authController.js 3.2 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091
  1. const config = require('../config.js');
  2. const db = require('knex')(config.database);
  3. const bcrypt = require('bcrypt');
  4. const randomstring = require('randomstring');
  5. const utils = require('./utilsController.js');
  6. let authController = {};
  7. authController.verify = async (req, res, next) => {
  8. const username = req.body.username;
  9. const password = req.body.password;
  10. if (username === undefined) return res.json({ success: false, description: 'No username provided' });
  11. if (password === undefined) return res.json({ success: false, description: 'No password provided' });
  12. const user = await db.table('users').where('username', username).first();
  13. if (!user) return res.json({ success: false, description: 'Username doesn\'t exist' });
  14. if (user.enabled === false || user.enabled === 0) return res.json({
  15. success: false,
  16. description: 'This account has been disabled'
  17. });
  18. bcrypt.compare(password, user.password, (err, result) => {
  19. if (err) {
  20. console.log(err);
  21. return res.json({ success: false, description: 'There was an error' });
  22. }
  23. if (result === false) return res.json({ success: false, description: 'Wrong password' });
  24. return res.json({ success: true, token: user.token });
  25. });
  26. };
  27. authController.register = async (req, res, next) => {
  28. if (config.enableUserAccounts === false) {
  29. return res.json({ success: false, description: 'Register is disabled at the moment' });
  30. }
  31. const username = req.body.username;
  32. const password = req.body.password;
  33. if (username === undefined) return res.json({ success: false, description: 'No username provided' });
  34. if (password === undefined) return res.json({ success: false, description: 'No password provided' });
  35. if (username.length < 4 || username.length > 32) {
  36. return res.json({ success: false, description: 'Username must have 4-32 characters' })
  37. }
  38. if (password.length < 6 || password.length > 64) {
  39. return res.json({ success: false, description: 'Password must have 6-64 characters' })
  40. }
  41. const user = await db.table('users').where('username', username).first();
  42. if (user) return res.json({ success: false, description: 'Username already exists' });
  43. bcrypt.hash(password, 10, async (err, hash) => {
  44. if (err) {
  45. console.log(err);
  46. return res.json({ success: false, description: 'Error generating password hash (╯°□°)╯︵ ┻━┻' });
  47. }
  48. const token = randomstring.generate(64);
  49. await db.table('users').insert({
  50. username: username,
  51. password: hash,
  52. token: token,
  53. enabled: 1
  54. });
  55. return res.json({ success: true, token: token })
  56. });
  57. };
  58. authController.changePassword = async (req, res, next) => {
  59. const user = await utils.authorize(req, res);
  60. let password = req.body.password;
  61. if (password === undefined) return res.json({ success: false, description: 'No password provided' });
  62. if (password.length < 6 || password.length > 64) {
  63. return res.json({ success: false, description: 'Password must have 6-64 characters' });
  64. }
  65. bcrypt.hash(password, 10, async (err, hash) => {
  66. if (err) {
  67. console.log(err);
  68. return res.json({ success: false, description: 'Error generating password hash (╯°□°)╯︵ ┻━┻' });
  69. }
  70. await db.table('users').where('id', user.id).update({ password: hash });
  71. return res.json({ success: true });
  72. });
  73. };
  74. module.exports = authController;