shane/AutoMod
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix middlewares

Browse source
This commit is contained in:
Shane C 2024-08-27 12:08:19 -04:00
parent 25941e0437
commit c973278b5a
Signed by: shane
GPG key ID: E46B5FEA35B22FF9
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
api/src/routes/login.ts
View file

@ -28,7 +28,7 @@ const beginRatelimiter = new RateLimiter('/login/begin', { limit: 10, timeframe:
const completeRatelimiter = new RateLimiter('/login/complete', { limit: 5, timeframe: 30 }); const completeRatelimiter = new RateLimiter('/login/complete', { limit: 5, timeframe: 30 });
app.post('/login/begin', app.post('/login/begin',
(...args) => beginRatelimiter.execute(...args), (_args) => beginRatelimiter.middleware(),
requireAuth({ noAuthOnly: true }), requireAuth({ noAuthOnly: true }),
async (req: Request, res: Response) => { async (req: Request, res: Response) => {
if (typeof await isAuthenticated(req) == 'string') return res.status(403).send({ error: 'You are already authenticated' }); if (typeof await isAuthenticated(req) == 'string') return res.status(403).send({ error: 'You are already authenticated' });
@ -40,14 +40,14 @@ app.post('/login/begin',
}); });
app.post('/login/complete', app.post('/login/complete',
(...args) => completeRatelimiter.execute(...args), (_args) => completeRatelimiter.middleware(),
requireAuth({ noAuthOnly: true }), requireAuth({ noAuthOnly: true }),
async (req: Request, res: Response) => { async (req: Request, res: Response) => {
const body = req.body as CompleteReqBody; const body = req.body as CompleteReqBody;
if ((!body.user || typeof body.user != 'string') || if ((!body.user || typeof body.user != 'string') ||
(!body.nonce || typeof body.nonce != 'string') || (!body.nonce || typeof body.nonce != 'string') ||
(!body.code || typeof body.code != 'string')) return badRequest(res); (!body.code || typeof body.code != 'string')) return badRequest(res);
const loginAttempt = await pendingLoginsCollection.findOne({ const loginAttempt = await pendingLoginsCollection.findOne({
code: body.code, code: body.code,
user: body.user, user: body.user,