DebaucheryLibrarian
/
traxxx
2
1
Fork 1
Code Issues 39 Pull Requests 1 Releases Wiki Activity

Compare commits

base: DebaucheryLibrarian:1fc441670bda38348a8fd395aad01ce64ea2a06c
Branches Tags
DebaucheryLibrarian:master
DebaucheryLibrarian:old
DebaucheryLibrarian:experimental
...
compare: DebaucheryLibrarian:81f504f33e4f40225f8af81141782662139ad4d1
Branches Tags
DebaucheryLibrarian:master
DebaucheryLibrarian:old
DebaucheryLibrarian:experimental

2 Commits
1fc441670b ... 81f504f33e

Author SHA1 Message Date
DebaucheryLibrarian 81f504f33e 1.227.3 2023-06-08 03:57:53 +02:00
DebaucheryLibrarian 914838e367 Curating usernames in sign-up and stash load tool. 2023-06-08 03:57:50 +02:00
5 changed files with 24 additions and 8 deletions
Show Stats Expand all files Collapse all files

2
config/default.js
View File

@ -37,6 +37,8 @@ module.exports = {
auth: { auth: {
login: true, login: true,
signup: true, signup: true,
usernameLength: [2, 24],
usernamePattern: /^[a-zA-Z0-9_-]$/,
}, },
exclude: { exclude: {
channels: [ channels: [

4
package-lock.json generated
View File

@ -1,12 +1,12 @@
{ {
"name": "traxxx", "name": "traxxx",
"version": "1.227.2", "version": "1.227.3",
"lockfileVersion": 2, "lockfileVersion": 2,
"requires": true, "requires": true,
"packages": { "packages": {
"": { "": {
"name": "traxxx", "name": "traxxx",
"version": "1.227.2", "version": "1.227.3",
"license": "ISC", "license": "ISC",
"dependencies": { "dependencies": {
"@casl/ability": "^5.2.2", "@casl/ability": "^5.2.2",

2
package.json
View File

@ -1,6 +1,6 @@
{ {
"name": "traxxx", "name": "traxxx",
"version": "1.227.2", "version": "1.227.3",
"description": "All the latest porn releases in one place", "description": "All the latest porn releases in one place",
"main": "src/app.js", "main": "src/app.js",
"scripts": { "scripts": {

22
src/auth.js
View File

@ -26,7 +26,7 @@ async function login(credentials) {
throw new HttpError('Authentication is disabled', 405); throw new HttpError('Authentication is disabled', 405);
} }
const user = await fetchUser(credentials.username, true); const user = await fetchUser(credentials.username.trim(), true);
if (!user) { if (!user) {
throw new HttpError('Username or password incorrect', 401); throw new HttpError('Username or password incorrect', 401);
@ -46,10 +46,24 @@ async function signup(credentials) {
throw new HttpError('Authentication is disabled', 405); throw new HttpError('Authentication is disabled', 405);
} }
if (!credentials.username) { const curatedUsername = credentials.username.trim();
if (!curatedUsername) {
throw new HttpError('Username required', 400); throw new HttpError('Username required', 400);
} }
if (curatedUsername.length < config.auth.usernameLength[0]) {
throw new HttpError('Username is too short', 400);
}
if (curatedUsername.length > config.auth.usernameLength[1]) {
throw new HttpError('Username is too long', 400);
}
if (!config.auth.usernamePattern.test(curatedUsername)) {
throw new HttpError('Username contains invalid characters', 400);
}
if (!credentials.email) { if (!credentials.email) {
throw new HttpError('E-mail required', 400); throw new HttpError('E-mail required', 400);
} }
@ -59,7 +73,7 @@ async function signup(credentials) {
} }
const existingUser = await knex('users') const existingUser = await knex('users')
.where('username', credentials.username) .where('username', curatedUsername)
.orWhere('email', credentials.email) .orWhere('email', credentials.email)
.first(); .first();
@ -73,7 +87,7 @@ async function signup(credentials) {
const [userId] = await knex('users') const [userId] = await knex('users')
.insert({ .insert({
username: credentials.username, username: curatedUsername,
email: credentials.email, email: credentials.email,
password: storedPassword, password: storedPassword,
}) })

2
src/tools/stashes-load.js
View File

@ -120,7 +120,7 @@ async function load() {
const user = await knex('users') const user = await knex('users')
.select('id') .select('id')
.where('username', stash.username) .where('username', stash.username.trim())
.first(); .first();
if (!user) { if (!user) {