {UserModel} object - The UserModel
*/
UserModel.prototype.find = async function (body) {
/*
* Attempt to load record (one) from the database
*/
try {
this.record = await this.prisma.user.findFirst({
where: {
OR: [
{ lusername: { equals: clean(body.username) } },
{ ehash: { equals: hash(clean(body.username)) } },
{ id: { equals: parseInt(body.username) || -1 } },
],
},
})
} catch (err) {
/*
* Failed to run database query. Log warning and return 404
*/
log.warn({ err, body }, `Error while trying to find user: ${body.username}`)
return this.setResponse(404)
}
/*
* Decrypt data that is encrypted at rest
*/
await this.reveal()
return this.recordExists()
}
/*
* Loads the user that is making the API request
*
* @param {user} object - The user as loaded by the authentication middleware
* @returns {UserModel} object - The UserModel
*/
UserModel.prototype.loadAuthenticatedUser = async function (user) {
/*
* Guard against missing input
*/
if (!user) return this
/*
* Now attempt to load the full user record from the database
*/
try {
this.authenticatedUser = await this.prisma.user.findUnique({
where: { id: user.uid },
include: {
apikeys: true,
},
})
} catch (err) {
/*
* Failed to run database query. Log warning and return 404
*/
log.warn({ err, user }, `Error while trying to find user: ${user.uid}`)
return this.setResponse(404)
}
return this
}
/*
* Loads & reveals the user that is making the API request
*
* @param {user} object - The user as loaded by the authentication middleware
* @returns {UserModel} object - The UserModel
*/
UserModel.prototype.revealAuthenticatedUser = async function (user) {
/*
* Guard against missing input
*/
if (!user) return this
/*
* Now attempt to load the full user record from the database
*/
try {
this.record = await this.prisma.user.findUnique({
where: { id: user.uid },
include: {
apikeys: true,
},
})
} catch (err) {
/*
* Failed to run database query. Log warning and return 404
*/
log.warn({ err, user }, `Error while trying to find and reveal user: ${user.uid}`)
return this.setResponse(404)
}
return this.reveal()
}
/*
* Creates a user+confirmation and sends out signup email - Anonymous route
*
* @param {body} object - The request body
* @returns {UserModel} object - The UserModel
*/
UserModel.prototype.guardedCreate = async function ({ body }) {
/*
* Do we have a POST body?
*/
if (Object.keys(body).length < 1) return this.setResponse(400, 'postBodyMissing')
/*
* Is email set?
*/
if (!body.email) return this.setResponse(400, 'emailMissing')
/*
* Is language set?
*/
if (!body.language) return this.setResponse(400, 'languageMissing')
/*
* Is language a supported language?
*/
if (!this.config.languages.includes(body.language))
return this.setResponse(400, 'unsupportedLanguage')
/*
* Create ehash and check
*/
const ehash = hash(clean(body.email))
const check = randomString()
/*
* Check if we already have a user with this email address
*/
await this.read({ ehash })
/*
* Check for unit tests only once
*/
const isTest = this.isTest(body)
if (this.exists) {
/*
* User already exists. However, if we return an error, then baddies can
* spam the signup endpoint to figure out who has a FreeSewing account
* which would be a privacy leak. So instead, pretend there is no user
* with that account, and that signup is proceeding as normal.
* Except that rather than a signup email, we send the user an info email.
*
* Note that we have to deal with 3 scenarios here:
*
* - Account exists, and is active (aea)
* - Account exists, but is inactive (regular signup)
* - Account exists, but is disabled (aed)
*/
/*
* Set type of action based on the account status
*/
let type = 'signup-aed'
if (this.record.status === 0) type = 'signup'
else if (this.record.status === 1) type = 'signup-aea'
/*
* Create confirmation unless account is disabled
*/
if (type !== 'signup-aed') {
this.confirmation = await this.Confirmation.createRecord({
type,
data: {
language: body.language,
email: this.clear.email,
id: this.record.id,
ehash: ehash,
check,
},
userId: this.record.id,
})
}
/*
* Set the action url based on the account status
*/
let actionUrl = false
if (this.record.status === 0)
actionUrl = i18nUrl(body.language, `/confirm/${type}/${this.Confirmation.record.id}/${check}`)
else if (this.record.status === 1)
actionUrl = i18nUrl(body.language, `/confirm/signin/${this.Confirmation.record.id}/${check}`)
/*
* Send email unless it's a test and we don't want to send test emails
*/
if (!isTest || this.config.tests.sendEmail)
await this.mailer.send({
template: type,
language: body.language,
to: this.clear.email,
replacements: {
actionUrl,
whyUrl: i18nUrl(body.language, `/docs/faq/email/why-${type}`),
supportUrl: i18nUrl(body.language, `/patrons/join`),
},
})
/*
* Now return as if everything is fine
*/
return this.setResponse201({ email: this.clear.email })
}
/*
* New signup, attempt to create database record
*/
try {
this.clear.email = clean(body.email)
this.clear.initial = this.clear.email
this.language = body.language
const email = this.encrypt(this.clear.email)
/*
* Create a temporary username because we need one
*/
const username = clean(randomString())
const data = {
ehash,
/*
* The ihash (initial email hash) is the hash of the email that was used to
* create the account. The initial email itself is stored in the intial field.
* Once an account created, the ihash and initial fields can never be changed
* by a user.
* We keep them because in the case somebody claims their account was taken
* over. We can check the original email address that was used to create it
* even if the email address on the account was changed.
*/
ihash: ehash,
email,
initial: email,
username,
lusername: username,
language: body.language,
mfaEnabled: false,
mfaSecret: '',
/*
* The user will change this later. Or not. They can juse get a magic link via email
*/
password: asJson(hashPassword(randomString())),
/*
* These are all placeholders, but fields that get encrypted need _some_ value
* because encrypting null will cause an error.
*/
github: this.encrypt(''),
bio: this.encrypt(''),
img: this.encrypt(this.config.avatars.user),
}
/*
* During tests, users can set their own permission level so you can test admin stuff
*/
if (isTest && body.role) data.role = body.role
/*
* Now attempt to create the record in the database
*/
this.record = await this.prisma.user.create({ data })
} catch (err) {
/*
* Could not create record. Log warning and return 500
*/
log.warn(err, 'Could not create user record')
return this.setResponse(500, 'createAccountFailed')
}
/*
* Update username now that we have the databse ID
*/
try {
await this.update({
username: `user-${this.record.id}`,
lusername: `user-${this.record.id}`,
})
} catch (err) {
/*
* This is very unlikely, but it is possible that the username is taken
* Which is not really a problem, so we will swallow this error and
* continue with the random username
*/
log.info(`Username collision for user-${this.record.id}`)
}
/*
* Now create the confirmation
*/
this.confirmation = await this.Confirmation.createRecord({
type: 'signup',
data: {
language: this.language,
email: this.clear.email,
id: this.record.id,
ehash: ehash,
check,
},
userId: this.record.id,
})
/*
* And send out the signup email
*/
if (!this.isTest(body) || this.config.tests.sendEmail)
await this.mailer.send({
template: 'signup',
language: this.language,
to: this.clear.email,
replacements: {
actionUrl: i18nUrl(
this.language,
`/confirm/signup/${this.Confirmation.record.id}/${check}`
),
whyUrl: i18nUrl(this.language, `/docs/faq/email/why-signup`),
supportUrl: i18nUrl(this.language, `/patrons/join`),
},
})
/*
* For unit tests, we return the confirmation code so no email is needed
* Obviously, that would defeat the point for production use.
*/
return this.isTest(body)
? this.setResponse201({
email: this.clear.email,
confirmation: this.confirmation.record.id,
})
: this.setResponse201({ email: this.clear.email })
}
/*
* Sign in based on username + password
*
* @param {req} object - The request object.
* We use the entire request object here because we log the IP of failed log attempts
* so we can detect if people are attempting to brute-force logins and block those IPs.
* @returns {UserModel} object - The UserModel
*/
UserModel.prototype.passwordSignIn = async function (req) {
/*
* Do we have a POST body?
*/
if (Object.keys(req.body).length < 1) return this.setResponse(400, 'postBodyMissing')
/*
* Is the username set?
*/
if (!req.body.username) return this.setResponse(400, 'usernameMissing')
/*
* Is the password set?
*/
if (!req.body.password) return this.setResponse(400, 'passwordMissing')
/*
* Attempt to find the user
*/
await this.find(req.body)
/*
* If it does not exist, don't say so but just pretend the login failed.
* This stops people from figuring out whether someone has a FreeSewing
* account, which would be a privacy leak if we said 'not found' here'
*/
if (!this.exists) {
log.warn(`Sign-in attempt for non-existing user: ${req.body.username} from ${req.ip}`)
return this.setResponse(401, 'signInFailed')
}
/*
* Account found, check the password
*/
const [valid, updatedPasswordField] = verifyPassword(req.body.password, this.record.password)
/*
* If the password is incorrect, log a warning with IP and return 401
*/
if (!valid) {
log.warn(`Wrong password for existing user: ${req.body.username} from ${req.ip}`)
return this.setResponse(401, 'signInFailed')
}
/*
* Check if the user has MFA enabled and if so handle the second factor
*/
if (this.record.mfaEnabled) {
/*
* If there is no token, return 403 so the front-end can present the token
*/
if (!req.body.token) return this.setResponse(403, 'mfaTokenRequired')
/*
* If there is a token, verify it and if it is not correct, return 401
*/ else if (!this.mfa.verify(req.body.token, this.clear.mfaSecret)) {
return this.setResponse(401, 'signInFailed')
}
}
/*
* At this point sign in is a success. We will update the lastLogin value
*
* However, the way passwords are handled in v2 and v3 is slightly different.
* So v2 users who have been migrated have a v2 hash. So now that we
* have their password and we know it's good, let's rehash it the v3 way
* if this happens to be a v2 user.
*/
if (updatedPasswordField) await this.update({ password: updatedPasswordField })
/*
* Final check for account status and other things before returning
*/
return this.isOk() ? this.signInOk() : this.setResponse(401, 'signInFailed')
}
/*
* Sign in based on a sign-in link
*
* @param {req} object - The request object.
* @returns {UserModel} object - The UserModel
*/
UserModel.prototype.linkSignIn = async function (req) {
/*
* Is the id set?
*/
if (!req.params.id) return this.setResponse(400, 'signInIdMissing')
/*
* Is the check set?
*/
if (!req.params.check) return this.setResponse(400, 'signInCheckMissing')
/*
* Attempt to retrieve confirmation record
*/
await this.Confirmation.read({ id: req.params.id })
/*
* If the confirmation does not exist, return 404
*/
if (!this.Confirmation.exists) return this.setResponse(404)
/*
* If the confirmation is not of of the right type, return 404
*/
if (!['signinlink', 'signup-aea'].includes(this.Confirmation.record.type)) {
return this.setResponse(404)
}
/*
* If the confirmation check is not valid, return 404
*/
if (this.Confirmation.clear.data.check !== req.params.check) {
return this.setResponse(404)
}
/*
* Looks like we're good, so attempt to read the user from the database
*/
await this.read({ id: this.Confirmation.record.userId })
/*
* if anything went wrong, this.error will be set
*/
if (this.error) return this
/*
* Check if the user has MFA enabled and if so handle the second factor
*/
if (this.record.mfaEnabled) {
/*
* If there is no token, return 403 so the front-end can present the token
*/
if (!req.body.token) return this.setResponse(403, 'mfaTokenRequired')
/*
* If there is a token, verify it and if it is not correct, return 401
*/ else if (!this.mfa.verify(req.body.token, this.clear.mfaSecret)) {
return this.setResponse(401, 'signInFailed')
}
}
/*
* Before we return, remove the confirmation so it works only once
*/
await this.Confirmation.delete()
/*
* Sign in was a success, run a final check before returning
*/
return this.isOk() ? this.signInOk() : this.setResponse(401, 'signInFailed')
}
/*
* Send a magic link for user sign in
*
* @param {req} object - The request object.
* @returns {UserModel} object - The UserModel
*/
UserModel.prototype.sendSigninlink = async function (req) {
/*
* Do we have a POST body?
*/
if (Object.keys(req.body).length < 1) return this.setResponse(400, 'postBodyMissing')
/*
* Is username set?
*/
if (!req.body.username) return this.setResponse(400, 'usernameMissing')
/*
* Attempt to find the user
*/
await this.find(req.body)
/*
* If we could not find it, log a warning but send a 401
* to not reveal such a user does not exist.
*/
if (!this.exists) {
log.warn(`Magic link attempt for non-existing user: ${req.body.username} from ${req.ip}`)
return this.setResponse(401, 'signInFailed')
}
/*
* Account found, generate random check and create the confirmation
*/
const check = randomString()
this.confirmation = await this.Confirmation.createRecord({
type: 'signinlink',
data: {
language: this.record.language,
check,
},
userId: this.record.id,
})
/*
* Figure out whether this is part of a unit test
*/
const isTest = this.isTest(req.body)
/*
* Only send out this email if it is not a unit test
*/
if (!isTest) {
/*
* Send sign-in link email
*/
await this.mailer.send({
template: 'signinlink',
language: this.record.language,
to: this.clear.email,
replacements: {
actionUrl: i18nUrl(
this.record.language,
`/confirm/signin/${this.Confirmation.record.id}/${check}`
),
whyUrl: i18nUrl(this.record.language, `/docs/faq/email/why-signin-link`),
supportUrl: i18nUrl(this.record.language, `/patrons/join`),
},
})
}
return this.setResponse200({ result: 'emailSent' })
}
/*
* Confirms a user account
*
* @param {body} object - The request body
* @param {params} object - The request (URL) params
* @returns {UserModel} object - The UserModel
*/
UserModel.prototype.confirm = async function ({ body, params }) {
/*
* Is the id set?
*/
if (!params.id) return this.setResponse(404)
/*
* Do we have a POST body?
*/
if (Object.keys(body).length < 1) return this.setResponse(400, 'postBodyMissing')
/*
* Do we have consent from the user to process their data?
*/
if (!body.consent || typeof body.consent !== 'number' || body.consent < 1)
return this.setResponse(400, 'consentRequired')
/*
* Attempt to read the confirmation from the database
*/
await this.Confirmation.read({ id: params.id }, { user: true })
/*
* If the confirmation does not exist, log a warning and return 404
*/
if (!this.Confirmation.exists) {
log.warn(`Could not find confirmation id ${params.id}`)
return this.setResponse(404)
}
/*
* If the confirmation is of the wrong type, log a warning and return 404
*/
if (this.Confirmation.record.type !== 'signup') {
log.warn(`Confirmation mismatch; ${params.id} is not a signup id`)
return this.setResponse(404)
}
/*
* If an error occured, it will be in this.error and we can return here
*/
if (this.error) return this
/*
* Get the unencrypted data from the confirmation
*/
const data = this.Confirmation.clear.data
/*
* If the ehash does not match, return 404
*/
if (data.ehash !== this.Confirmation.record.user.ehash) return this.setResponse(404)
/*
* If the id does not match, return 404
*/
if (data.id !== this.Confirmation.record.userId) return this.setResponse(404)
/*
* Attempt to load the user from the database
*/
await this.read({ id: this.Confirmation.record.userId })
/*
* If an error occured, it will be in this.error and we can return here
*/
if (this.error) return this
/*
* Update user status, consent, and last sign in
*/
await this.update({
status: 1,
consent: body.consent,
})
/*
* If an error occured, it will be in this.error and we can return here
*/
if (this.error) return this
/*
* Before we return, remove the confirmation so it works only once
*/
await this.Confirmation.delete()
/*
* Account is now active, return a passwordless sign in
*/
return this.signInOk()
}
/*
* Updates the user data - Used when we pass through user-provided data
* so we can't be certain it's safe
*
* @param {body} object - The request body
* @param {user} object - The user as loaded by auth middleware
* @returns {UserModel} object - The UserModel
*/
UserModel.prototype.guardedUpdate = async function ({ body, user }) {
/*
* Enforce RBAC
*/
if (!this.rbac.writeSome(user)) return this.setResponse(403, 'insufficientAccessLevel')
/*
* Make sure the account is in a state where it's allowed to do this
*/
if (user.iss && user.status < 1) return this.setResponse(403, 'accountStatusLacking')
/*
* Create data to update the record
*/
const data = {}
/*
* String fields
*/
for (const field of ['bio', 'github']) {
if (typeof body[field] === 'string') data[field] = body[field]
}
/*
* Enum fields
*/
for (const [field, values] of Object.entries(this.config.enums.user)) {
if (values.includes(body[field])) data[field] = body[field]
}
/*
* Password
*/
if (typeof body.password === 'string') data.password = body.password
/*
* Username
*/
if (typeof body.username === 'string') {
const available = await this.isLusernameAvailable(body.username)
if (available) {
data.username = body.username.trim()
data.lusername = clean(body.username)
} else {
log.info(`Rejected user name change from ${data.username} to ${body.username.trim()}`)
}
}
/*
* Image (img)
*/
if (typeof body.img === 'string')
data.img = await replaceImage({
id: `user-${this.record.ihash}`,
metadata: {
user: user.uid,
ihash: this.record.ihash,
},
b64: body.img,
})
/*
* Now update the database record
*/
await this.update(data)
/*
* Figure out whether this is a unit test
*/
const isTest = this.isTest(body)
/*
* If there's an email change, we need to trigger confirmation
*/
if (typeof body.email === 'string' && this.clear.email !== clean(body.email)) {
/*
* Generate the check
*/
const check = randomString()
/*
* Generate the confirmation record
*/
this.confirmation = await this.Confirmation.createRecord({
type: 'emailchange',
data: {
language: this.record.language,
check,
email: {
current: this.clear.email,
new: body.email,
},
},
userId: this.record.id,
})
/*
* Send out confirmation email (unless it's a test)
*/
if (!isTest || this.config.tests.sendEmail) {
await this.mailer.send({
template: 'emailchange',
language: this.record.language,
to: body.email,
/*
* CC the old address to guard against account take-over
*/
cc: this.clear.email,
replacements: {
actionUrl: i18nUrl(
this.record.language,
`/confirm/emailchange/${this.Confirmation.record.id}/${check}`
),
whyUrl: i18nUrl(this.record.language, `/docs/faq/email/why-emailchange`),
supportUrl: i18nUrl(this.record.language, `/patrons/join`),
},
})
}
} else if (
/*
* Could be an email change confirmation
*/
typeof body.confirmation === 'string' &&
body.confirm === 'emailchange' &&
typeof body.check === 'string'
) {
/*
* Attemt to read the confirmation record from the database
*/
await this.Confirmation.read({ id: body.confirmation })
/*
* If it does not exist, log a warning and return 404
*/
if (!this.Confirmation.exists) {
log.warn(`Could not find confirmation id ${body.confirmation}`)
return this.setResponse(404)
}
/*
* If it is the wrong confirmation type, log a warning and return 404
*/
if (this.Confirmation.record.type !== 'emailchange') {
log.warn(`Confirmation mismatch; ${body.confirmation} is not an emailchange id`)
return this.setResponse(404)
}
/*
* Load unencrypted data
*/
const data = this.Confirmation.clear.data
/*
* Verify confirmation ID and check. Update email if it checks out.
*/
if (
data.check === body.check &&
data.email.current === this.clear.email &&
typeof data.email.new === 'string'
) {
/*
* Update the email address and ehash
*/
await this.update({
email: this.encrypt(data.email.new),
ehash: hash(clean(data.email.new)),
})
}
}
/*
* Construct data to return
*/
const returnData = {
result: 'success',
account: this.asAccount(),
}
/*
* If it is a unit test, include the confirmation id
*/
if (isTest && this.Confirmation.record?.id) returnData.confirmation = this.Confirmation.record.id
/*
* Return data
*/
return this.setResponse200(returnData)
}
/*
* Enables/Disables MFA on the account - Used when we pass through
* user-provided data so we can't be certain it's safe
*
* @param {body} object - The request body
* @param {user} object - The user as loaded by auth middleware
* @param {ip} object - The user as loaded by auth middleware
* @returns {UserModel} object - The UserModel
*/
UserModel.prototype.guardedMfaUpdate = async function ({ body, user, ip }) {
/*
* Enforce RBAC
*/
if (!this.rbac.user(user)) return this.setResponse(403, 'insufficientAccessLevel')
/*
* Ensure account is in the proper state to do this
*/
if (user.iss && user.status < 1) return this.setResponse(403, 'accountStatusLacking')
/*
* If MFA is active and it is an attempt to active it, return 400
*/
if (body.mfa === true && this.record.mfaEnabled === true)
return this.setResponse(400, 'mfaActive')
/*
* Option 1/3: Is this an attempt to disable MFA?
*/
if (body.mfa === false) {
/*
* Is token set in the POST body?
*/
if (!body.token) return this.setResponse(400, 'mfaTokenMissing')
/*
* Is password set in the POST body?
*/
if (!body.password) return this.setResponse(400, 'passwordMissing')
/*
* Verify the password
*/
const [valid] = verifyPassword(body.password, this.record.password)
/*
* If the password is not correct, log a warning including the IP and reutrn 401
*/
if (!valid) {
log.warn(`Wrong password for existing user while disabling MFA: ${user.uid} from ${ip}`)
return this.setResponse(401, 'authenticationFailed')
}
/*
* Verify the MFA token
*/
if (this.mfa.verify(body.token, this.clear.mfaSecret)) {
/*
* Token is valid. Update user record to disable MFA
*/
try {
await this.update({ mfaEnabled: false })
} catch (err) {
/*
* Problem occured while updating the record. Log warning and reurn 500
*/
log.warn(err, 'Could not disable MFA after token check')
return this.setResponse(500, 'mfaDeactivationFailed')
}
/*
* All done here. Return account data
*/
return this.setResponse200({
result: 'success',
account: this.asAccount(),
})
} else {
/*
* MFA token not valid. Return 401
*/
return this.setResponse(401, 'authenticationFailed')
}
} else if (body.mfa === true && body.token && body.secret) {
/*
* Option 2/3: Is this is a confirmation after enabling MFA?
*/
/*
* Verify secret and token
*/
if (body.secret === this.clear.mfaSecret && this.mfa.verify(body.token, this.clear.mfaSecret)) {
/*
* Looks good. Update the user record to enable MFA
*/
try {
await this.update({ mfaEnabled: true })
} catch (err) {
/*
* Problem occured while updating the record. Log warning and reurn 500
*/
log.warn(err, 'Could not enable MFA after token check')
return this.setResponse(500, 'mfaActivationFailed')
}
/*
* All done here. Return account data
*/
return this.setResponse200({
result: 'success',
account: this.asAccount(),
})
} else return this.setResponse(403, 'mfaTokenInvalid')
/*
* Secret and/or token don't match. Return 403
*/
} else if (body.mfa === true && this.record.mfaEnabled === false) {
/*
* Option 3/3: Is this an initial request to enable MFA?
*/
/*
* Setup MFA
*/
let mfa
try {
mfa = await this.mfa.enroll(this.record.username)
} catch (err) {
/*
* Problem occured while creating MFA setup. Return 500.
*/
log.warn(err, 'Failed to setup MFA')
return this.setResponse(500, 'mfaSetupFailed')
}
/*
* Update record with the MFA secret
*/
try {
await this.update({ mfaSecret: mfa.secret })
} catch (err) {
/*
* Problem occured while updating record. Return 500.
*/
log.warn(err, 'Could not update MFA secret after setup')
return this.setResponse(500, 'mfaUpdateAfterSetupFailed')
}
/*
* Return the MFA data so the user can add them to their MFA app
*/
return this.setResponse200({ mfa })
}
/*
* We should not ever arrive here, so return 400 at this point
*/
return this.setResponse(400, 'invalidMfaSetting')
}
/*
* Returns the database record as account data for for consumption
*
* @return {account} object - The account data as a plain object
*/
UserModel.prototype.asAccount = function () {
/*
* Nothing to do here but construct the object to return
*/
return {
id: this.record.id,
bio: this.clear.bio,
compare: this.record.compare,
consent: this.record.consent,
control: this.record.control,
createdAt: this.record.createdAt,
email: this.clear.email,
github: this.clear.github,
ihash: this.ihash,
img: this.clear.img,
imperial: this.record.imperial,
initial: this.clear.initial,
jwtCalls: this.record.jwtCalls,
keyCalls: this.record.keyCalls,
language: this.record.language,
lastSeen: this.record.lastSeen,
mfaEnabled: this.record.mfaEnabled,
newsletter: this.record.newsletter,
patron: this.record.patron,
role: this.record.role,
status: this.record.status,
updatedAt: this.record.updatedAt,
username: this.record.username,
lusername: this.record.lusername,
/*
* Add this so we can give a note to users about migrating their password
*/
passwordType: JSON.parse(this.record.password).type,
}
}
/*
* Creates and returns a JSON Web Token (jwt)
*
* @return {jwt} string - The JWT
*/
UserModel.prototype.getToken = function () {
/*
* Call the jwt library with the correct config
*/
return jwt.sign(
{
_id: this.record.id,
username: this.record.username,
role: this.record.role,
status: this.record.status,
aud: this.config.jwt.audience,
iss: this.config.jwt.issuer,
},
this.config.jwt.secretOrKey,
{ expiresIn: this.config.jwt.expiresIn }
)
}
/*
* Helper method to check an account is ok
*/
UserModel.prototype.isOk = function () {
/*
* These are all the checks we run to see if an account is 'ok'
*/
if (
this.exists &&
this.record &&
this.record.status > 0 &&
this.record.consent > 0 &&
this.record.role &&
this.record.role !== 'blocked'
)
return true
return false
}
/*
* Helper method to handle the return after a successful sign in
*
* @returns {UserModel} object - The UserModel
*/
UserModel.prototype.signInOk = function () {
return this.setResponse200({
result: 'success',
token: this.getToken(),
account: this.asAccount(),
})
}
/*
* Helper method to see if a (lowercase) username is available
* as well as making sure username is not something we
* do not allow
*
* @param {lusername} string - The lowercased username
* @returns {isTest} boolean - True if it's a test. False if not.
*/
UserModel.prototype.isLusernameAvailable = async function (lusername) {
/*
* We do not allow usernames shorter than 2 characters
*/
if (lusername.length < 2) return false
/*
* Attempt to find a user with the provided lusername
*/
let user
try {
user = await this.prisma.user.findUnique({ where: { lusername } })
} catch (err) {
/*
* An error means it's not good. Return false
*/
log.warn({ err, lusername }, 'Could not search for free username')
return false
}
/*
* If a user is found, the lusername is not available, so return false
*/
if (user) return false
/*
* If we get here, the lusername is available, so return true
*/
return true
}
/*
* Helper method to update the `lastSeen` field of the user
* This is called from middleware with the user ID passed in.
*
* @param {id} string - The user ID
* @param {type} string - The authentication type (one of 'jwt' or 'key')
* @returns {success} boolean - True if it worked, false if not
*/
UserModel.prototype.seen = async function (id, type) {
/*
* Construct data object for update operation
*/
const data = { lastSeen: new Date() }
data[`${type}Calls`] = { increment: 1 }
/*
* Now update the dabatase record
*/
try {
await this.prisma.user.update({ where: { id }, data })
} catch (err) {
/*
* An error means it's not good. Return false
*/
log.warn({ id, err }, 'Could not update lastSeen field from middleware')
return false
}
/*
* If we get here, the lastSeen field was updated and user exists, so return true
*/
return true
}
/*
* Everything below this comment is migration code.
* This can all be removed after v3 is in production and all users have been migrated.
*/
const migrateUser = (v2) => {
const email = clean(v2.email)
const initial = clean(v2.initial)
const data = {
bio: v2.bio,
consent: 0,
createdAt: v2.time?.created ? new Date(v2.time.created) : new Date(),
email,
ehash: hash(email),
github: v2.social?.github,
ihash: hash(initial),
img:
v2.picture.slice(-4).toLowerCase() === '.svg' // Don't bother with default avatars
? ''
: v2.picture,
initial,
imperial: v2.units === 'imperial',
language: v2.settings.language,
lastSeen: new Date(),
lusername: v2.username.toLowerCase(),
mfaEnabled: false,
newsletter: false,
password: JSON.stringify({
type: 'v2',
data: v2.password,
}),
patron: v2.patron,
role: v2._id === '5d62aa44ce141a3b816a3dd9' ? 'admin' : 'user',
status: v2.status === 'active' ? 1 : 0,
username: v2.username,
}
if (data.consent.profile) data.consent++
if (data.consent.measurements) data.consent++
if (data.consent.openData) data.consent++
return data
}
/*
* This is a special route not available for API users
*/
UserModel.prototype.import = async function (user) {
if (user.status === 'active') {
const data = migrateUser(user)
if (user.consent.profile) data.consent++
if (user.consent.model || user.consent.measurements) {
data.consent++
if (user.consent.openData) data.consent++
}
await this.read({ ehash: data.ehash })
if (!this.record) {
/*
* Skip images for now
*/
if (data.img) {
/*
* Figure out what image to grab from the FreeSewing v2 backend server
*/
const imgId = `user-${data.ihash}`
const imgUrl =
'https://static.freesewing.org/users/' +
encodeURIComponent(user.handle.slice(0, 1)) +
'/' +
encodeURIComponent(user.handle) +
'/' +
encodeURIComponent(data.img)
data.img = await importImage({
id: imgId,
metadata: {
user: `v2-${user.handle}`,
ihash: data.ihash,
},
url: imgUrl,
})
data.img = imgId
} else data.img = 'default-avatar'
let available = await this.isLusernameAvailable(data.lusername)
while (!available) {
data.username += '+'
data.lusername += '+'
available = await this.isLusernameAvailable(data.lusername)
}
try {
await this.createRecord(data)
} catch (err) {
log.warn(err, 'Could not create user record')
console.log(user)
return this.setResponse(500, 'createUserFailed')
}
// That's the user, now load their people as sets
let lut = false
if (user.people) lut = await this.Set.import(user, this.record.id)
if (user.patterns) await this.Pattern.import(user, lut, this.record.id)
}
}
return this.setResponse200()
}
View git blame Copy permalink