2018-04-12 21:06:18 +00:00
|
|
|
import * as Koa from 'koa';
|
2017-01-18 05:19:50 +00:00
|
|
|
import * as bcrypt from 'bcryptjs';
|
2017-12-08 13:57:58 +00:00
|
|
|
import * as speakeasy from 'speakeasy';
|
2018-04-01 19:01:34 +00:00
|
|
|
import User, { ILocalUser } from '../../../models/user';
|
2018-03-29 11:32:18 +00:00
|
|
|
import Signin, { pack } from '../../../models/signin';
|
2018-07-07 10:19:00 +00:00
|
|
|
import event from '../../../stream';
|
2017-11-23 04:25:33 +00:00
|
|
|
import signin from '../common/signin';
|
2018-04-02 04:15:53 +00:00
|
|
|
import config from '../../../config';
|
2016-12-28 22:49:51 +00:00
|
|
|
|
2018-04-12 21:06:18 +00:00
|
|
|
export default async (ctx: Koa.Context) => {
|
|
|
|
|
ctx.set('Access-Control-Allow-Origin', config.url);
|
|
|
|
|
ctx.set('Access-Control-Allow-Credentials', 'true');
|
2016-12-28 22:49:51 +00:00
|
|
|
|
2018-07-23 04:56:25 +00:00
|
|
|
const body = ctx.request.body as any;
|
|
|
|
|
const username = body['username'];
|
|
|
|
|
const password = body['password'];
|
|
|
|
|
const token = body['token'];
|
2016-12-28 22:49:51 +00:00
|
|
|
|
2017-02-22 10:39:34 +00:00
|
|
|
if (typeof username != 'string') {
|
2018-04-12 21:06:18 +00:00
|
|
|
ctx.status = 400;
|
2017-02-22 10:39:34 +00:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (typeof password != 'string') {
|
2018-04-12 21:06:18 +00:00
|
|
|
ctx.status = 400;
|
2017-02-22 10:39:34 +00:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2017-12-08 13:57:58 +00:00
|
|
|
if (token != null && typeof token != 'string') {
|
2018-04-12 21:06:18 +00:00
|
|
|
ctx.status = 400;
|
2017-12-08 13:57:58 +00:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2016-12-28 22:49:51 +00:00
|
|
|
// Fetch user
|
2018-04-01 19:01:34 +00:00
|
|
|
const user = await User.findOne({
|
2018-03-29 05:48:47 +00:00
|
|
|
usernameLower: username.toLowerCase(),
|
2018-03-27 07:51:12 +00:00
|
|
|
host: null
|
2017-02-22 04:08:33 +00:00
|
|
|
}, {
|
2018-07-23 04:56:25 +00:00
|
|
|
fields: {
|
|
|
|
|
data: false,
|
|
|
|
|
profile: false
|
|
|
|
|
}
|
|
|
|
|
}) as ILocalUser;
|
2016-12-28 22:49:51 +00:00
|
|
|
|
|
|
|
|
if (user === null) {
|
2018-04-12 21:06:18 +00:00
|
|
|
ctx.throw(404, {
|
2017-03-09 21:42:57 +00:00
|
|
|
error: 'user not found'
|
|
|
|
|
});
|
2016-12-28 22:49:51 +00:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Compare password
|
2018-04-07 19:44:59 +00:00
|
|
|
const same = await bcrypt.compare(password, user.password);
|
2016-12-28 22:49:51 +00:00
|
|
|
|
|
|
|
|
if (same) {
|
2018-04-07 18:58:11 +00:00
|
|
|
if (user.twoFactorEnabled) {
|
2017-12-08 13:57:58 +00:00
|
|
|
const verified = (speakeasy as any).totp.verify({
|
2018-04-07 18:58:11 +00:00
|
|
|
secret: user.twoFactorSecret,
|
2017-12-08 13:57:58 +00:00
|
|
|
encoding: 'base32',
|
|
|
|
|
token: token
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (verified) {
|
2018-04-13 02:44:39 +00:00
|
|
|
signin(ctx, user);
|
2017-12-08 13:57:58 +00:00
|
|
|
} else {
|
2018-04-12 21:06:18 +00:00
|
|
|
ctx.throw(400, {
|
2017-12-08 13:57:58 +00:00
|
|
|
error: 'invalid token'
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
} else {
|
2018-04-13 02:44:39 +00:00
|
|
|
signin(ctx, user);
|
2017-12-08 13:57:58 +00:00
|
|
|
}
|
2016-12-28 22:49:51 +00:00
|
|
|
} else {
|
2018-04-12 21:06:18 +00:00
|
|
|
ctx.throw(400, {
|
2017-03-09 21:42:57 +00:00
|
|
|
error: 'incorrect password'
|
|
|
|
|
});
|
2016-12-28 22:49:51 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Append signin history
|
2017-01-17 01:49:27 +00:00
|
|
|
const record = await Signin.insert({
|
2018-03-29 05:48:47 +00:00
|
|
|
createdAt: new Date(),
|
|
|
|
|
userId: user._id,
|
2018-04-12 21:06:18 +00:00
|
|
|
ip: ctx.ip,
|
|
|
|
|
headers: ctx.headers,
|
2016-12-28 22:49:51 +00:00
|
|
|
success: same
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// Publish signin event
|
2018-02-01 23:21:30 +00:00
|
|
|
event(user._id, 'signin', await pack(record));
|
2016-12-28 22:49:51 +00:00
|
|
|
};
|
