torsten/yourpart3
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

En-/decryption fixed

Browse Source
This commit is contained in:
Torsten Schulz
2024-07-28 16:12:48 +02:00
parent 4c12303edc
commit 4b6ad3aefe
27 changed files with 3315 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
backend/services/authService.js
View File

@@ -1,51 +1,53 @@
import bcrypt from 'bcrypt';
import crypto from 'crypto';
import { v4 as uuidv4 } from 'uuid';
import User from '../models/community/user.js';
import UserParam from '../models/community/user_param.js';
import UserParamType from '../models/type/user_param.js';
import { sendAccountActivationEmail, sendPasswordResetEmail } from './emailService.js';
import { sequelize } from '../utils/sequelize.js';
import { encrypt, generateIv } from '../utils/encryption.js';
const saltRounds = 10;
export const registerUser = async ({ email, username, password, language }) => {
const iv = generateIv();
const encryptedEmail = encrypt(email, iv);
const encryptionKey = process.env.SECRET_KEY;
const results = await sequelize.query(
`SELECT * FROM "community"."user" WHERE "email" = :email`,
`SELECT * FROM community.user WHERE pgp_sym_decrypt(email::bytea, :key) = :email`,
{
replacements: { key: process.env.SECRET_KEY, email: encryptedEmail },
replacements: { key: encryptionKey, email },
type: sequelize.QueryTypes.SELECT
}
);
if (results.length && results.length > 0) {
throw new Error('Email already in use');
if (results.length > 0) {
throw new Error('emailinuse');
}
const hashedPassword = await bcrypt.hash(password, saltRounds);
const resetToken = uuidv4();
const user = await User.create({
email: encryptedEmail,
iv: iv.toString('hex'),
email: email,
username,
password: hashedPassword,
resetToken: resetToken,
active: false,
registration_date: new Date()
});
const languageType = await UserParamType.findOne({ where: { description: 'language' } });
if (!languageType) {
throw new Error('Language type not found');
throw new Error('languagenotfound');
}
await UserParam.create({
const languageParam = await UserParam.create({
userId: user.id,
paramTypeId: languageType.id,
value: language
});
const activationLink = `${process.env.FRONTEND_URL}/activate?token=${resetToken}`;
await sendAccountActivationEmail(email, activationLink, username, resetToken, language);
const authCode = crypto.randomBytes(20).toString('hex');
return { id: user.hashedId, username: user.username, active: user.active };
return { id: user.hashedId, username: user.username, active: user.active, param: [languageParam], authCode };
};
export const loginUser = async ({ username, password }) => {
@@ -57,6 +59,9 @@ export const loginUser = async ({ username, password }) => {
if (!match) {
throw new Error('credentialsinvalid');
}
const authCode = crypto.randomBytes(20).toString('hex');
user.authCode = authCode;
await user.save();
const params = await UserParam.findAll({
where: {
userId: user.id
@@ -69,9 +74,16 @@ export const loginUser = async ({ username, password }) => {
}
}
});
const mappedParams = params.map(param => {
return { 'name': param.paramType.description, 'value': param.value }; });
return { id: user.hashedId, username: user.username, active: user.active, param: mappedParams };
const mappedParams = params.map(param => {
return { 'name': param.paramType.description, 'value': param.value };
});
return {
id: user.hashedId,
username: user.username,
active: user.active,
param: mappedParams,
authCode
};
};
export const handleForgotPassword = async ({ email }) => {