mirror of
https://codeberg.org/timelimit/timelimit-server.git
synced 2025-10-03 01:39:31 +02:00
Remove the obsolete can-recover-password endpoint
This commit is contained in:
Jonas Lochmann
parent
964397cfa9
commit
24563bdc4a
5 changed files with 5 additions and 89 deletions
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* server component for the TimeLimit App
|
||||
* Copyright (C) 2019 - 2020 Jonas Lochmann
|
||||
* Copyright (C) 2019 - 2021 Jonas Lochmann
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
|
|
@ -29,7 +29,6 @@ const types = [
|
|||
'CreateFamilyByMailTokenRequest',
|
||||
'SignIntoFamilyRequest',
|
||||
'RecoverParentPasswordRequest',
|
||||
'CanRecoverPasswordRequest',
|
||||
'RegisterChildDeviceRequest',
|
||||
'SerializedParentAction',
|
||||
'SerializedAppLogicAction',
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* server component for the TimeLimit App
|
||||
* Copyright (C) 2019 - 2020 Jonas Lochmann
|
||||
* Copyright (C) 2019 - 2021 Jonas Lochmann
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
|
|
@ -21,7 +21,6 @@ import { BadRequest, Forbidden, Unauthorized } from 'http-errors'
|
|||
import { config } from '../config'
|
||||
import { Database, Transaction } from '../database'
|
||||
import { removeDevice } from '../function/device/remove-device'
|
||||
import { canRecoverPassword } from '../function/parent/can-recover-password'
|
||||
import { createAddDeviceToken } from '../function/parent/create-add-device-token'
|
||||
import { createFamily } from '../function/parent/create-family'
|
||||
import { getStatusByMailToken } from '../function/parent/get-status-by-mail-address'
|
||||
|
|
@ -30,7 +29,7 @@ import { recoverParentPassword } from '../function/parent/recover-parent-passwor
|
|||
import { signInIntoFamily } from '../function/parent/sign-in-into-family'
|
||||
import { WebsocketApi } from '../websocket'
|
||||
import {
|
||||
isCanRecoverPasswordRequest, isCreateFamilyByMailTokenRequest,
|
||||
isCreateFamilyByMailTokenRequest,
|
||||
isCreateRegisterDeviceTokenRequest, isLinkParentMailAddressRequest,
|
||||
isMailAuthTokenRequestBody, isRecoverParentPasswordRequest,
|
||||
isRemoveDeviceRequest, isSignIntoFamilyRequest
|
||||
|
|
@ -113,24 +112,6 @@ export const createParentRouter = ({ database, websocket }: {database: Database,
|
|||
}
|
||||
})
|
||||
|
||||
router.post('/can-recover-password', json(), async (req, res, next) => {
|
||||
try {
|
||||
if (!isCanRecoverPasswordRequest(req.body)) {
|
||||
throw new BadRequest()
|
||||
}
|
||||
|
||||
const canRecover = await canRecoverPassword({
|
||||
database,
|
||||
parentUserId: req.body.parentUserId,
|
||||
mailAuthToken: req.body.mailAuthToken
|
||||
})
|
||||
|
||||
res.json({ canRecover })
|
||||
} catch (ex) {
|
||||
next(ex)
|
||||
}
|
||||
})
|
||||
|
||||
router.post('/recover-parent-password', json(), async (req, res, next) => {
|
||||
try {
|
||||
if (!isRecoverParentPasswordRequest(req.body)) {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* server component for the TimeLimit App
|
||||
* Copyright (C) 2019 - 2020 Jonas Lochmann
|
||||
* Copyright (C) 2019 - 2021 Jonas Lochmann
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
|
|
@ -82,11 +82,6 @@ export interface RecoverParentPasswordRequest {
|
|||
password: ParentPassword
|
||||
}
|
||||
|
||||
export interface CanRecoverPasswordRequest {
|
||||
mailAuthToken: string
|
||||
parentUserId: string
|
||||
}
|
||||
|
||||
export interface RegisterChildDeviceRequest {
|
||||
registerToken: string
|
||||
childDevice: NewDeviceInfo
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
// tslint:disable
|
||||
import { ClientPushChangesRequest, ClientPullChangesRequest, MailAuthTokenRequestBody, CreateFamilyByMailTokenRequest, SignIntoFamilyRequest, RecoverParentPasswordRequest, CanRecoverPasswordRequest, RegisterChildDeviceRequest, SerializedParentAction, SerializedAppLogicAction, SerializedChildAction, CreateRegisterDeviceTokenRequest, CanDoPurchaseRequest, FinishPurchaseByGooglePlayRequest, LinkParentMailAddressRequest, UpdatePrimaryDeviceRequest, RemoveDeviceRequest, RequestWithAuthToken, SendMailLoginCodeRequest, SignInByMailCodeRequest } from './schema'
|
||||
import { ClientPushChangesRequest, ClientPullChangesRequest, MailAuthTokenRequestBody, CreateFamilyByMailTokenRequest, SignIntoFamilyRequest, RecoverParentPasswordRequest, RegisterChildDeviceRequest, SerializedParentAction, SerializedAppLogicAction, SerializedChildAction, CreateRegisterDeviceTokenRequest, CanDoPurchaseRequest, FinishPurchaseByGooglePlayRequest, LinkParentMailAddressRequest, UpdatePrimaryDeviceRequest, RemoveDeviceRequest, RequestWithAuthToken, SendMailLoginCodeRequest, SignInByMailCodeRequest } from './schema'
|
||||
import Ajv from 'ajv'
|
||||
const ajv = new Ajv()
|
||||
|
||||
|
|
@ -2576,24 +2576,6 @@ export const isRecoverParentPasswordRequest: (value: object) => value is Recover
|
|||
"definitions": definitions,
|
||||
"$schema": "http://json-schema.org/draft-07/schema#"
|
||||
})
|
||||
export const isCanRecoverPasswordRequest: (value: object) => value is CanRecoverPasswordRequest = ajv.compile({
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"mailAuthToken": {
|
||||
"type": "string"
|
||||
},
|
||||
"parentUserId": {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"additionalProperties": false,
|
||||
"required": [
|
||||
"mailAuthToken",
|
||||
"parentUserId"
|
||||
],
|
||||
"definitions": definitions,
|
||||
"$schema": "http://json-schema.org/draft-07/schema#"
|
||||
})
|
||||
export const isRegisterChildDeviceRequest: (value: object) => value is RegisterChildDeviceRequest = ajv.compile({
|
||||
"type": "object",
|
||||
"properties": {
|
||||
|
|
|
|||
|
|
@ -1,41 +0,0 @@
|
|||
/*
|
||||
* server component for the TimeLimit App
|
||||
* Copyright (C) 2019 - 2020 Jonas Lochmann
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, version 3 of the License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
import { Database } from '../../database'
|
||||
import { requireMailByAuthToken } from '../authentication'
|
||||
|
||||
export const canRecoverPassword = async ({ database, mailAuthToken, parentUserId }: {
|
||||
database: Database
|
||||
mailAuthToken: string
|
||||
parentUserId: string
|
||||
// no transaction here because this is directly called from an API endpoint
|
||||
}): Promise<boolean> => {
|
||||
return database.transaction(async (transaction) => {
|
||||
const mail = await requireMailByAuthToken({ mailAuthToken, database, transaction })
|
||||
|
||||
const entry = await database.user.findOne({
|
||||
where: {
|
||||
mail,
|
||||
userId: parentUserId,
|
||||
type: 'parent'
|
||||
},
|
||||
transaction
|
||||
})
|
||||
|
||||
return !!entry
|
||||
})
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue