parent
89663c696f
commit
8c3f2db3b2
10 changed files with 161 additions and 253 deletions
|
|
@ -9,33 +9,30 @@ import {db, UserRow} from "../types/db";
|
|||
const router = express.Router();
|
||||
|
||||
passport.use(new LocalStrategy(function verify(username, password, cb) {
|
||||
try {
|
||||
// Fetch user from database using better-sqlite3's synchronous API
|
||||
const row = db.prepare("SELECT * FROM users WHERE username = ?").get(username) as UserRow;
|
||||
|
||||
db.get("SELECT * FROM users WHERE username = ?", [username], function(err: Error, row: UserRow) {
|
||||
if (err) {
|
||||
return cb(err);
|
||||
}
|
||||
if (!row) {
|
||||
return cb(null, false, {
|
||||
message: "Incorrect username or password."
|
||||
});
|
||||
}
|
||||
|
||||
// Synchronously hash the provided password with the stored salt
|
||||
const hashedPassword = crypto.pbkdf2Sync(password, row.salt, 310000, 32, "sha256");
|
||||
|
||||
if (!crypto.timingSafeEqual(row.hashed_password, hashedPassword)) {
|
||||
return cb(null, false, {
|
||||
message: "Incorrect username or password."
|
||||
});
|
||||
}
|
||||
|
||||
return cb(null, row);
|
||||
|
||||
} catch (err) {
|
||||
return cb(err);
|
||||
}
|
||||
crypto.pbkdf2(password, row.salt, 310000, 32, "sha256", function(err, hashedPassword) {
|
||||
if (err) {
|
||||
return cb(err);
|
||||
}
|
||||
if (!crypto.timingSafeEqual(row.hashed_password, hashedPassword)) {
|
||||
return cb(null, false, {
|
||||
message: "Incorrect username or password."
|
||||
});
|
||||
}
|
||||
return cb(null, row);
|
||||
});
|
||||
});
|
||||
}));
|
||||
|
||||
|
||||
passport.serializeUser(function(user:User, cb) {
|
||||
process.nextTick(function() {
|
||||
cb(null, {
|
||||
|
|
|
|||
|
|
@ -17,32 +17,13 @@ import {fileStorage} from "../types/multer";
|
|||
import {checkAuth, checkSharexAuth, convertTo720p, createEmbedData, handleUpload} from "../types/middleware";
|
||||
|
||||
const upload = multer({ storage: fileStorage /**, fileFilter: fileFilter**/ }); //maybe make this a env variable?
|
||||
|
||||
/**Middleware to grab media from media database */
|
||||
const fetchMedia: Middleware = (req, res, next) => {
|
||||
try {
|
||||
const admin: boolean = req.user.username == "admin" ? true : false;
|
||||
/**Check if the user is an admin, if so, show all posts from all users */
|
||||
const query: string = admin ? "SELECT * FROM media" : `SELECT * FROM media WHERE username = ?`;
|
||||
const rows = (admin ? db.prepare(query).all() : db.prepare(query).all(req.user.username)) as MediaRow[];
|
||||
const files = rows.map((row: MediaRow) => {
|
||||
return {
|
||||
id: row.id,
|
||||
path: row.path,
|
||||
expire: row.expire,
|
||||
sername: row.username,
|
||||
url: "/" + row.id
|
||||
};
|
||||
});
|
||||
const admin: boolean = req.user.username == "admin" ? true : false;
|
||||
/**Check if the user is an admin, if so, show all posts from all users */
|
||||
const query: string = admin == true ? "SELECT * FROM media" : `SELECT * FROM media WHERE username = '${req.user.username}'`;
|
||||
|
||||
res.locals.files = files.reverse(); //reverse so newest files appear first
|
||||
res.locals.Count = files.length;
|
||||
next();
|
||||
} catch (err) {
|
||||
next(err);
|
||||
}
|
||||
|
||||
/**db.all(query, (err:Error, rows: []) => {
|
||||
db.all(query, (err:Error, rows: []) => {
|
||||
if (err) return next(err);
|
||||
const files = rows.map((row: MediaRow)=> {
|
||||
return {
|
||||
|
|
@ -56,7 +37,7 @@ const fetchMedia: Middleware = (req, res, next) => {
|
|||
res.locals.files = files.reverse(); //reverse so newest files appear first
|
||||
res.locals.Count = files.length;
|
||||
next();
|
||||
});**/
|
||||
});
|
||||
};
|
||||
|
||||
const router = express.Router();
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue