2024-02-29 04:08:54 +00:00
|
|
|
/* eslint-disable no-param-reassign */
|
2024-03-14 23:08:24 +00:00
|
|
|
import IPCIDR from 'ip-cidr';
|
|
|
|
|
2024-02-29 04:08:54 +00:00
|
|
|
import { login, signup } from '../auth.js';
|
2024-04-02 00:50:24 +00:00
|
|
|
import { fetchUser } from '../users.js';
|
2024-02-29 04:08:54 +00:00
|
|
|
|
2024-03-14 23:08:24 +00:00
|
|
|
function getIp(req) {
|
|
|
|
const ip = req.headers['x-forwarded-for']?.split(',')[0] || req.connection.remoteAddress; // See src/ws
|
|
|
|
|
|
|
|
const unmappedIp = ip?.includes('.')
|
|
|
|
? ip.slice(ip.lastIndexOf(':') + 1)
|
|
|
|
: ip;
|
|
|
|
|
|
|
|
// ensure IP is in expanded notation for consistency and matching
|
|
|
|
const expandedIp = unmappedIp.includes(':')
|
|
|
|
? new IPCIDR(`${ip}/128`) // IPv6
|
|
|
|
: new IPCIDR(`${ip}/32`); // IPv4
|
|
|
|
|
|
|
|
if (!expandedIp.addressStart?.addressMinusSuffix) {
|
|
|
|
throw new Error(`Could not determine user IP from ${ip}`);
|
|
|
|
}
|
|
|
|
|
|
|
|
return expandedIp.addressStart?.addressMinusSuffix || null;
|
|
|
|
}
|
|
|
|
|
2024-02-29 04:08:54 +00:00
|
|
|
export async function setUserApi(req, res, next) {
|
2024-03-14 23:08:24 +00:00
|
|
|
const ip = getIp(req);
|
|
|
|
|
|
|
|
req.userIp = ip;
|
|
|
|
|
2024-02-29 04:08:54 +00:00
|
|
|
if (req.session.user) {
|
|
|
|
req.user = req.session.user;
|
2024-03-14 23:08:24 +00:00
|
|
|
req.user.ip = ip;
|
2024-02-29 04:08:54 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
next();
|
|
|
|
}
|
|
|
|
|
2024-04-02 00:50:24 +00:00
|
|
|
export async function updateSessionUser(req) {
|
|
|
|
const user = await fetchUser(req.session.user.id, {}, req.session.user);
|
|
|
|
|
|
|
|
req.session.user = user;
|
|
|
|
|
|
|
|
req.user = user;
|
|
|
|
req.user.ip = req.userIp;
|
|
|
|
}
|
|
|
|
|
2024-02-29 04:08:54 +00:00
|
|
|
export async function loginApi(req, res) {
|
2024-03-14 23:08:24 +00:00
|
|
|
const user = await login(req.body, req.userIp);
|
2024-02-29 04:08:54 +00:00
|
|
|
|
|
|
|
req.session.user = user;
|
|
|
|
res.send(user);
|
|
|
|
}
|
|
|
|
|
|
|
|
export async function logoutApi(req, res) {
|
|
|
|
req.session.destroy((error) => {
|
|
|
|
if (error) {
|
|
|
|
res.status(500).send();
|
|
|
|
}
|
|
|
|
|
|
|
|
res.status(204).send();
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
export async function signupApi(req, res) {
|
2024-03-14 23:08:24 +00:00
|
|
|
const user = await signup(req.body, req.userIp);
|
2024-02-29 04:08:54 +00:00
|
|
|
|
|
|
|
req.session.user = user;
|
|
|
|
res.send(user);
|
|
|
|
}
|
|
|
|
/* eslint-enable no-param-reassign */
|