mirror of
https://codeberg.org/timelimit/timelimit-server.git
synced 2025-10-03 09:49:32 +02:00
Remove the obsolete can-recover-password endpoint
This commit is contained in:
Jonas Lochmann
parent
964397cfa9
commit
24563bdc4a
5 changed files with 5 additions and 89 deletions
|
|
@ -1,6 +1,6 @@
|
||||||
/*
|
/*
|
||||||
* server component for the TimeLimit App
|
* server component for the TimeLimit App
|
||||||
* Copyright (C) 2019 - 2020 Jonas Lochmann
|
* Copyright (C) 2019 - 2021 Jonas Lochmann
|
||||||
*
|
*
|
||||||
* This program is free software: you can redistribute it and/or modify
|
* This program is free software: you can redistribute it and/or modify
|
||||||
* it under the terms of the GNU Affero General Public License as
|
* it under the terms of the GNU Affero General Public License as
|
||||||
|
|
@ -29,7 +29,6 @@ const types = [
|
||||||
'CreateFamilyByMailTokenRequest',
|
'CreateFamilyByMailTokenRequest',
|
||||||
'SignIntoFamilyRequest',
|
'SignIntoFamilyRequest',
|
||||||
'RecoverParentPasswordRequest',
|
'RecoverParentPasswordRequest',
|
||||||
'CanRecoverPasswordRequest',
|
|
||||||
'RegisterChildDeviceRequest',
|
'RegisterChildDeviceRequest',
|
||||||
'SerializedParentAction',
|
'SerializedParentAction',
|
||||||
'SerializedAppLogicAction',
|
'SerializedAppLogicAction',
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
/*
|
/*
|
||||||
* server component for the TimeLimit App
|
* server component for the TimeLimit App
|
||||||
* Copyright (C) 2019 - 2020 Jonas Lochmann
|
* Copyright (C) 2019 - 2021 Jonas Lochmann
|
||||||
*
|
*
|
||||||
* This program is free software: you can redistribute it and/or modify
|
* This program is free software: you can redistribute it and/or modify
|
||||||
* it under the terms of the GNU Affero General Public License as
|
* it under the terms of the GNU Affero General Public License as
|
||||||
|
|
@ -21,7 +21,6 @@ import { BadRequest, Forbidden, Unauthorized } from 'http-errors'
|
||||||
import { config } from '../config'
|
import { config } from '../config'
|
||||||
import { Database, Transaction } from '../database'
|
import { Database, Transaction } from '../database'
|
||||||
import { removeDevice } from '../function/device/remove-device'
|
import { removeDevice } from '../function/device/remove-device'
|
||||||
import { canRecoverPassword } from '../function/parent/can-recover-password'
|
|
||||||
import { createAddDeviceToken } from '../function/parent/create-add-device-token'
|
import { createAddDeviceToken } from '../function/parent/create-add-device-token'
|
||||||
import { createFamily } from '../function/parent/create-family'
|
import { createFamily } from '../function/parent/create-family'
|
||||||
import { getStatusByMailToken } from '../function/parent/get-status-by-mail-address'
|
import { getStatusByMailToken } from '../function/parent/get-status-by-mail-address'
|
||||||
|
|
@ -30,7 +29,7 @@ import { recoverParentPassword } from '../function/parent/recover-parent-passwor
|
||||||
import { signInIntoFamily } from '../function/parent/sign-in-into-family'
|
import { signInIntoFamily } from '../function/parent/sign-in-into-family'
|
||||||
import { WebsocketApi } from '../websocket'
|
import { WebsocketApi } from '../websocket'
|
||||||
import {
|
import {
|
||||||
isCanRecoverPasswordRequest, isCreateFamilyByMailTokenRequest,
|
isCreateFamilyByMailTokenRequest,
|
||||||
isCreateRegisterDeviceTokenRequest, isLinkParentMailAddressRequest,
|
isCreateRegisterDeviceTokenRequest, isLinkParentMailAddressRequest,
|
||||||
isMailAuthTokenRequestBody, isRecoverParentPasswordRequest,
|
isMailAuthTokenRequestBody, isRecoverParentPasswordRequest,
|
||||||
isRemoveDeviceRequest, isSignIntoFamilyRequest
|
isRemoveDeviceRequest, isSignIntoFamilyRequest
|
||||||
|
|
@ -113,24 +112,6 @@ export const createParentRouter = ({ database, websocket }: {database: Database,
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
|
||||||
router.post('/can-recover-password', json(), async (req, res, next) => {
|
|
||||||
try {
|
|
||||||
if (!isCanRecoverPasswordRequest(req.body)) {
|
|
||||||
throw new BadRequest()
|
|
||||||
}
|
|
||||||
|
|
||||||
const canRecover = await canRecoverPassword({
|
|
||||||
database,
|
|
||||||
parentUserId: req.body.parentUserId,
|
|
||||||
mailAuthToken: req.body.mailAuthToken
|
|
||||||
})
|
|
||||||
|
|
||||||
res.json({ canRecover })
|
|
||||||
} catch (ex) {
|
|
||||||
next(ex)
|
|
||||||
}
|
|
||||||
})
|
|
||||||
|
|
||||||
router.post('/recover-parent-password', json(), async (req, res, next) => {
|
router.post('/recover-parent-password', json(), async (req, res, next) => {
|
||||||
try {
|
try {
|
||||||
if (!isRecoverParentPasswordRequest(req.body)) {
|
if (!isRecoverParentPasswordRequest(req.body)) {
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
/*
|
/*
|
||||||
* server component for the TimeLimit App
|
* server component for the TimeLimit App
|
||||||
* Copyright (C) 2019 - 2020 Jonas Lochmann
|
* Copyright (C) 2019 - 2021 Jonas Lochmann
|
||||||
*
|
*
|
||||||
* This program is free software: you can redistribute it and/or modify
|
* This program is free software: you can redistribute it and/or modify
|
||||||
* it under the terms of the GNU Affero General Public License as
|
* it under the terms of the GNU Affero General Public License as
|
||||||
|
|
@ -82,11 +82,6 @@ export interface RecoverParentPasswordRequest {
|
||||||
password: ParentPassword
|
password: ParentPassword
|
||||||
}
|
}
|
||||||
|
|
||||||
export interface CanRecoverPasswordRequest {
|
|
||||||
mailAuthToken: string
|
|
||||||
parentUserId: string
|
|
||||||
}
|
|
||||||
|
|
||||||
export interface RegisterChildDeviceRequest {
|
export interface RegisterChildDeviceRequest {
|
||||||
registerToken: string
|
registerToken: string
|
||||||
childDevice: NewDeviceInfo
|
childDevice: NewDeviceInfo
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
// tslint:disable
|
// tslint:disable
|
||||||
import { ClientPushChangesRequest, ClientPullChangesRequest, MailAuthTokenRequestBody, CreateFamilyByMailTokenRequest, SignIntoFamilyRequest, RecoverParentPasswordRequest, CanRecoverPasswordRequest, RegisterChildDeviceRequest, SerializedParentAction, SerializedAppLogicAction, SerializedChildAction, CreateRegisterDeviceTokenRequest, CanDoPurchaseRequest, FinishPurchaseByGooglePlayRequest, LinkParentMailAddressRequest, UpdatePrimaryDeviceRequest, RemoveDeviceRequest, RequestWithAuthToken, SendMailLoginCodeRequest, SignInByMailCodeRequest } from './schema'
|
import { ClientPushChangesRequest, ClientPullChangesRequest, MailAuthTokenRequestBody, CreateFamilyByMailTokenRequest, SignIntoFamilyRequest, RecoverParentPasswordRequest, RegisterChildDeviceRequest, SerializedParentAction, SerializedAppLogicAction, SerializedChildAction, CreateRegisterDeviceTokenRequest, CanDoPurchaseRequest, FinishPurchaseByGooglePlayRequest, LinkParentMailAddressRequest, UpdatePrimaryDeviceRequest, RemoveDeviceRequest, RequestWithAuthToken, SendMailLoginCodeRequest, SignInByMailCodeRequest } from './schema'
|
||||||
import Ajv from 'ajv'
|
import Ajv from 'ajv'
|
||||||
const ajv = new Ajv()
|
const ajv = new Ajv()
|
||||||
|
|
||||||
|
|
@ -2576,24 +2576,6 @@ export const isRecoverParentPasswordRequest: (value: object) => value is Recover
|
||||||
"definitions": definitions,
|
"definitions": definitions,
|
||||||
"$schema": "http://json-schema.org/draft-07/schema#"
|
"$schema": "http://json-schema.org/draft-07/schema#"
|
||||||
})
|
})
|
||||||
export const isCanRecoverPasswordRequest: (value: object) => value is CanRecoverPasswordRequest = ajv.compile({
|
|
||||||
"type": "object",
|
|
||||||
"properties": {
|
|
||||||
"mailAuthToken": {
|
|
||||||
"type": "string"
|
|
||||||
},
|
|
||||||
"parentUserId": {
|
|
||||||
"type": "string"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"additionalProperties": false,
|
|
||||||
"required": [
|
|
||||||
"mailAuthToken",
|
|
||||||
"parentUserId"
|
|
||||||
],
|
|
||||||
"definitions": definitions,
|
|
||||||
"$schema": "http://json-schema.org/draft-07/schema#"
|
|
||||||
})
|
|
||||||
export const isRegisterChildDeviceRequest: (value: object) => value is RegisterChildDeviceRequest = ajv.compile({
|
export const isRegisterChildDeviceRequest: (value: object) => value is RegisterChildDeviceRequest = ajv.compile({
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"properties": {
|
"properties": {
|
||||||
|
|
|
||||||
|
|
@ -1,41 +0,0 @@
|
||||||
/*
|
|
||||||
* server component for the TimeLimit App
|
|
||||||
* Copyright (C) 2019 - 2020 Jonas Lochmann
|
|
||||||
*
|
|
||||||
* This program is free software: you can redistribute it and/or modify
|
|
||||||
* it under the terms of the GNU Affero General Public License as
|
|
||||||
* published by the Free Software Foundation, version 3 of the License.
|
|
||||||
*
|
|
||||||
* This program is distributed in the hope that it will be useful,
|
|
||||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
* GNU Affero General Public License for more details.
|
|
||||||
*
|
|
||||||
* You should have received a copy of the GNU Affero General Public License
|
|
||||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
||||||
*/
|
|
||||||
|
|
||||||
import { Database } from '../../database'
|
|
||||||
import { requireMailByAuthToken } from '../authentication'
|
|
||||||
|
|
||||||
export const canRecoverPassword = async ({ database, mailAuthToken, parentUserId }: {
|
|
||||||
database: Database
|
|
||||||
mailAuthToken: string
|
|
||||||
parentUserId: string
|
|
||||||
// no transaction here because this is directly called from an API endpoint
|
|
||||||
}): Promise<boolean> => {
|
|
||||||
return database.transaction(async (transaction) => {
|
|
||||||
const mail = await requireMailByAuthToken({ mailAuthToken, database, transaction })
|
|
||||||
|
|
||||||
const entry = await database.user.findOne({
|
|
||||||
where: {
|
|
||||||
mail,
|
|
||||||
userId: parentUserId,
|
|
||||||
type: 'parent'
|
|
||||||
},
|
|
||||||
transaction
|
|
||||||
})
|
|
||||||
|
|
||||||
return !!entry
|
|
||||||
})
|
|
||||||
}
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue