Fully tested the remote database

Added configurable hostname for default account email

.envdev

@@ -4,7 +4,9 @@ WEB_RESET_ADDRESS=localhost/reset
 WEB_PORT=3200
 WEB_ORIGIN=http://localhost:3001
 
-DB_HOSTNAME=database
+DB_HOSTNAME=localhost
+DB_PORTNAME=3306
+
 DB_DATABASE=auth
 DB_USERNAME=auth
 DB_PASSWORD=charizard
@@ -20,6 +22,9 @@ ADMIN_DEFAULT_USERNAME=admin
 # Give this a value to generate the default admin account (must be at least 8 characters)
 ADMIN_DEFAULT_PASSWORD=password
 
+# Give this a value to generate teh default admin account (must be a valid domain name, to pass the initial email check)
+ADMIN_DEFAULT_HOSTNAME=example.com
+
 # Select a "TZ database name" that suits your needs: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
 DB_TIMEZONE=Australia/Sydney
 

Dockerfile

@@ -1,7 +1,7 @@
 
-FROM node:18-bullseye-slim
+FROM node:22-bookworm-slim
 WORKDIR "/app"
-COPY package*.json ./
+COPY package*.json /app
 RUN npm install --production
 COPY . /app
 EXPOSE 3200

README.md

@@ -6,7 +6,7 @@ This server is available via docker hub at krgamestudios/auth-server.
 
 # Setup
 
-There are multiple ways to run this app - it can run on it's own via `npm start` (for production) or `npm run dev` (for development). it can also run inside docker using `docker-compose up --build` - run `node configure-script.js` to generate docker-compose.yml and startup.sql.
+There are multiple ways to run this app - it can run on it's own via `npm start` (for production) or `npm run dev` (for development). it can also run inside docker using `docker compose up --build` - run `node configure-script.js` to generate docker-compose.yml and startup.sql.
 
 # API
 
@@ -79,7 +79,7 @@ Cookie: refreshToken
 ###
 
 
-//DOCS: Retreives the private account data, results vary
+//DOCS: Retrieves the private account data, results vary
 GET /auth/account
 Authorization: Bearer accessToken
 

configure-script.js

@@ -36,6 +36,25 @@ const question = (prompt, def = null) => {
 	const resetAddress = await question('Reset Addr', `example.com/reset`);
 	const appPort = await question('App Port', '3200');
 
+  //configure the database address
+  let dbLocation = '';
+  while (typeof dbLocation != 'string' || /^[le]/i.test(dbLocation[0]) == false) {
+    dbLocation = await question('[l]ocal or [e]xternal database?');
+  }
+
+  let appDBHost = '';
+  let appDBPort = '';
+
+  if (/^[l]/i.test(dbLocation[0])) {
+    appDBHost = 'database';
+    appDBPort = '3306';
+  }
+  else {
+    appDBHost = await question('DB Host');
+    appDBPort = await question('DB Port', '3306');
+  }
+
+  //configure the database account
 	const appDBUser = await question('DB User', appName);
 	const appDBPass = await question('DB Pass', 'charizard');
 	const dbRootPass = await question('DB Root Pass');
@@ -46,6 +65,7 @@ const question = (prompt, def = null) => {
 	const appMailPhysical = await question('Mail Physical');
 
 	const appDefaultUser = await question('App Default User', '');
+	const appDefaultHost = await question('App Default Host', '');
 	const appDefaultPass = await question('App Default Pass', '');
 
 	const appSecretAccess = await question('Access Token Secret', uuid(32));
@@ -55,21 +75,19 @@ const question = (prompt, def = null) => {
 
 	//generate the files
 	const ymlfile = `
-version: '3'
-
 services:
   ${appName}:
     build:
       context: .
     ports:
-      - "${appPort}"
+      - ${appPort}
     labels:
-      - "traefik.enable=true"
+      - traefik.enable=true
-      - "traefik.http.routers.${appName}router.rule=Host(\`${appWebAddress}\`)"
+      - traefik.http.routers.${appName}router.rule=Host(\`${appWebAddress}\`)
-      - "traefik.http.routers.${appName}router.entrypoints=websecure"
+      - traefik.http.routers.${appName}router.entrypoints=websecure
-      - "traefik.http.routers.${appName}router.tls.certresolver=myresolver"
+      - traefik.http.routers.${appName}router.tls.certresolver=myresolver
-      - "traefik.http.routers.${appName}router.service=${appName}service@docker"
+      - traefik.http.routers.${appName}router.service=${appName}service@docker
-      - "traefik.http.services.${appName}service.loadbalancer.server.port=${appPort}"
+      - traefik.http.services.${appName}service.loadbalancer.server.port=${appPort}
     environment:
       - WEB_PROTOCOL=${appWebProtocol}
       - WEB_ORIGIN=${appWebOrigin}
@@ -77,7 +95,8 @@ services:
       - HOOK_POST_VALIDATION_ARRAY=${postValidationHookArray}
       - WEB_RESET_ADDRESS=${resetAddress}
       - WEB_PORT=${appPort}
-      - DB_HOSTNAME=database
+      - DB_HOSTNAME=${appDBHost}
+      - DB_PORTNAME=${appDBPort}
       - DB_DATABASE=${appName}
       - DB_USERNAME=${appDBUser}
       - DB_PASSWORD=${appDBPass}
@@ -87,17 +106,23 @@ services:
       - MAIL_PASSWORD=${appMailPass}
       - MAIL_PHYSICAL=${appMailPhysical}
       - ADMIN_DEFAULT_USERNAME=${appDefaultUser}
+      - ADMIN_DEFAULT_HOSTNAME=${appDefaultHost}
       - ADMIN_DEFAULT_PASSWORD=${appDefaultPass}
       - SECRET_ACCESS=${appSecretAccess}
       - SECRET_REFRESH=${appSecretRefresh}
+    volumes:
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
     networks:
-      - app-network
+      - app-network${ appDBHost != 'database' ? '' : `
     depends_on:
       - database
+
   database:
     image: mariadb:latest
     environment:
       MYSQL_DATABASE: ${appName}
+      MYSQL_TCP_PORT: ${appDBPort}
       MYSQL_USER: ${appDBUser}
       MYSQL_PASSWORD: ${appDBPass}
       MYSQL_ROOT_PASSWORD: ${dbRootPass}
@@ -106,34 +131,40 @@ services:
     volumes:
       - ./mysql:/var/lib/mysql
       - ./startup.sql:/docker-entrypoint-initdb.d/startup.sql:ro
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro`}
+
   traefik_${appName}:
     container_name: ${appName}_traefik
-    image: "traefik:v2.4"
+    image: traefik:latest
-    container_name: "traefik"
+    container_name: traefik
     command:
-      - "--log.level=ERROR"
+      - --log.level=ERROR
-      - "--api.insecure=false"
+      - --api.insecure=false
-      - "--providers.docker=true"
+      - --providers.docker=true
-      - "--providers.docker.exposedbydefault=false"
+      - --providers.docker.exposedbydefault=false
-      - "--entrypoints.websecure.address=:443"
+      - --entrypoints.websecure.address=:443
-      - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
+      - --certificatesresolvers.myresolver.acme.tlschallenge=true
-      - "--certificatesresolvers.myresolver.acme.email=${supportEmail}"
+      - --certificatesresolvers.myresolver.acme.email=${supportEmail}
-      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
+      - --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
     ports:
-      - "80:80"
+      - 80:80
-      - "443:443"
+      - 443:443
     volumes:
-      - "./letsencrypt:/letsencrypt"
+      - ./letsencrypt:/letsencrypt
-      - "/var/run/docker.sock:/var/run/docker.sock:ro"
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
     networks:
       - app-network
+
 networks:
   app-network:
     driver: bridge
 `;
 
 	const dockerfile = `
-FROM node:18-bullseye-slim
+FROM node:22-bookworm-slim
 WORKDIR "/app"
 COPY package*.json ./
 RUN npm install --production

package-lock.json

@@ -1,57 +1,60 @@
 {
   "name": "auth-server",
-  "version": "1.7.5",
+  "version": "1.8.7",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "auth-server",
-      "version": "1.7.5",
+      "version": "1.8.7",
-      "license": "ISC",
+      "license": "Zlib",
       "dependencies": {
         "bcryptjs": "^2.4.3",
         "cookie-parser": "^1.4.6",
         "cors": "^2.8.5",
-        "dotenv": "^16.0.3",
+        "dotenv": "^16.4.5",
-        "express": "^4.18.2",
+        "express": "^4.19.2",
-        "jsonwebtoken": "^9.0.0",
+        "jsonwebtoken": "^9.0.2",
-        "mariadb": "^3.1.1",
+        "mariadb": "^3.3.0",
-        "node-cron": "^3.0.2",
+        "node-cron": "^3.0.3",
-        "node-fetch": "^2.6.9",
+        "node-fetch": "^3.3.2",
-        "nodemailer": "^6.9.1",
+        "nodemailer": "^6.9.13",
-        "sequelize": "^6.31.1"
+        "sequelize": "^6.37.3"
       },
       "devDependencies": {
-        "nodemon": "^2.0.22"
+        "nodemon": "^3.1.0"
       }
     },
     "node_modules/@types/debug": {
-      "version": "4.1.7",
+      "version": "4.1.12",
-      "resolved": "https://registry.npmjs.org/@types/debug/-/debug-4.1.7.tgz",
+      "resolved": "https://registry.npmjs.org/@types/debug/-/debug-4.1.12.tgz",
-      "integrity": "sha512-9AonUzyTjXXhEOa0DnqpzZi6VHlqKMswga9EXjpXnnqxwLtdvPPtlO8evrI5D9S6asFRCQ6v+wpiUKbw+vKqyg==",
+      "integrity": "sha512-vIChWdVG3LG1SMxEvI/AK+FWJthlrqlTu7fbrlywTkkaONwk/UAGaULXRlf8vkzFBLVm0zkMdCquhL5aOjhXPQ==",
       "dependencies": {
         "@types/ms": "*"
       }
     },
     "node_modules/@types/geojson": {
-      "version": "7946.0.10",
+      "version": "7946.0.14",
-      "resolved": "https://registry.npmjs.org/@types/geojson/-/geojson-7946.0.10.tgz",
+      "resolved": "https://registry.npmjs.org/@types/geojson/-/geojson-7946.0.14.tgz",
-      "integrity": "sha512-Nmh0K3iWQJzniTuPRcJn5hxXkfB1T1pgB89SBig5PlJQU5yocazeu4jATJlaA0GYFKWMqDdvYemoSnF2pXgLVA=="
+      "integrity": "sha512-WCfD5Ht3ZesJUsONdhvm84dmzWOiOzOAqOncN0++w0lBw1o8OuDNJF2McvvCef/yBqb/HYRahp1BYtODFQ8bRg=="
     },
     "node_modules/@types/ms": {
-      "version": "0.7.31",
+      "version": "0.7.34",
-      "resolved": "https://registry.npmjs.org/@types/ms/-/ms-0.7.31.tgz",
+      "resolved": "https://registry.npmjs.org/@types/ms/-/ms-0.7.34.tgz",
-      "integrity": "sha512-iiUgKzV9AuaEkZqkOLDIvlQiL6ltuZd9tGcW3gwpnX8JbuiuhFlEGmmFXEXkN50Cvq7Os88IY2v0dkDqXYWVgA=="
+      "integrity": "sha512-nG96G3Wp6acyAgJqGasjODb+acrI7KltPiRxzHPXnP3NgI28bpQDRv53olbqGXbfcgF5aiiHmO3xpwEpS5Ld9g=="
     },
     "node_modules/@types/node": {
-      "version": "17.0.45",
+      "version": "20.12.7",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-17.0.45.tgz",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.7.tgz",
-      "integrity": "sha512-w+tIMs3rq2afQdsPJlODhoUEKzFP1ayaoyl1CcnwtIlsVe7K7bA1NGm4s3PraqTLlXnbIN84zuBlxBWo1u9BLw=="
+      "integrity": "sha512-wq0cICSkRLVaf3UGLMGItu/PtdY7oaXaI/RVU+xliKVOtRna3PRY57ZDfztpDL0n11vfymMUnXv8QwYCO7L1wg==",
+      "dependencies": {
+        "undici-types": "~5.26.4"
+      }
     },
     "node_modules/@types/validator": {
-      "version": "13.7.15",
+      "version": "13.11.9",
-      "resolved": "https://registry.npmjs.org/@types/validator/-/validator-13.7.15.tgz",
+      "resolved": "https://registry.npmjs.org/@types/validator/-/validator-13.11.9.tgz",
-      "integrity": "sha512-yeinDVQunb03AEP8luErFcyf/7Lf7AzKCD0NXfgVoGCCQDNpZET8Jgq74oBgqKld3hafLbfzt/3inUdQvaFeXQ=="
+      "integrity": "sha512-FCTsikRozryfayPuiI46QzH3fnrOoctTjvOYZkho9BTFLCOZ2rgZJHMOVgCOfttjPJcgOx52EpkY0CMfy87MIw=="
     },
     "node_modules/abbrev": {
       "version": "1.1.1",
@@ -101,21 +104,24 @@
       "integrity": "sha512-V/Hy/X9Vt7f3BbPJEi8BdVFMByHi+jNXrYkW3huaybV/kQ0KJg0Y6PkEMbn+zeT+i+SiKZ/HMqJGIIt4LZDqNQ=="
     },
     "node_modules/binary-extensions": {
-      "version": "2.2.0",
+      "version": "2.3.0",
-      "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.2.0.tgz",
+      "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.3.0.tgz",
-      "integrity": "sha512-jDctJ/IVQbZoJykoeHbhXpOlNBqGNcwXJKJog42E5HDPUwQTSdjCHdihjj0DlnheQ7blbT6dHOafNAiS8ooQKA==",
+      "integrity": "sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==",
       "dev": true,
       "engines": {
         "node": ">=8"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
       }
     },
     "node_modules/body-parser": {
-      "version": "1.20.1",
+      "version": "1.20.2",
-      "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.1.tgz",
+      "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.2.tgz",
-      "integrity": "sha512-jWi7abTbYwajOytWCQc37VulmWiRae5RyTpaCyDcS5/lMdtwSz5lOpDE67srw/HYe35f1z3fDQw+3txg7gNtWw==",
+      "integrity": "sha512-ml9pReCu3M61kGlqoTm2umSXTlRTuGTx0bfYj+uIUKKYycG5NtSbeetV3faSU6R7ajOPw0g/J1PvK4qNy7s5bA==",
       "dependencies": {
         "bytes": "3.1.2",
-        "content-type": "~1.0.4",
+        "content-type": "~1.0.5",
         "debug": "2.6.9",
         "depd": "2.0.0",
         "destroy": "1.2.0",
@@ -123,7 +129,7 @@
         "iconv-lite": "0.4.24",
         "on-finished": "2.4.1",
         "qs": "6.11.0",
-        "raw-body": "2.5.1",
+        "raw-body": "2.5.2",
         "type-is": "~1.6.18",
         "unpipe": "1.0.0"
       },
@@ -168,28 +174,28 @@
       }
     },
     "node_modules/call-bind": {
-      "version": "1.0.2",
+      "version": "1.0.7",
-      "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.2.tgz",
+      "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.7.tgz",
-      "integrity": "sha512-7O+FbCihrB5WGbFYesctwmTKae6rOiIzmz1icreWJ+0aA7LJfuqhEso2T9ncpcFtzMQtzXf2QGGueWJGTYsqrA==",
+      "integrity": "sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==",
       "dependencies": {
-        "function-bind": "^1.1.1",
+        "es-define-property": "^1.0.0",
-        "get-intrinsic": "^1.0.2"
+        "es-errors": "^1.3.0",
+        "function-bind": "^1.1.2",
+        "get-intrinsic": "^1.2.4",
+        "set-function-length": "^1.2.1"
+      },
+      "engines": {
+        "node": ">= 0.4"
       },
       "funding": {
         "url": "https://github.com/sponsors/ljharb"
       }
     },
     "node_modules/chokidar": {
-      "version": "3.5.3",
+      "version": "3.6.0",
-      "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-3.5.3.tgz",
+      "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-3.6.0.tgz",
-      "integrity": "sha512-Dr3sfKRP6oTcjf2JmUmFJfeVMvXBdegxB0iVQ5eb2V10uFJUCAS8OByZdVAyVb8xXNz3GjjTgj9kLWsZTqE6kw==",
+      "integrity": "sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw==",
       "dev": true,
-      "funding": [
-        {
-          "type": "individual",
-          "url": "https://paulmillr.com/funding/"
-        }
-      ],
       "dependencies": {
         "anymatch": "~3.1.2",
         "braces": "~3.0.2",
@@ -202,6 +208,9 @@
       "engines": {
         "node": ">= 8.10.0"
       },
+      "funding": {
+        "url": "https://paulmillr.com/funding/"
+      },
       "optionalDependencies": {
         "fsevents": "~2.3.2"
       }
@@ -268,6 +277,14 @@
         "node": ">= 0.10"
       }
     },
+    "node_modules/data-uri-to-buffer": {
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/data-uri-to-buffer/-/data-uri-to-buffer-4.0.1.tgz",
+      "integrity": "sha512-0R9ikRb668HB7QDxT1vkpuUBtqc53YyAwMwGeUFKRojY/NWKvdZ+9UYtRfGmhqNbRkTSVpMbmyhXipFFv2cb/A==",
+      "engines": {
+        "node": ">= 12"
+      }
+    },
     "node_modules/debug": {
       "version": "2.6.9",
       "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
@@ -276,6 +293,22 @@
         "ms": "2.0.0"
       }
     },
+    "node_modules/define-data-property": {
+      "version": "1.1.4",
+      "resolved": "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.4.tgz",
+      "integrity": "sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==",
+      "dependencies": {
+        "es-define-property": "^1.0.0",
+        "es-errors": "^1.3.0",
+        "gopd": "^1.0.1"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
     "node_modules/denque": {
       "version": "2.1.0",
       "resolved": "https://registry.npmjs.org/denque/-/denque-2.1.0.tgz",
@@ -302,17 +335,20 @@
       }
     },
     "node_modules/dotenv": {
-      "version": "16.0.3",
+      "version": "16.4.5",
-      "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.0.3.tgz",
+      "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.4.5.tgz",
-      "integrity": "sha512-7GO6HghkA5fYG9TYnNxi14/7K9f5occMlp3zXAuSxn7CKCxt9xbNWG7yF8hTCSUchlfWSe3uLmlPfigevRItzQ==",
+      "integrity": "sha512-ZmdL2rui+eB2YwhsWzjInR8LldtZHGDoQ1ugH85ppHKwpUHL7j7rN0Ti9NCnGiQbhaZ11FpR+7ao1dNsmduNUg==",
       "engines": {
         "node": ">=12"
+      },
+      "funding": {
+        "url": "https://dotenvx.com"
       }
     },
     "node_modules/dottie": {
-      "version": "2.0.3",
+      "version": "2.0.6",
-      "resolved": "https://registry.npmjs.org/dottie/-/dottie-2.0.3.tgz",
+      "resolved": "https://registry.npmjs.org/dottie/-/dottie-2.0.6.tgz",
-      "integrity": "sha512-4liA0PuRkZWQFQjwBypdxPfZaRWiv5tkhMXY2hzsa2pNf5s7U3m9cwUchfNKe8wZQxdGPQQzO6Rm2uGe0rvohQ=="
+      "integrity": "sha512-iGCHkfUc5kFekGiqhe8B/mdaurD+lakO9txNnTvKtA6PISrw86LgqHvRzWYPyoE2Ph5aMIrCw9/uko6XHTKCwA=="
     },
     "node_modules/ecdsa-sig-formatter": {
       "version": "1.0.11",
@@ -335,6 +371,25 @@
         "node": ">= 0.8"
       }
     },
+    "node_modules/es-define-property": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.0.tgz",
+      "integrity": "sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==",
+      "dependencies": {
+        "get-intrinsic": "^1.2.4"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
+    "node_modules/es-errors": {
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz",
+      "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==",
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
     "node_modules/escape-html": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz",
@@ -349,16 +404,16 @@
       }
     },
     "node_modules/express": {
-      "version": "4.18.2",
+      "version": "4.19.2",
-      "resolved": "https://registry.npmjs.org/express/-/express-4.18.2.tgz",
+      "resolved": "https://registry.npmjs.org/express/-/express-4.19.2.tgz",
-      "integrity": "sha512-5/PsL6iGPdfQ/lKM1UuielYgv3BUoJfz1aUwU9vHZ+J7gyvwdQXFEBIEIaxeGf0GIcreATNyBExtalisDbuMqQ==",
+      "integrity": "sha512-5T6nhjsT+EOMzuck8JjBHARTHfMht0POzlA60WV2pMD3gyXw2LZnZ+ueGdNxG+0calOJcWKbpFcuzLZ91YWq9Q==",
       "dependencies": {
         "accepts": "~1.3.8",
         "array-flatten": "1.1.1",
-        "body-parser": "1.20.1",
+        "body-parser": "1.20.2",
         "content-disposition": "0.5.4",
         "content-type": "~1.0.4",
-        "cookie": "0.5.0",
+        "cookie": "0.6.0",
         "cookie-signature": "1.0.6",
         "debug": "2.6.9",
         "depd": "2.0.0",
@@ -390,13 +445,35 @@
       }
     },
     "node_modules/express/node_modules/cookie": {
-      "version": "0.5.0",
+      "version": "0.6.0",
-      "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.5.0.tgz",
+      "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz",
-      "integrity": "sha512-YZ3GUyn/o8gfKJlnlX7g7xq4gyO6OSuhGPKaaGssGB2qgDUS0gPgtTvoyZLTt9Ab6dC4hfc9dV5arkvc/OCmrw==",
+      "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==",
       "engines": {
         "node": ">= 0.6"
       }
     },
+    "node_modules/fetch-blob": {
+      "version": "3.2.0",
+      "resolved": "https://registry.npmjs.org/fetch-blob/-/fetch-blob-3.2.0.tgz",
+      "integrity": "sha512-7yAQpD2UMJzLi1Dqv7qFYnPbaPx7ZfFK6PiIxQ4PfkGPyNyl2Ugx+a/umUonmKqjhM4DnfbMvdX6otXq83soQQ==",
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/jimmywarting"
+        },
+        {
+          "type": "paypal",
+          "url": "https://paypal.me/jimmywarting"
+        }
+      ],
+      "dependencies": {
+        "node-domexception": "^1.0.0",
+        "web-streams-polyfill": "^3.0.3"
+      },
+      "engines": {
+        "node": "^12.20 || >= 14.13"
+      }
+    },
     "node_modules/fill-range": {
       "version": "7.0.1",
       "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz",
@@ -426,6 +503,17 @@
         "node": ">= 0.8"
       }
     },
+    "node_modules/formdata-polyfill": {
+      "version": "4.0.10",
+      "resolved": "https://registry.npmjs.org/formdata-polyfill/-/formdata-polyfill-4.0.10.tgz",
+      "integrity": "sha512-buewHzMvYL29jdeQTVILecSaZKnt/RJWjoZCF5OW60Z67/GmSLBkOFM7qh1PI3zFNtJbaZL5eQu1vLfazOwj4g==",
+      "dependencies": {
+        "fetch-blob": "^3.1.2"
+      },
+      "engines": {
+        "node": ">=12.20.0"
+      }
+    },
     "node_modules/forwarded": {
       "version": "0.2.0",
       "resolved": "https://registry.npmjs.org/forwarded/-/forwarded-0.2.0.tgz",
@@ -442,33 +530,27 @@
         "node": ">= 0.6"
       }
     },
-    "node_modules/fsevents": {
+    "node_modules/function-bind": {
-      "version": "2.3.2",
+      "version": "1.1.2",
-      "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz",
+      "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz",
-      "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==",
+      "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==",
-      "dev": true,
+      "funding": {
-      "hasInstallScript": true,
+        "url": "https://github.com/sponsors/ljharb"
-      "optional": true,
-      "os": [
-        "darwin"
-      ],
-      "engines": {
-        "node": "^8.16.0 || ^10.6.0 || >=11.0.0"
       }
     },
-    "node_modules/function-bind": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz",
-      "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A=="
-    },
     "node_modules/get-intrinsic": {
-      "version": "1.2.0",
+      "version": "1.2.4",
-      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.0.tgz",
+      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.4.tgz",
-      "integrity": "sha512-L049y6nFOuom5wGyRc3/gdTLO94dySVKRACj1RmJZBQXlbTMhtNIgkWkUHq+jYmZvKf14EW1EoJnnjbmoHij0Q==",
+      "integrity": "sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==",
       "dependencies": {
-        "function-bind": "^1.1.1",
+        "es-errors": "^1.3.0",
-        "has": "^1.0.3",
+        "function-bind": "^1.1.2",
-        "has-symbols": "^1.0.3"
+        "has-proto": "^1.0.1",
+        "has-symbols": "^1.0.3",
+        "hasown": "^2.0.0"
+      },
+      "engines": {
+        "node": ">= 0.4"
       },
       "funding": {
         "url": "https://github.com/sponsors/ljharb"
@@ -486,15 +568,15 @@
         "node": ">= 6"
       }
     },
-    "node_modules/has": {
+    "node_modules/gopd": {
-      "version": "1.0.3",
+      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz",
+      "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz",
-      "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==",
+      "integrity": "sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==",
       "dependencies": {
-        "function-bind": "^1.1.1"
+        "get-intrinsic": "^1.1.3"
       },
-      "engines": {
+      "funding": {
-        "node": ">= 0.4.0"
+        "url": "https://github.com/sponsors/ljharb"
       }
     },
     "node_modules/has-flag": {
@@ -506,6 +588,28 @@
         "node": ">=4"
       }
     },
+    "node_modules/has-property-descriptors": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz",
+      "integrity": "sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==",
+      "dependencies": {
+        "es-define-property": "^1.0.0"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
+    "node_modules/has-proto": {
+      "version": "1.0.3",
+      "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.3.tgz",
+      "integrity": "sha512-SJ1amZAJUiZS+PhsVLf5tGydlaVB8EdFpaSO4gmiUKUOxk8qzn5AIy4ZeJUmh22znIdk/uMAUT2pl3FxzVUH+Q==",
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
     "node_modules/has-symbols": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz",
@@ -517,6 +621,17 @@
         "url": "https://github.com/sponsors/ljharb"
       }
     },
+    "node_modules/hasown": {
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz",
+      "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==",
+      "dependencies": {
+        "function-bind": "^1.1.2"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
     "node_modules/http-errors": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.0.tgz",
@@ -613,14 +728,20 @@
       }
     },
     "node_modules/jsonwebtoken": {
-      "version": "9.0.0",
+      "version": "9.0.2",
-      "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-9.0.0.tgz",
+      "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-9.0.2.tgz",
-      "integrity": "sha512-tuGfYXxkQGDPnLJ7SibiQgVgeDgfbPq2k2ICcbgqW8WxWLBAxKQM/ZCu/IT8SOSwmaYl4dpTFCW5xZv7YbbWUw==",
+      "integrity": "sha512-PRp66vJ865SSqOlgqS8hujT5U4AOgMfhrwYIuIhfKaoSCZcirrmASQr8CX7cUg+RMih+hgznrjp99o+W4pJLHQ==",
       "dependencies": {
         "jws": "^3.2.2",
-        "lodash": "^4.17.21",
+        "lodash.includes": "^4.3.0",
+        "lodash.isboolean": "^3.0.3",
+        "lodash.isinteger": "^4.0.4",
+        "lodash.isnumber": "^3.0.3",
+        "lodash.isplainobject": "^4.0.6",
+        "lodash.isstring": "^4.0.1",
+        "lodash.once": "^4.0.0",
         "ms": "^2.1.1",
-        "semver": "^7.3.8"
+        "semver": "^7.5.4"
       },
       "engines": {
         "node": ">=12",
@@ -656,27 +777,62 @@
       "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
       "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg=="
     },
+    "node_modules/lodash.includes": {
+      "version": "4.3.0",
+      "resolved": "https://registry.npmjs.org/lodash.includes/-/lodash.includes-4.3.0.tgz",
+      "integrity": "sha512-W3Bx6mdkRTGtlJISOvVD/lbqjTlPPUDTMnlXZFnVwi9NKJ6tiAk6LVdlhZMm17VZisqhKcgzpO5Wz91PCt5b0w=="
+    },
+    "node_modules/lodash.isboolean": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/lodash.isboolean/-/lodash.isboolean-3.0.3.tgz",
+      "integrity": "sha512-Bz5mupy2SVbPHURB98VAcw+aHh4vRV5IPNhILUCsOzRmsTmSQ17jIuqopAentWoehktxGd9e/hbIXq980/1QJg=="
+    },
+    "node_modules/lodash.isinteger": {
+      "version": "4.0.4",
+      "resolved": "https://registry.npmjs.org/lodash.isinteger/-/lodash.isinteger-4.0.4.tgz",
+      "integrity": "sha512-DBwtEWN2caHQ9/imiNeEA5ys1JoRtRfY3d7V9wkqtbycnAmTvRRmbHKDV4a0EYc678/dia0jrte4tjYwVBaZUA=="
+    },
+    "node_modules/lodash.isnumber": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/lodash.isnumber/-/lodash.isnumber-3.0.3.tgz",
+      "integrity": "sha512-QYqzpfwO3/CWf3XP+Z+tkQsfaLL/EnUlXWVkIk5FUPc4sBdTehEqZONuyRt2P67PXAk+NXmTBcc97zw9t1FQrw=="
+    },
+    "node_modules/lodash.isplainobject": {
+      "version": "4.0.6",
+      "resolved": "https://registry.npmjs.org/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz",
+      "integrity": "sha512-oSXzaWypCMHkPC3NvBEaPHf0KsA5mvPrOPgQWDsbg8n7orZ290M0BmC/jgRZ4vcJ6DTAhjrsSYgdsW/F+MFOBA=="
+    },
+    "node_modules/lodash.isstring": {
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/lodash.isstring/-/lodash.isstring-4.0.1.tgz",
+      "integrity": "sha512-0wJxfxH1wgO3GrbuP+dTTk7op+6L41QCXbGINEmD+ny/G/eCqGzxyCsh7159S+mgDDcoarnBw6PC1PS5+wUGgw=="
+    },
+    "node_modules/lodash.once": {
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/lodash.once/-/lodash.once-4.1.1.tgz",
+      "integrity": "sha512-Sb487aTOCr9drQVL8pIxOzVhafOjZN9UU54hiN8PU3uAiSV7lx1yYNpbNmex2PK6dSJoNTSJUUswT651yww3Mg=="
+    },
     "node_modules/lru-cache": {
-      "version": "7.18.3",
+      "version": "10.2.0",
-      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.18.3.tgz",
+      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.2.0.tgz",
-      "integrity": "sha512-jumlc0BIUrS3qJGgIkWZsyfAM7NCWiBcCDhnd+3NNM5KbBmLTgHVfWBcg6W+rLUsIpzpERPsvwUP7CckAQSOoA==",
+      "integrity": "sha512-2bIM8x+VAf6JT4bKAljS1qUWgMsqZRPGJS6FSahIMPVvctcNhyVp7AJu7quxOW9jwkryBReKZY5tY5JYv2n/7Q==",
       "engines": {
-        "node": ">=12"
+        "node": "14 || >=16.14"
       }
     },
     "node_modules/mariadb": {
-      "version": "3.1.1",
+      "version": "3.3.0",
-      "resolved": "https://registry.npmjs.org/mariadb/-/mariadb-3.1.1.tgz",
+      "resolved": "https://registry.npmjs.org/mariadb/-/mariadb-3.3.0.tgz",
-      "integrity": "sha512-Y5tu9pQr8uZs63FATr7ldODXn8N2aIFlAg/rp6kRTohgQiJfdl9DNGu9PXRTYdY4JgF5mT2ASD81Jdo5kfGYzg==",
+      "integrity": "sha512-sAL4bJgbfCAtXcE8bXI+NAMzVaPNkIU8hRZUXYfgNFoWB9U57G3XQiMeCx/A6IrS6y7kGwBLylrwgsZQ8kUYlw==",
       "dependencies": {
-        "@types/geojson": "^7946.0.10",
+        "@types/geojson": "^7946.0.14",
-        "@types/node": "^17.0.45",
+        "@types/node": "^20.11.17",
         "denque": "^2.1.0",
         "iconv-lite": "^0.6.3",
-        "lru-cache": "^7.14.0"
+        "lru-cache": "^10.2.0"
       },
       "engines": {
-        "node": ">= 12"
+        "node": ">= 14"
       }
     },
     "node_modules/mariadb/node_modules/iconv-lite": {
@@ -754,17 +910,17 @@
       }
     },
     "node_modules/moment": {
-      "version": "2.29.4",
+      "version": "2.30.1",
-      "resolved": "https://registry.npmjs.org/moment/-/moment-2.29.4.tgz",
+      "resolved": "https://registry.npmjs.org/moment/-/moment-2.30.1.tgz",
-      "integrity": "sha512-5LC9SOxjSc2HF6vO2CyuTDNivEdoz2IvyJJGj6X8DJ0eFyfszE0QiEd+iXmBvUP3WHxSjFH/vIsA0EN00cgr8w==",
+      "integrity": "sha512-uEmtNhbDOrWPFS+hdjFCBfy9f2YoyzRpwcl+DqpC6taX21FzsTLQVbMV/W7PzNSX6x/bhC1zA3c2UQ5NzH6how==",
       "engines": {
         "node": "*"
       }
     },
     "node_modules/moment-timezone": {
-      "version": "0.5.43",
+      "version": "0.5.45",
-      "resolved": "https://registry.npmjs.org/moment-timezone/-/moment-timezone-0.5.43.tgz",
+      "resolved": "https://registry.npmjs.org/moment-timezone/-/moment-timezone-0.5.45.tgz",
-      "integrity": "sha512-72j3aNyuIsDxdF1i7CEgV2FfxM1r6aaqJyLB2vwb33mXYyoyLly+F1zbWqhA3/bVIoJ4szlUoMbUnVdid32NUQ==",
+      "integrity": "sha512-HIWmqA86KcmCAhnMAN0wuDOARV/525R2+lOLotuGFzn4HO+FH+/645z2wx0Dt3iDv6/p61SIvKnDstISainhLQ==",
       "dependencies": {
         "moment": "^2.29.4"
       },
@@ -786,9 +942,9 @@
       }
     },
     "node_modules/node-cron": {
-      "version": "3.0.2",
+      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/node-cron/-/node-cron-3.0.2.tgz",
+      "resolved": "https://registry.npmjs.org/node-cron/-/node-cron-3.0.3.tgz",
-      "integrity": "sha512-iP8l0yGlNpE0e6q1o185yOApANRe47UPbLf4YxfbiNHt/RU5eBcGB/e0oudruheSf+LQeDMezqC5BVAb5wwRcQ==",
+      "integrity": "sha512-dOal67//nohNgYWb+nWmg5dkFdIwDm8EpeGYMekPMrngV3637lqnX0lbUcCtgibHTz6SEz7DAIjKvKDFYCnO1A==",
       "dependencies": {
         "uuid": "8.3.2"
       },
@@ -796,46 +952,62 @@
         "node": ">=6.0.0"
       }
     },
+    "node_modules/node-domexception": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/node-domexception/-/node-domexception-1.0.0.tgz",
+      "integrity": "sha512-/jKZoMpw0F8GRwl4/eLROPA3cfcXtLApP0QzLmUT/HuPCZWyB7IY9ZrMeKw2O/nFIqPQB3PVM9aYm0F312AXDQ==",
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/jimmywarting"
+        },
+        {
+          "type": "github",
+          "url": "https://paypal.me/jimmywarting"
+        }
+      ],
+      "engines": {
+        "node": ">=10.5.0"
+      }
+    },
     "node_modules/node-fetch": {
-      "version": "2.6.9",
+      "version": "3.3.2",
-      "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.9.tgz",
+      "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-3.3.2.tgz",
-      "integrity": "sha512-DJm/CJkZkRjKKj4Zi4BsKVZh3ValV5IR5s7LVZnW+6YMh0W1BfNA8XSs6DLMGYlId5F3KnA70uu2qepcR08Qqg==",
+      "integrity": "sha512-dRB78srN/l6gqWulah9SrxeYnxeddIG30+GOqK/9OlLVyLg3HPnr6SqOWTWOXKRwC2eGYCkZ59NNuSgvSrpgOA==",
       "dependencies": {
-        "whatwg-url": "^5.0.0"
+        "data-uri-to-buffer": "^4.0.0",
+        "fetch-blob": "^3.1.4",
+        "formdata-polyfill": "^4.0.10"
       },
       "engines": {
-        "node": "4.x || >=6.0.0"
+        "node": "^12.20.0 || ^14.13.1 || >=16.0.0"
       },
-      "peerDependencies": {
+      "funding": {
-        "encoding": "^0.1.0"
+        "type": "opencollective",
-      },
+        "url": "https://opencollective.com/node-fetch"
-      "peerDependenciesMeta": {
-        "encoding": {
-          "optional": true
-        }
       }
     },
     "node_modules/nodemailer": {
-      "version": "6.9.1",
+      "version": "6.9.13",
-      "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.9.1.tgz",
+      "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.9.13.tgz",
-      "integrity": "sha512-qHw7dOiU5UKNnQpXktdgQ1d3OFgRAekuvbJLcdG5dnEo/GtcTHRYM7+UfJARdOFU9WUQO8OiIamgWPmiSFHYAA==",
+      "integrity": "sha512-7o38Yogx6krdoBf3jCAqnIN4oSQFx+fMa0I7dK1D+me9kBxx12D+/33wSb+fhOCtIxvYJ+4x4IMEhmhCKfAiOA==",
       "engines": {
         "node": ">=6.0.0"
       }
     },
     "node_modules/nodemon": {
-      "version": "2.0.22",
+      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/nodemon/-/nodemon-2.0.22.tgz",
+      "resolved": "https://registry.npmjs.org/nodemon/-/nodemon-3.1.0.tgz",
-      "integrity": "sha512-B8YqaKMmyuCO7BowF1Z1/mkPqLk6cs/l63Ojtd6otKjMx47Dq1utxfRxcavH1I7VSaL8n5BUaoutadnsX3AAVQ==",
+      "integrity": "sha512-xqlktYlDMCepBJd43ZQhjWwMw2obW/JRvkrLxq5RCNcuDDX1DbcPT+qT1IlIIdf+DhnWs90JpTMe+Y5KxOchvA==",
       "dev": true,
       "dependencies": {
         "chokidar": "^3.5.2",
-        "debug": "^3.2.7",
+        "debug": "^4",
         "ignore-by-default": "^1.0.1",
         "minimatch": "^3.1.2",
         "pstree.remy": "^1.1.8",
-        "semver": "^5.7.1",
+        "semver": "^7.5.3",
-        "simple-update-notifier": "^1.0.7",
+        "simple-update-notifier": "^2.0.0",
         "supports-color": "^5.5.0",
         "touch": "^3.1.0",
         "undefsafe": "^2.0.5"
@@ -844,7 +1016,7 @@
         "nodemon": "bin/nodemon.js"
       },
       "engines": {
-        "node": ">=8.10.0"
+        "node": ">=10"
       },
       "funding": {
         "type": "opencollective",
@@ -852,29 +1024,28 @@
       }
     },
     "node_modules/nodemon/node_modules/debug": {
-      "version": "3.2.7",
+      "version": "4.3.4",
-      "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.7.tgz",
+      "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz",
-      "integrity": "sha512-CFjzYYAi4ThfiQvizrFQevTTXHtnCqWfe7x1AhgEscTz6ZbLbfoLRLPugTQyBth6f8ZERVUSyWHFD/7Wu4t1XQ==",
+      "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==",
       "dev": true,
       "dependencies": {
-        "ms": "^2.1.1"
+        "ms": "2.1.2"
+      },
+      "engines": {
+        "node": ">=6.0"
+      },
+      "peerDependenciesMeta": {
+        "supports-color": {
+          "optional": true
+        }
       }
     },
     "node_modules/nodemon/node_modules/ms": {
-      "version": "2.1.3",
+      "version": "2.1.2",
-      "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz",
+      "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
-      "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==",
+      "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==",
       "dev": true
     },
-    "node_modules/nodemon/node_modules/semver": {
-      "version": "5.7.1",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz",
-      "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==",
-      "dev": true,
-      "bin": {
-        "semver": "bin/semver"
-      }
-    },
     "node_modules/nopt": {
       "version": "1.0.10",
       "resolved": "https://registry.npmjs.org/nopt/-/nopt-1.0.10.tgz",
@@ -908,9 +1079,9 @@
       }
     },
     "node_modules/object-inspect": {
-      "version": "1.12.3",
+      "version": "1.13.1",
-      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.12.3.tgz",
+      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.1.tgz",
-      "integrity": "sha512-geUvdk7c+eizMNUDkRpW1wJwgfOiOeHbxBR/hLXK1aT6zmVSO0jsQcs7fj6MGw89jC/cjGfLcNOrtMYtGqm81g==",
+      "integrity": "sha512-5qoj1RUiKOMsCCNLV1CBiPYE10sziTsnmNxkAI/rZhiD63CF7IqdFGC/XzjWjpSgLf0LxXX3bDFIh0E18f6UhQ==",
       "funding": {
         "url": "https://github.com/sponsors/ljharb"
       }
@@ -940,9 +1111,9 @@
       "integrity": "sha512-5DFkuoqlv1uYQKxy8omFBeJPQcdoE07Kv2sferDCrAq1ohOU+MSDswDIbnx3YAM60qIOnYa53wBhXW0EbMonrQ=="
     },
     "node_modules/pg-connection-string": {
-      "version": "2.5.0",
+      "version": "2.6.4",
-      "resolved": "https://registry.npmjs.org/pg-connection-string/-/pg-connection-string-2.5.0.tgz",
+      "resolved": "https://registry.npmjs.org/pg-connection-string/-/pg-connection-string-2.6.4.tgz",
-      "integrity": "sha512-r5o/V/ORTA6TmUnyWZR9nCj1klXCO2CEKNRlVuJptZe85QuhFayC7WeMic7ndayT5IRIR0S0xFxFi2ousartlQ=="
+      "integrity": "sha512-v+Z7W/0EO707aNMaAEfiGnGL9sxxumwLl2fJvCQtMn9Fxsg+lPpPkdcyBSv/KFgpGdYkMfn+EI1Or2EHjpgLCA=="
     },
     "node_modules/picomatch": {
       "version": "2.3.1",
@@ -997,9 +1168,9 @@
       }
     },
     "node_modules/raw-body": {
-      "version": "2.5.1",
+      "version": "2.5.2",
-      "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.1.tgz",
+      "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz",
-      "integrity": "sha512-qqJBtEyVgS0ZmPGdCFPWJ3FreoqvG4MVQln/kCgF7Olq95IbOp0/BWyMwbdtn4VTvkM8Y7khCQ2Xgk/tcrCXig==",
+      "integrity": "sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==",
       "dependencies": {
         "bytes": "3.1.2",
         "http-errors": "2.0.0",
@@ -1052,9 +1223,9 @@
       "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="
     },
     "node_modules/semver": {
-      "version": "7.5.0",
+      "version": "7.6.0",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.0.tgz",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.0.tgz",
-      "integrity": "sha512-+XC0AD/R7Q2mPSRuy2Id0+CGTZ98+8f+KvwirxOKIEyid+XSx6HbC63p+O4IndTHuX5Z+JxQ0TghCkO5Cg/2HA==",
+      "integrity": "sha512-EnwXhrlwXMk9gKu5/flx5sv/an57AkRplG3hTK68W7FRDN+k+OWBj65M7719OkA82XLBxrcX0KSHj+X5COhOVg==",
       "dependencies": {
         "lru-cache": "^6.0.0"
       },
@@ -1105,9 +1276,9 @@
       "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA=="
     },
     "node_modules/sequelize": {
-      "version": "6.31.1",
+      "version": "6.37.3",
-      "resolved": "https://registry.npmjs.org/sequelize/-/sequelize-6.31.1.tgz",
+      "resolved": "https://registry.npmjs.org/sequelize/-/sequelize-6.37.3.tgz",
-      "integrity": "sha512-cahWtRrYLjqoZP/aurGBoaxn29qQCF4bxkAUPEQ/ozjJjt6mtL4Q113S3N39mQRmX5fgxRbli+bzZARP/N51eg==",
+      "integrity": "sha512-V2FTqYpdZjPy3VQrZvjTPnOoLm0KudCRXfGWp48QwhyPPp2yW8z0p0sCYZd/em847Tl2dVxJJ1DR+hF+O77T7A==",
       "funding": [
         {
           "type": "opencollective",
@@ -1115,21 +1286,21 @@
         }
       ],
       "dependencies": {
-        "@types/debug": "^4.1.7",
+        "@types/debug": "^4.1.8",
-        "@types/validator": "^13.7.1",
+        "@types/validator": "^13.7.17",
-        "debug": "^4.3.3",
+        "debug": "^4.3.4",
-        "dottie": "^2.0.2",
+        "dottie": "^2.0.6",
-        "inflection": "^1.13.2",
+        "inflection": "^1.13.4",
         "lodash": "^4.17.21",
-        "moment": "^2.29.1",
+        "moment": "^2.29.4",
-        "moment-timezone": "^0.5.35",
+        "moment-timezone": "^0.5.43",
-        "pg-connection-string": "^2.5.0",
+        "pg-connection-string": "^2.6.1",
-        "retry-as-promised": "^7.0.3",
+        "retry-as-promised": "^7.0.4",
-        "semver": "^7.3.5",
+        "semver": "^7.5.4",
         "sequelize-pool": "^7.1.0",
         "toposort-class": "^1.0.1",
         "uuid": "^8.3.2",
-        "validator": "^13.7.0",
+        "validator": "^13.9.0",
         "wkx": "^0.5.0"
       },
       "engines": {
@@ -1208,43 +1379,54 @@
         "node": ">= 0.8.0"
       }
     },
+    "node_modules/set-function-length": {
+      "version": "1.2.2",
+      "resolved": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.2.2.tgz",
+      "integrity": "sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg==",
+      "dependencies": {
+        "define-data-property": "^1.1.4",
+        "es-errors": "^1.3.0",
+        "function-bind": "^1.1.2",
+        "get-intrinsic": "^1.2.4",
+        "gopd": "^1.0.1",
+        "has-property-descriptors": "^1.0.2"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
     "node_modules/setprototypeof": {
       "version": "1.2.0",
       "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.2.0.tgz",
       "integrity": "sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw=="
     },
     "node_modules/side-channel": {
-      "version": "1.0.4",
+      "version": "1.0.6",
-      "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.4.tgz",
+      "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.6.tgz",
-      "integrity": "sha512-q5XPytqFEIKHkGdiMIrY10mvLRvnQh42/+GoBlFW3b2LXLE2xxJpZFdm94we0BaoV3RwJyGqg5wS7epxTv0Zvw==",
+      "integrity": "sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA==",
       "dependencies": {
-        "call-bind": "^1.0.0",
+        "call-bind": "^1.0.7",
-        "get-intrinsic": "^1.0.2",
+        "es-errors": "^1.3.0",
-        "object-inspect": "^1.9.0"
+        "get-intrinsic": "^1.2.4",
+        "object-inspect": "^1.13.1"
+      },
+      "engines": {
+        "node": ">= 0.4"
       },
       "funding": {
         "url": "https://github.com/sponsors/ljharb"
       }
     },
     "node_modules/simple-update-notifier": {
-      "version": "1.1.0",
+      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/simple-update-notifier/-/simple-update-notifier-1.1.0.tgz",
+      "resolved": "https://registry.npmjs.org/simple-update-notifier/-/simple-update-notifier-2.0.0.tgz",
-      "integrity": "sha512-VpsrsJSUcJEseSbMHkrsrAVSdvVS5I96Qo1QAQ4FxQ9wXFcB+pjj7FB7/us9+GcgfW4ziHtYMc1J0PLczb55mg==",
+      "integrity": "sha512-a2B9Y0KlNXl9u/vsW6sTIu9vGEpfKu2wRV6l1H3XEas/0gUIzGzBoP/IouTcUQbm9JWZLH3COxyn03TYlFax6w==",
       "dev": true,
       "dependencies": {
-        "semver": "~7.0.0"
+        "semver": "^7.5.3"
       },
       "engines": {
-        "node": ">=8.10.0"
+        "node": ">=10"
-      }
-    },
-    "node_modules/simple-update-notifier/node_modules/semver": {
-      "version": "7.0.0",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-7.0.0.tgz",
-      "integrity": "sha512-+GB6zVA9LWh6zovYQLALHwv5rb2PHGlJi3lfiqIHxR0uuwCgefcOJc59v9fv1w8GbStwxuuqqAjI9NMAOOgq1A==",
-      "dev": true,
-      "bin": {
-        "semver": "bin/semver.js"
       }
     },
     "node_modules/statuses": {
@@ -1304,11 +1486,6 @@
         "nodetouch": "bin/nodetouch.js"
       }
     },
-    "node_modules/tr46": {
-      "version": "0.0.3",
-      "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz",
-      "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw=="
-    },
     "node_modules/type-is": {
       "version": "1.6.18",
       "resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz",
@@ -1327,6 +1504,11 @@
       "integrity": "sha512-WxONCrssBM8TSPRqN5EmsjVrsv4A8X12J4ArBiiayv3DyyG3ZlIg6yysuuSYdZsVz3TKcTg2fd//Ujd4CHV1iA==",
       "dev": true
     },
+    "node_modules/undici-types": {
+      "version": "5.26.5",
+      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz",
+      "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA=="
+    },
     "node_modules/unpipe": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz",
@@ -1352,9 +1534,9 @@
       }
     },
     "node_modules/validator": {
-      "version": "13.9.0",
+      "version": "13.11.0",
-      "resolved": "https://registry.npmjs.org/validator/-/validator-13.9.0.tgz",
+      "resolved": "https://registry.npmjs.org/validator/-/validator-13.11.0.tgz",
-      "integrity": "sha512-B+dGG8U3fdtM0/aNK4/X8CXq/EcxU2WPrPEkJGslb47qyHsxmbggTWK0yEA4qnYVNF+nxNlN88o14hIcPmSIEA==",
+      "integrity": "sha512-Ii+sehpSfZy+At5nPdnyMhx78fEoPDkR2XW/zimHEL3MyGJQOCQ7WeP20jPYRz7ZCpcKLB21NxuXHF3bxjStBQ==",
       "engines": {
         "node": ">= 0.10"
       }
@@ -1367,18 +1549,12 @@
         "node": ">= 0.8"
       }
     },
-    "node_modules/webidl-conversions": {
+    "node_modules/web-streams-polyfill": {
-      "version": "3.0.1",
+      "version": "3.3.3",
-      "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz",
+      "resolved": "https://registry.npmjs.org/web-streams-polyfill/-/web-streams-polyfill-3.3.3.tgz",
-      "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ=="
+      "integrity": "sha512-d2JWLCivmZYTSIoge9MsgFCZrt571BikcWGYkjC1khllbTeDlGqZ2D8vD8E/lJa8WGWbb7Plm8/XJYV7IJHZZw==",
-    },
+      "engines": {
-    "node_modules/whatwg-url": {
+        "node": ">= 8"
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz",
-      "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==",
-      "dependencies": {
-        "tr46": "~0.0.3",
-        "webidl-conversions": "^3.0.0"
       }
     },
     "node_modules/wkx": {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "auth-server",
-  "version": "1.7.5",
+  "version": "1.8.7",
   "description": "An API centric auth server. Uses Sequelize and mariaDB by default.",
   "main": "server/server.js",
   "scripts": {
@@ -13,7 +13,7 @@
     "url": "git+https://github.com/krgamestudios/auth-server.git"
   },
   "author": "Kayne Ruse",
-  "license": "ISC",
+  "license": "Zlib",
   "bugs": {
     "url": "https://github.com/krgamestudios/auth-server/issues"
   },
@@ -22,16 +22,16 @@
     "bcryptjs": "^2.4.3",
     "cookie-parser": "^1.4.6",
     "cors": "^2.8.5",
-    "dotenv": "^16.0.3",
+    "dotenv": "^16.4.5",
-    "express": "^4.18.2",
+    "express": "^4.19.2",
-    "jsonwebtoken": "^9.0.0",
+    "jsonwebtoken": "^9.0.2",
-    "mariadb": "^3.1.1",
+    "mariadb": "^3.3.0",
-    "node-cron": "^3.0.2",
+    "node-cron": "^3.0.3",
-    "node-fetch": "^2.6.9",
+    "node-fetch": "^3.3.2",
-    "nodemailer": "^6.9.1",
+    "nodemailer": "^6.9.13",
-    "sequelize": "^6.31.1"
+    "sequelize": "^6.37.3"
   },
   "devDependencies": {
-    "nodemon": "^2.0.22"
+    "nodemon": "^3.1.0"
   }
 }

server/admin/default-account.js

@@ -7,7 +7,7 @@ module.exports = async () => {
 	await sequelize.sync(); //this whole file is just one big BUGFIX
 
 	//validate env variables
-	if (!process.env.ADMIN_DEFAULT_USERNAME || !process.env.ADMIN_DEFAULT_PASSWORD) {
+	if (!process.env.ADMIN_DEFAULT_USERNAME || !process.env.ADMIN_DEFAULT_HOSTNAME || !process.env.ADMIN_DEFAULT_PASSWORD) {
 		//skip this if arguments are missing
 		return;
 	}
@@ -25,9 +25,8 @@ module.exports = async () => {
 	});
 
 	if (adminRecord == null) {
-		const webAddress = process.env.WEB_ADDRESS == 'localhost:3000' ? 'example.com' : process.env.WEB_ADDRESS; //can't log in as "localhost"
 		await accounts.create({
-			email: `${process.env.ADMIN_DEFAULT_USERNAME}@${webAddress}`,
+			email: `${process.env.ADMIN_DEFAULT_USERNAME}@${process.env.ADMIN_DEFAULT_HOSTNAME}`,
 			username: `${process.env.ADMIN_DEFAULT_USERNAME}`,
 			hash: await bcrypt.hash(`${process.env.ADMIN_DEFAULT_PASSWORD}`, await bcrypt.genSalt(11)),
 			type: 'normal',
@@ -35,6 +34,6 @@ module.exports = async () => {
 			mod: true
 		});
 
-		console.warn(`Created default admin account (email: ${process.env.ADMIN_DEFAULT_USERNAME}@${webAddress}; password: ${process.env.ADMIN_DEFAULT_PASSWORD})`);
+		console.warn(`Created default admin account (email: ${process.env.ADMIN_DEFAULT_USERNAME}@${process.env.ADMIN_DEFAULT_HOSTNAME}; password: ${process.env.ADMIN_DEFAULT_PASSWORD})`);
 	}
 };

server/auth/index.js

@@ -5,15 +5,13 @@ const { accounts } = require('../database/models');
 
 //middleware
 const tokenAuth = require('../utilities/token-auth');
+const tokenDecode = require('../utilities/token-decode');
 
 //signup -> validate -> login all without a token
 router.post('/signup', require('./signup'));
 router.get('/validation', require('./validation'));
 router.post('/login', require('./login'));
 
-//refresh token
-router.post('/token', require('./token'));
-
 //password recover and reset
 router.post('/recover', require('./password-recover'));
 router.get('/reset', require('./password-redirect'));
@@ -22,13 +20,14 @@ router.patch('/reset', require('./password-reset'));
 //logouts allowed when banned, and when the token itself is invalid
 router.delete('/logout', require('./logout'));
 
-//middleware
+//authenticate token
-router.use(tokenAuth);
+router.use(tokenDecode);
 
+//middleware
 router.use(async (req, res, next) => {
 	const record = await accounts.findOne({
 		where: {
-			email: req.user.email || ''
+			email: req.user?.email || ''
 		}
 	});
 
@@ -43,6 +42,12 @@ router.use(async (req, res, next) => {
 	next();
 });
 
+//refresh token
+router.post('/token', require('./token'));
+
+//authenticate token
+router.use(tokenAuth);
+
 //basic account management (needs a token)
 router.get('/account', require('./account-query'));
 router.patch('/account', require('./account-update'));

server/auth/login.js

@@ -49,7 +49,7 @@ const route = async (req, res) => {
 	}
 
 	//generate the JWTs
-	const { accessToken, refreshToken } = tokenGenerateRefresh(account.index, account.email, account.username, account.type, account.admin, account.mod);
+	const { accessToken, refreshToken } = await tokenGenerateRefresh(account.index, account.email, account.username, account.type, account.admin, account.mod);
 
 	//set the cookie
 	res.cookie('refreshToken', refreshToken, { path: '/', httpOnly: true, secure: true, sameSite: 'none', maxAge: 60 * 60 * 24 * 30 * 1000 }); //30 days

server/auth/signup.js

@@ -22,7 +22,7 @@ const route = async (req, res) => {
 	//script throttle
 	const throttle = await checkThrottle(req.body.email);
 	if (throttle) {
-		console.warn(`Spam attack detected: ${req.body.email} (${req.body.username})`);
+		console.warn(`Spam Throttled\t${req.body.email} (${req.body.username})`);
 		return res.status(401).send(throttle);
 	}
 
@@ -121,7 +121,21 @@ const checkThrottle = async (email) => {
 }
 
 const registerPendingSignup = async (body, hash, token) => {
-	const record = await pendingSignups.upsert({
+	//BUGFIX: delete existing pending signups that clash
+	await pendingSignups.destroy({
+		where: {
+			email: body.email
+		}
+	});
+
+	await pendingSignups.destroy({
+		where: {
+			username: body.username
+		}
+	});
+
+	//record it
+	const record = await pendingSignups.create({
 		email: body.email,
 		username: body.username,
 		hash: hash,

server/auth/token.js

@@ -1,10 +1,8 @@
-const jwt = require('jsonwebtoken');
-
 const tokenRefresh = require('../utilities/token-refresh');
 
 //auth/token
 module.exports = async (req, res) => {
-	return tokenRefresh(req.cookies.refreshToken || '', (err, accessToken, refreshToken) => {
+	return await tokenRefresh(req.cookies.refreshToken || '', (err, accessToken, refreshToken) => {
 		if (err) {
 			return res.status(err).end();
 		}

server/auth/validation.js

@@ -1,5 +1,5 @@
 const { pendingSignups, accounts } = require('../database/models');
-const fetch = require('node-fetch');
+const fetch = (...args) => import('node-fetch').then(({default: fetch}) => fetch(...args));
 const jwt = require('jsonwebtoken');
 
 //auth/validation
@@ -44,7 +44,7 @@ const route = async (req, res) => {
 			hooks = JSON.parse(process.env.HOOK_POST_VALIDATION_ARRAY);
 
 			if (!Array.isArray(hooks)) {
-				throw 'isArray() check failed';
+				throw 'post validation hook isArray() check failed';
 			}
 
 			//authenticate the hooks

server/database/index.js

@@ -2,11 +2,10 @@ const Sequelize = require('sequelize');
 
 const sequelize = new Sequelize(process.env.DB_DATABASE, process.env.DB_USERNAME, process.env.DB_PASSWORD, {
 	host: process.env.DB_HOSTNAME,
+	port: process.env.DB_PORTNAME,
 	dialect: 'mariadb',
 	timezone: process.env.DB_TIMEZONE,
 	logging: process.env.DB_LOGGING ? console.log : false
 });
 
-sequelize.sync();
-
 module.exports = sequelize;

server/database/models/banned-ip-addresses.js

@@ -0,0 +1,17 @@
+const Sequelize = require('sequelize');
+const sequelize = require('..');
+
+//DOCS: this isn't set by anything - it's a stub for now
+
+module.exports = sequelize.define('bannedIPAddresses', {
+	content: {
+		type: 'varchar(320)',
+		unique: true
+	},
+
+	expiry: {
+		type: 'DATETIME',
+		allowNull: true,
+		defaultValue: null
+	},
+});

server/database/models/index.js

@@ -2,5 +2,6 @@ module.exports = {
 	tokens: require('./tokens'),
 	accounts: require('./accounts'),
 	pendingSignups: require('./pending-signups'),
-	recovery: require('./recovery')
+	recovery: require('./recovery'),
+	bannedIPAddresses: require("./banned-ip-addresses"),
 };

server/server.js

@@ -23,6 +23,9 @@ app.use(cookieParser());
 //database connection
 const database = require('./database');
 
+//ip-based management
+app.use(require('./utilities/banned-ip-addresses-middleware'));
+
 //access the admin
 app.use('/admin', require('./admin'));
 
@@ -38,4 +41,5 @@ app.get('*', (req, res) => {
 server.listen(process.env.WEB_PORT || 3200, async (err) => {
 	await database.sync();
 	console.log(`listening to localhost:${process.env.WEB_PORT || 3200}`);
+	console.log(`database located at ${process.env.DB_HOSTNAME || '<default>'}:${process.env.DB_PORTNAME || '<default>'}`);
 });

server/utilities/banned-ip-addresses-middleware.js

@@ -0,0 +1,33 @@
+const { Op } = require("sequelize");
+const { bannedIPAddresses } = require('../database/models');
+
+//middleware to manage banned IP addresses
+module.exports = async (req, res, next) => {
+	const address = req.header('x-forwarded-for') || req.socket.remoteAddress;
+
+	const record = await bannedIPAddresses.findOne({
+		where: {
+			content: address,
+
+			expiry: {
+				[Op.or]: {
+					//future or forever
+					[Op.gt]: Date.now(),
+					[Op.eq]: null,
+				}
+			}
+		}
+	});
+
+	//log the access timestamp
+	const date = new Date();
+
+	if (!!record) {
+		console.log(`IP blocked\t${address}\t\t\t${date.toTimeString()}`);
+		return res.status(403).send("IP address banned");
+	}
+
+	// console.log(`IP allowed\t${address}\t\t\t${date.toTimeString()}`);
+
+	return next();
+};

server/utilities/token-auth.js

@@ -6,7 +6,7 @@ module.exports = (req, res, next) => {
 	const accessToken = authHeader?.split(' ')[1]; //'Bearer token'
 
 	if (!accessToken) {
-		return res.status(401).send('No access token found');
+		return res.status(401).send('No access token provided');
 	}
 
 	return jwt.verify(accessToken, process.env.SECRET_ACCESS, (err, user) => {

server/utilities/token-decode.js

@@ -0,0 +1,17 @@
+const jwt = require('jsonwebtoken');
+
+//middleware to decode the JWT token
+module.exports = (req, res, next) => {
+	const authHeader = req.headers['authorization'];
+	const accessToken = authHeader?.split(' ')[1]; //'Bearer token'
+
+	if (!accessToken) {
+		return res.status(401).send('No access token provided');
+	}
+
+	const decoded = jwt.decode(accessToken);
+
+	req.user = decoded;
+
+	return next();
+};

server/utilities/token-destroy.js

@@ -1,7 +1,7 @@
 const { tokens } = require('../database/models');
 
-module.exports = (refreshToken) => {
+module.exports = async (refreshToken) => {
-	tokens.destroy({
+	await tokens.destroy({
 		where: {
 			token: refreshToken || ''
 		}

server/utilities/token-generate-refresh.js

@@ -2,7 +2,7 @@ const jwt = require('jsonwebtoken');
 const { tokens } = require('../database/models');
 
 //generates a JWT token based on the given arguments
-module.exports = (index, email, username, type, admin, mod) => {
+module.exports = async (index, email, username, type, admin, mod) => {
 	const content = {
 		index,
 		email,
@@ -16,7 +16,7 @@ module.exports = (index, email, username, type, admin, mod) => {
 	const accessToken = jwt.sign(content, process.env.SECRET_ACCESS, { expiresIn: '10m', issuer: 'auth' });
 	const refreshToken = jwt.sign(content, process.env.SECRET_REFRESH, { expiresIn: '30d', issuer: 'auth' });
 
-	tokens.create({ token: refreshToken, email: email });
+	await tokens.create({ token: refreshToken, email: email });
 
 	return { accessToken, refreshToken };
 };

server/utilities/token-refresh.js

@@ -19,15 +19,15 @@ module.exports = async (oldRefreshToken, callback) => {
 		return callback(403);
 	}
 
-	jwt.verify(oldRefreshToken, process.env.SECRET_REFRESH, (err, user) => {
+	jwt.verify(oldRefreshToken, process.env.SECRET_REFRESH, async (err, user) => {
 		if (err) {
 			return callback(403);
 		}
 
-		const { accessToken, refreshToken } = generate(user.index, user.email, user.username, user.type, user.admin, user.mod);
+		await destroy(oldRefreshToken);
 
-		destroy(oldRefreshToken);
+		const { accessToken, refreshToken } = await generate(user.index, user.email, user.username, user.type, user.admin, user.mod);
 
-		return callback(null, accessToken, refreshToken);
+		return await callback(null, accessToken, refreshToken);
 	});
 };

tools/debug-startup.sql

@@ -1,4 +1,4 @@
 #use this while debugging
-CREATE DATABASE IF NOT EXISTS auth;
+CREATE DATABASE auth;
-CREATE USER IF NOT EXISTS 'auth'@'%' IDENTIFIED BY 'charizard';
+CREATE USER 'auth'@'%' IDENTIFIED BY 'charizard';
 GRANT ALL PRIVILEGES ON auth.* TO 'auth'@'%';

tools/migrations/v1.3.1.sql

@@ -1 +0,0 @@
-ALTER TABLE `accounts` CHANGE `id` `index` INT( 11 ) NOT NULL AUTO_INCREMENT;

tools/migrations/v1.4.0.sql

@@ -1 +0,0 @@
-DROP TABLE tokens;

tools/react/token-provider.jsx

@@ -1,5 +1,5 @@
 import React, { useState, useEffect, createContext } from 'react';
-import decode from 'jwt-decode';
+import { jwtDecode } from 'jwt-decode';
 
 export const TokenContext = createContext();
 
@@ -25,18 +25,13 @@ const TokenProvider = props => {
 		localStorage.setItem("accessToken", accessToken);
 	}, [accessToken]);
 
-	//force a logout if refresh token is too old
-	if (accessToken && (new Date(Date.now() - 60 * 60 * 24 * 30 * 1000).getTime() > decode(accessToken).exp * 1000)) {
-		forceLogout();
-	}
-
 	//wrap the default fetch function
 	const tokenFetch = async (url, options) => {
 		//use this?
 		let bearer = accessToken;
 
 		//if expired (10 minutes, normally)
-		const expired = new Date(decode(accessToken).exp * 1000) < Date.now();
+		const expired = new Date(jwtDecode(accessToken).exp) < Date.now() / 1000;
 
 		if (expired) {
 			//BUGFIX: if logging out, just skip over the refresh token
@@ -53,6 +48,9 @@ const TokenProvider = props => {
 			//ping the auth server for a new access token
 			const response = await fetch(`${process.env.AUTH_URI}/auth/token`, {
 				method: 'POST',
+				headers: {
+					'Authorization': `Bearer ${bearer}`
+				},
 				credentials: 'include'
 			});
 
@@ -84,13 +82,19 @@ const TokenProvider = props => {
 
 	//access the refreshed token via callback
 	const tokenCallback = async (cb) => {
+		//use this?
+		let bearer = accessToken;
+
 		//if expired (10 minutes, normally)
-		const expired = new Date(decode(accessToken).exp * 1000) < Date.now();
+		const expired = new Date(jwtDecode(accessToken).exp) < Date.now() / 1000;
 
 		if (expired) {
 			//ping the auth server for a new token
 			const response = await fetch(`${process.env.AUTH_URI}/auth/token`, {
 				method: 'POST',
+				headers: {
+					'Authorization': `Bearer ${bearer}`
+				},
 				credentials: 'include'
 			});
 
@@ -115,7 +119,7 @@ const TokenProvider = props => {
 	};
 
 	return (
-		<TokenContext.Provider value={{ accessToken, setAccessToken, tokenFetch, tokenCallback, getPayload: () => decode(accessToken) }}>
+		<TokenContext.Provider value={{ accessToken, setAccessToken, tokenFetch, tokenCallback, getPayload: () => jwtDecode(accessToken) }}>
 			{props.children}
 		</TokenContext.Provider>
 	)