Skip to content

Commit

Permalink
API: ensure user is active in checkLogin helper
Browse files Browse the repository at this point in the history
  • Loading branch information
@M1CK431
M1CK431 committed Oct 15, 2024
1 parent 51f94d6 commit 9521b8e
Show file tree
Hide file tree
Showing 10 changed files with 72 additions and 70 deletions.
66 changes: 33 additions & 33 deletions server/server.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -494,7 +494,7 @@ let needSetup = false;
return;
}

checkLogin(socket);
await checkLogin(socket);
await doubleCheckPassword(socket.userID, currentPassword);

let user = await R.findOne("user", " id = ? AND active = 1 ", [
Expand Down Expand Up @@ -544,7 +544,7 @@ let needSetup = false;
return;
}

checkLogin(socket);
await checkLogin(socket);
await doubleCheckPassword(socket.userID, currentPassword);

await R.exec("UPDATE `user` SET twofa_status = 1 WHERE id = ? ", [
Expand Down Expand Up @@ -577,7 +577,7 @@ let needSetup = false;
return;
}

checkLogin(socket);
await checkLogin(socket);
await doubleCheckPassword(socket.userID, currentPassword);
await TwoFA.disable2FA(socket.userID);

Expand All @@ -601,7 +601,7 @@ let needSetup = false;

socket.on("verifyToken", async (token, currentPassword, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);
await doubleCheckPassword(socket.userID, currentPassword);

let user = await R.findOne("user", " id = ? AND active = 1 ", [
Expand Down Expand Up @@ -634,7 +634,7 @@ let needSetup = false;

socket.on("twoFAStatus", async (callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

let user = await R.findOne("user", " id = ? AND active = 1 ", [
socket.userID,
Expand Down Expand Up @@ -696,7 +696,7 @@ let needSetup = false;

socket.on("getUsers", async callback => {
try {
checkLogin(socket);
await checkLogin(socket);

const users = await sendUserList(socket);

Expand All @@ -714,7 +714,7 @@ let needSetup = false;

socket.on("getUser", async (userID, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

const user = await getUser(userID);

Expand All @@ -732,7 +732,7 @@ let needSetup = false;

socket.on("saveUser", async (user, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

await saveUser(socket, user);
await sendUserList(socket);
Expand All @@ -752,7 +752,7 @@ let needSetup = false;
// Add a new monitor
socket.on("add", async (monitor, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);
let bean = R.dispense("monitor");

let notificationIDList = monitor.notificationIDList;
Expand Down Expand Up @@ -809,7 +809,7 @@ let needSetup = false;
socket.on("editMonitor", async (monitor, callback) => {
try {
let removeGroupChildren = false;
checkLogin(socket);
await checkLogin(socket);

let bean = await R.findOne("monitor", " id = ? ", [ monitor.id ]);

Expand Down Expand Up @@ -952,7 +952,7 @@ let needSetup = false;

socket.on("getMonitorList", async (callback) => {
try {
checkLogin(socket);
await checkLogin(socket);
await server.sendMonitorList(socket);
callback({
ok: true,
Expand All @@ -968,7 +968,7 @@ let needSetup = false;

socket.on("getMonitor", async (monitorID, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

log.info("monitor", `Get Monitor: ${monitorID} User ID: ${socket.userID}`);

Expand All @@ -992,7 +992,7 @@ let needSetup = false;

socket.on("getMonitorBeats", async (monitorID, period, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

log.info("monitor", `Get Monitor Beats: ${monitorID} User ID: ${socket.userID}`);

Expand Down Expand Up @@ -1028,7 +1028,7 @@ let needSetup = false;
// Start or Resume the monitor
socket.on("resumeMonitor", async (monitorID, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);
await startMonitor(socket.userID, monitorID);
await server.sendUpdateMonitorIntoList(socket, monitorID);

Expand All @@ -1048,7 +1048,7 @@ let needSetup = false;

socket.on("pauseMonitor", async (monitorID, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);
await pauseMonitor(socket.userID, monitorID);
await server.sendUpdateMonitorIntoList(socket, monitorID);

Expand All @@ -1068,7 +1068,7 @@ let needSetup = false;

socket.on("deleteMonitor", async (monitorID, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

log.info("manage", `Delete Monitor: ${monitorID} User ID: ${socket.userID}`);

Expand Down Expand Up @@ -1105,7 +1105,7 @@ let needSetup = false;

socket.on("getTags", async (callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

const list = await R.findAll("tag");

Expand All @@ -1124,7 +1124,7 @@ let needSetup = false;

socket.on("addTag", async (tag, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

let bean = R.dispense("tag");
bean.name = tag.name;
Expand All @@ -1146,7 +1146,7 @@ let needSetup = false;

socket.on("editTag", async (tag, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

let bean = await R.findOne("tag", " id = ? ", [ tag.id ]);
if (bean == null) {
Expand Down Expand Up @@ -1178,7 +1178,7 @@ let needSetup = false;

socket.on("deleteTag", async (tagID, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

await R.exec("DELETE FROM tag WHERE id = ? ", [ tagID ]);

Expand All @@ -1198,7 +1198,7 @@ let needSetup = false;

socket.on("addMonitorTag", async (tagID, monitorID, value, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

await R.exec("INSERT INTO monitor_tag (tag_id, monitor_id, value) VALUES (?, ?, ?)", [
tagID,
Expand All @@ -1222,7 +1222,7 @@ let needSetup = false;

socket.on("editMonitorTag", async (tagID, monitorID, value, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

await R.exec("UPDATE monitor_tag SET value = ? WHERE tag_id = ? AND monitor_id = ?", [
value,
Expand All @@ -1246,7 +1246,7 @@ let needSetup = false;

socket.on("deleteMonitorTag", async (tagID, monitorID, value, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

await R.exec("DELETE FROM monitor_tag WHERE tag_id = ? AND monitor_id = ? AND value = ?", [
tagID,
Expand Down Expand Up @@ -1336,7 +1336,7 @@ let needSetup = false;

socket.on("changePassword", async (userID, password, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

if (!password.newPassword) {
throw new Error("Invalid new password");
Expand Down Expand Up @@ -1368,7 +1368,7 @@ let needSetup = false;

socket.on("getSettings", async (callback) => {
try {
checkLogin(socket);
await checkLogin(socket);
const data = await getSettings("general");

if (!data.serverTimezone) {
Expand All @@ -1390,7 +1390,7 @@ let needSetup = false;

socket.on("setSettings", async (data, currentPassword, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

// If currently is disabled auth, don't need to check
// Disabled Auth + Want to Disable Auth => No Check
Expand Down Expand Up @@ -1454,7 +1454,7 @@ let needSetup = false;
// Add or Edit
socket.on("addNotification", async (notification, notificationID, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

let notificationBean = await Notification.save(notification, notificationID, socket.userID);
await sendNotificationList(socket);
Expand All @@ -1476,7 +1476,7 @@ let needSetup = false;

socket.on("deleteNotification", async (notificationID, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

await Notification.delete(notificationID, socket.userID);
await sendNotificationList(socket);
Expand All @@ -1497,7 +1497,7 @@ let needSetup = false;

socket.on("testNotification", async (notification, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

let msg = await Notification.send(notification, notification.name + " Testing");

Expand All @@ -1518,7 +1518,7 @@ let needSetup = false;

socket.on("checkApprise", async (callback) => {
try {
checkLogin(socket);
await checkLogin(socket);
callback(Notification.checkApprise());
} catch (e) {
callback(false);
Expand All @@ -1527,7 +1527,7 @@ let needSetup = false;

socket.on("clearEvents", async (monitorID, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

log.info("manage", `Clear Events Monitor: ${monitorID} User ID: ${socket.userID}`);

Expand All @@ -1551,7 +1551,7 @@ let needSetup = false;

socket.on("clearHeartbeats", async (monitorID, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

log.info("manage", `Clear Heartbeats Monitor: ${monitorID} User ID: ${socket.userID}`);

Expand All @@ -1575,7 +1575,7 @@ let needSetup = false;

socket.on("clearStatistics", async (callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

log.info("manage", `Clear Statistics User ID: ${socket.userID}`);

Expand Down
10 changes: 5 additions & 5 deletions server/socket-handlers/api-key-socket-handler.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ module.exports.apiKeySocketHandler = (socket) => {
// Add a new api key
socket.on("addAPIKey", async (key, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

let clearKey = nanoid(40);
let hashedKey = passwordHash.generate(clearKey);
Expand Down Expand Up @@ -54,7 +54,7 @@ module.exports.apiKeySocketHandler = (socket) => {

socket.on("getAPIKeyList", async (callback) => {
try {
checkLogin(socket);
await checkLogin(socket);
await sendAPIKeyList(socket);
callback({
ok: true,
Expand All @@ -70,7 +70,7 @@ module.exports.apiKeySocketHandler = (socket) => {

socket.on("deleteAPIKey", async (keyID, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

log.debug("apikeys", `Deleted API Key: ${keyID} User ID: ${socket.userID}`);

Expand All @@ -96,7 +96,7 @@ module.exports.apiKeySocketHandler = (socket) => {

socket.on("disableAPIKey", async (keyID, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

log.debug("apikeys", `Disabled Key: ${keyID} User ID: ${socket.userID}`);

Expand Down Expand Up @@ -124,7 +124,7 @@ module.exports.apiKeySocketHandler = (socket) => {

socket.on("enableAPIKey", async (keyID, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);

log.debug("apikeys", `Enabled Key: ${keyID} User ID: ${socket.userID}`);

Expand Down
10 changes: 5 additions & 5 deletions server/socket-handlers/cloudflared-socket-handler.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ module.exports.cloudflaredSocketHandler = (socket) => {

socket.on(prefix + "join", async () => {
try {
checkLogin(socket);
await checkLogin(socket);
socket.join("cloudflared");
io.to(socket.userID).emit(prefix + "installed", cloudflared.checkInstalled());
io.to(socket.userID).emit(prefix + "running", cloudflared.running);
Expand All @@ -46,14 +46,14 @@ module.exports.cloudflaredSocketHandler = (socket) => {

socket.on(prefix + "leave", async () => {
try {
checkLogin(socket);
await checkLogin(socket);
socket.leave("cloudflared");
} catch (error) { }
});

socket.on(prefix + "start", async (token) => {
try {
checkLogin(socket);
await checkLogin(socket);
if (token && typeof token === "string") {
await setSetting("cloudflaredTunnelToken", token);
cloudflared.token = token;
Expand All @@ -66,7 +66,7 @@ module.exports.cloudflaredSocketHandler = (socket) => {

socket.on(prefix + "stop", async (currentPassword, callback) => {
try {
checkLogin(socket);
await checkLogin(socket);
const disabledAuth = await setting("disableAuth");
if (!disabledAuth) {
await doubleCheckPassword(socket, currentPassword);
Expand All @@ -82,7 +82,7 @@ module.exports.cloudflaredSocketHandler = (socket) => {

socket.on(prefix + "removeToken", async () => {
try {
checkLogin(socket);
await checkLogin(socket);
await setSetting("cloudflaredTunnelToken", "");
} catch (error) { }
});
Expand Down
Loading

0 comments on commit 9521b8e

Please sign in to comment.