Merge branch 'master' into luke
This commit is contained in:
LuckyLaszlo
@@ -123,19 +123,30 @@ export class ChatController {
|
||||
throw new HttpException({ error: true, code: 'FORBIDDEN_CHARACTERS', message: `Your room name can not contains these characters : ${forbidden_chars}` }, HttpStatus.UNPROCESSABLE_ENTITY);
|
||||
}
|
||||
|
||||
// check for password protection
|
||||
if (typeof room.protection === 'undefined')
|
||||
room.protection = false;
|
||||
else if (room.protection === true)
|
||||
{
|
||||
if (!room.password || room.password.length === 0)
|
||||
{
|
||||
printCaller(`throw error: error: true, code: 'PASSWORD_TOO_SHORT', message: 'your password is too short'`);
|
||||
throw new HttpException({ error: true, code: 'PASSWORD_TOO_SHORT', message: `your password is too short` }, HttpStatus.UNPROCESSABLE_ENTITY);
|
||||
printCaller(`throw error: error: true, code: 'PASSWORD_INVALID', message: 'your password is invalid'`);
|
||||
throw new HttpException({ error: true, code: 'PASSWORD_INVALID', message: `your password is invalid` }, HttpStatus.UNPROCESSABLE_ENTITY);
|
||||
}
|
||||
}
|
||||
|
||||
room.users = [req.user.username];
|
||||
await this.chatService.addUserToNewRoom(req.user.username, room);
|
||||
|
||||
if (room.protection)
|
||||
{
|
||||
let message = `${req.user.username} changed the password`;
|
||||
room.allowed_users = [req.user.username];
|
||||
await this.chatService.setPassword(req.user.username, message, room);
|
||||
let socket: socketDto = this.chatGateway.sockets.get(req.user.username);
|
||||
await socket.to(socket.room).emit('message', "SERVER", message);
|
||||
}
|
||||
|
||||
const ret_room = this.format_room(room);
|
||||
res.status(HttpStatus.OK).json({ room: ret_room });
|
||||
printCaller("- out ");
|
||||
@@ -196,6 +207,7 @@ export class ChatController {
|
||||
|
||||
let fields = ["protection", "allowed_users"];
|
||||
const room_db = await this.chatService.getRoomByName(room.name, fields);
|
||||
|
||||
if (room_db.protection === true)
|
||||
{
|
||||
if (!room_db.allowed_users.includes(req.user.username))
|
||||
@@ -216,8 +228,8 @@ export class ChatController {
|
||||
|
||||
@UseGuards(AuthenticateGuard)
|
||||
@UseGuards(TwoFactorGuard)
|
||||
@Post('password')
|
||||
async setPassword(@Body() room: roomDto, @Req() req, @Res() res): Promise<void>
|
||||
@Post('passwordauth')
|
||||
async passwordAuthentication(@Body() room: roomDto, @Req() req, @Res() res): Promise<void>
|
||||
{
|
||||
printCaller("- in ");
|
||||
|
||||
@@ -239,6 +251,69 @@ export class ChatController {
|
||||
printCaller("- out ");
|
||||
}
|
||||
|
||||
@UseGuards(AuthenticateGuard)
|
||||
@UseGuards(TwoFactorGuard)
|
||||
@Post('changepassword')
|
||||
async changePassword(@Body('room') room: roomDto, @Body('old_password') old_password: string, @Req() req, @Res() res): Promise<void>
|
||||
{
|
||||
printCaller("- in ");
|
||||
|
||||
let message = `${req.user.username} changed the password`;
|
||||
room.allowed_users = [req.user.username];
|
||||
room.protection = true;
|
||||
await this.chatService.setPassword(req.user.username, message, room, old_password);
|
||||
|
||||
// inform other connected users
|
||||
let socket: socketDto = this.chatGateway.sockets.get(req.user.username);
|
||||
await socket.to(socket.room).emit('message', "SERVER", message);
|
||||
|
||||
const ret_room = this.format_room(room);
|
||||
res.status(HttpStatus.OK).json({ room: ret_room });
|
||||
printCaller("- out ");
|
||||
}
|
||||
|
||||
@UseGuards(AuthenticateGuard)
|
||||
@UseGuards(TwoFactorGuard)
|
||||
@Post('addpassword')
|
||||
async addPassword(@Body() room: roomDto, @Req() req, @Res() res): Promise<void>
|
||||
{
|
||||
printCaller("- in ");
|
||||
|
||||
let message = `${req.user.username} added a password`;
|
||||
room.allowed_users = [req.user.username];
|
||||
room.protection = true;
|
||||
await this.chatService.setPassword(req.user.username, message, room);
|
||||
|
||||
// inform other connected users
|
||||
let socket: socketDto = this.chatGateway.sockets.get(req.user.username);
|
||||
await socket.to(socket.room).emit('message', "SERVER", message);
|
||||
|
||||
const ret_room = this.format_room(room);
|
||||
res.status(HttpStatus.OK).json({ room: ret_room });
|
||||
printCaller("- out ");
|
||||
}
|
||||
|
||||
@UseGuards(AuthenticateGuard)
|
||||
@UseGuards(TwoFactorGuard)
|
||||
@Delete('removepassword')
|
||||
async removePassword(@Body() room: roomDto, @Req() req, @Res() res): Promise<void>
|
||||
{
|
||||
printCaller("- in ");
|
||||
|
||||
let message = `${req.user.username} removed a new password`;
|
||||
room.allowed_users = [];
|
||||
room.protection = false;
|
||||
await this.chatService.setPassword(req.user.username, message, room);
|
||||
|
||||
// inform other connected users
|
||||
let socket: socketDto = this.chatGateway.sockets.get(req.user.username);
|
||||
await socket.to(socket.room).emit('message', "SERVER", message);
|
||||
|
||||
const ret_room = this.format_room(room);
|
||||
res.status(HttpStatus.OK).json({ room: ret_room });
|
||||
printCaller("- out ");
|
||||
}
|
||||
|
||||
@UseGuards(AuthenticateGuard)
|
||||
@UseGuards(TwoFactorGuard)
|
||||
@Post('invite')
|
||||
@@ -302,6 +377,13 @@ export class ChatController {
|
||||
const room_name = await this.chatService.getCurrentRoomName(req.user.username);
|
||||
const room = await this.chatService.getRoomByName(room_name);
|
||||
const users = room.users;
|
||||
|
||||
let index = users.indexOf(req.user.username);
|
||||
if (index > -1)
|
||||
{
|
||||
users.splice(index, 1);
|
||||
}
|
||||
|
||||
res.status(HttpStatus.OK).json({ users: users });
|
||||
printCaller("- out ");
|
||||
}
|
||||
|
||||
@@ -206,6 +206,60 @@ export class ChatService {
|
||||
await this.chatroomRepository.save(room_db);
|
||||
}
|
||||
|
||||
async setPassword(username: string, message: string, room: roomDto, old_password?: string): Promise<void>
|
||||
{
|
||||
printCaller("-- in ");
|
||||
|
||||
if (room.type === 'direct')
|
||||
{
|
||||
console.log("throw error: error: true, code: 'DIRECT_PASSWORD_FORBIDDEN', message: 'you cannot set a password in a direct message room'");
|
||||
throw new HttpException({ error: true, code: 'DIRECT_PASSWORD_FORBIDDEN', message: `you cannot set a password in a direct message room` }, HttpStatus.FORBIDDEN);
|
||||
}
|
||||
|
||||
const current_room = await this.getRoomByName(room.name);
|
||||
|
||||
if (!room.password)
|
||||
{
|
||||
console.log("throw error: error: true, code: 'NO_PASSWORD', message: 'this room has no password protection'");
|
||||
throw new HttpException({ error: true, code: 'NO_PASSWORD', message: `this room has no password protection` }, HttpStatus.FORBIDDEN);
|
||||
}
|
||||
if (current_room.protection)
|
||||
{
|
||||
if (room.protection && !old_password)
|
||||
{
|
||||
console.log("throw error: error: true, code: 'MISSING_OLD_PASSWORD', message: 'you need to provide the old password to set a new one'");
|
||||
throw new HttpException({ error: true, code: 'MISSING_OLD_PASSWORD', message: `you need to provide the old password to set a new one` }, HttpStatus.FORBIDDEN);
|
||||
}
|
||||
if (old_password)
|
||||
{
|
||||
const is_match = await bcrypt.compare(old_password, current_room.hash);
|
||||
if (!is_match)
|
||||
{
|
||||
printCaller(`throw error: error: true, code: 'BAD_PASSWORD', message: 'you provided a bad password'`);
|
||||
throw new HttpException({ error: true, code: 'BAD_PASSWORD', message: `you provided a bad password` }, HttpStatus.BAD_REQUEST);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
const saltOrRounds = 10;
|
||||
const password = room.password;
|
||||
let hash: string;
|
||||
if (room.protection)
|
||||
hash = await bcrypt.hash(password, saltOrRounds);
|
||||
|
||||
// add password to chatroom
|
||||
current_room.allowed_users = room.allowed_users;
|
||||
current_room.protection = room.protection;
|
||||
if (room.protection)
|
||||
current_room.hash = hash;
|
||||
else
|
||||
delete current_room.hash;
|
||||
current_room.messages.push({ name: "SERVER", message: message });
|
||||
await this.chatroomRepository.save(current_room);
|
||||
|
||||
printCaller("-- out ");
|
||||
}
|
||||
|
||||
|
||||
/* ADDERS *************************************************
|
||||
*/
|
||||
@@ -221,19 +275,6 @@ export class ChatService {
|
||||
throw new HttpException({ error: true, code: 'ROOM_CONFLICT', message: `This room name already exist` }, HttpStatus.CONFLICT);
|
||||
}
|
||||
|
||||
let hash;
|
||||
if (room.protection)
|
||||
{
|
||||
if (room.type === 'direct')
|
||||
{
|
||||
console.log("throw error: error: true, code: 'DIRECT_PASSWORD_FORBIDDEN', message: 'you cannot set a password in a direct message room'");
|
||||
throw new HttpException({ error: true, code: 'DIRECT_PASSWORD_FORBIDDEN', message: `you cannot set a password in a direct message room`}, HttpStatus.FORBIDDEN);
|
||||
}
|
||||
const saltOrRounds = 10;
|
||||
const password = room.password;
|
||||
hash = await bcrypt.hash(password, saltOrRounds);
|
||||
}
|
||||
|
||||
// create chatroom
|
||||
let newChatroom = new Chatroom();
|
||||
newChatroom.name = room.name;
|
||||
@@ -241,12 +282,7 @@ export class ChatService {
|
||||
newChatroom.owner = username;
|
||||
newChatroom.users = room.users;
|
||||
newChatroom.allowed_users = [];
|
||||
newChatroom.protection = room.protection;
|
||||
if (room.protection)
|
||||
{
|
||||
newChatroom.hash = hash;
|
||||
newChatroom.allowed_users.push(username);
|
||||
}
|
||||
newChatroom.protection = false;
|
||||
newChatroom.messages =
|
||||
[
|
||||
{ name: "SERVER", message: `creation of room ${room.name}` },
|
||||
|
||||
Reference in New Issue
Block a user