Compare commits
4 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 Kayne Ruse
|
d3e90f7d5d | ||
|
Kayne Ruse
|
98887eecce | ||
|
Kayne Ruse
|
95e6bd178e | ||
|
Kayne Ruse
|
ac7c8d04ed |
Generated
+3022
-81
File diff suppressed because it is too large
Load Diff
+10
-6
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "auth-server",
|
||||
"version": "1.7.7",
|
||||
"version": "1.7.9",
|
||||
"description": "An API centric auth server. Uses Sequelize and mariaDB by default.",
|
||||
"main": "server/server.js",
|
||||
"scripts": {
|
||||
@@ -22,16 +22,20 @@
|
||||
"bcryptjs": "^2.4.3",
|
||||
"cookie-parser": "^1.4.6",
|
||||
"cors": "^2.8.5",
|
||||
"dotenv": "^16.0.3",
|
||||
"dotenv": "^16.3.1",
|
||||
"express": "^4.18.2",
|
||||
"jsonwebtoken": "^9.0.0",
|
||||
"mariadb": "^3.1.1",
|
||||
"mariadb": "^3.2.0",
|
||||
"node-cron": "^3.0.2",
|
||||
"node-fetch": "^2.6.9",
|
||||
"nodemailer": "^6.9.1",
|
||||
"sequelize": "^6.31.1"
|
||||
"node-fetch": "^2.6.11",
|
||||
"nodemailer": "^6.9.3",
|
||||
"npm": "^9.7.2",
|
||||
"sequelize": "^6.32.1"
|
||||
},
|
||||
"devDependencies": {
|
||||
"nodemon": "^2.0.22"
|
||||
},
|
||||
"overrides": {
|
||||
"semver": "^7.5.2"
|
||||
}
|
||||
}
|
||||
|
||||
@@ -22,7 +22,7 @@ const route = async (req, res) => {
|
||||
//script throttle
|
||||
const throttle = await checkThrottle(req.body.email);
|
||||
if (throttle) {
|
||||
console.warn(`Spam attack detected: ${req.body.email} (${req.body.username})`);
|
||||
console.warn(`Spam Throttled\t${req.body.email} (${req.body.username})`);
|
||||
return res.status(401).send(throttle);
|
||||
}
|
||||
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
const Sequelize = require('sequelize');
|
||||
const sequelize = require('..');
|
||||
|
||||
//DOCS: this isn't set by anything - it's a stub for now
|
||||
|
||||
module.exports = sequelize.define('bannedIPAddresses', {
|
||||
content: {
|
||||
type: 'varchar(320)',
|
||||
|
||||
+1
-1
@@ -24,7 +24,7 @@ app.use(cookieParser());
|
||||
const database = require('./database');
|
||||
|
||||
//ip-based management
|
||||
app.use(require('./utilities/banned-up-addresses-middleware'));
|
||||
app.use(require('./utilities/banned-ip-addresses-middleware'));
|
||||
|
||||
//access the admin
|
||||
app.use('/admin', require('./admin'));
|
||||
|
||||
+10
-2
@@ -10,16 +10,24 @@ module.exports = async (req, res, next) => {
|
||||
content: address,
|
||||
|
||||
expiry: {
|
||||
[Op.gt]: Date.now()
|
||||
[Op.or]: {
|
||||
//future or forever
|
||||
[Op.gt]: Date.now(),
|
||||
[Op.eq]: null,
|
||||
}
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
//log the access timestamp
|
||||
const date = new Date();
|
||||
|
||||
if (!!record) {
|
||||
console.log(`IP blocked\t${address}\t\t\t${date.toTimeString()}`);
|
||||
return res.status(403).send("IP address banned");
|
||||
}
|
||||
|
||||
console.log(`IP ${address}`);
|
||||
// console.log(`IP allowed\t${address}\t\t\t${date.toTimeString()}`);
|
||||
|
||||
return next();
|
||||
};
|
||||
@@ -25,18 +25,13 @@ const TokenProvider = props => {
|
||||
localStorage.setItem("accessToken", accessToken);
|
||||
}, [accessToken]);
|
||||
|
||||
//force a logout if refresh token is too old
|
||||
if (accessToken && (new Date(Date.now() - 60 * 60 * 24 * 30 * 1000).getTime() > decode(accessToken).exp * 1000)) {
|
||||
forceLogout();
|
||||
}
|
||||
|
||||
//wrap the default fetch function
|
||||
const tokenFetch = async (url, options) => {
|
||||
//use this?
|
||||
let bearer = accessToken;
|
||||
|
||||
//if expired (10 minutes, normally)
|
||||
const expired = new Date(decode(accessToken).exp * 1000) < Date.now();
|
||||
const expired = new Date(decode(accessToken).exp + 600) < Date.now();
|
||||
|
||||
if (expired) {
|
||||
//BUGFIX: if logging out, just skip over the refresh token
|
||||
|
||||
Reference in New Issue
Block a user