versia-pub/server
2
0
Fork 0
mirror of https://github.com/versia-pub/server.git synced 2025-12-06 16:38:19 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix(api): 🚑 Fix using an incorrect email or password giving weird errors

Browse source
This commit is contained in:
Jesse Wierzbinski 2024-04-28 13:47:14 -10:00
parent 48f2fa1b94
commit aee47e6df4
No known key found for this signature in database
7 changed files with 2156 additions and 2373 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

392
drizzle/meta/0021_snapshot.json
View file

@ -61,9 +61,7 @@
"indexes": {
"Applications_client_id_index": {
"name": "Applications_client_id_index",
"columns": [
"client_id"
],
"columns": ["client_id"],
"isUnique": true
}
},
@ -167,12 +165,8 @@
"name": "Attachments_noteId_Notes_id_fk",
"tableFrom": "Attachments",
"tableTo": "Notes",
"columnsFrom": [
"noteId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["noteId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
}
@ -200,17 +194,12 @@
"indexes": {
"EmojiToNote_emojiId_noteId_index": {
"name": "EmojiToNote_emojiId_noteId_index",
"columns": [
"emojiId",
"noteId"
],
"columns": ["emojiId", "noteId"],
"isUnique": true
},
"EmojiToNote_noteId_index": {
"name": "EmojiToNote_noteId_index",
"columns": [
"noteId"
],
"columns": ["noteId"],
"isUnique": false
}
},
@ -219,12 +208,8 @@
"name": "EmojiToNote_emojiId_Emojis_id_fk",
"tableFrom": "EmojiToNote",
"tableTo": "Emojis",
"columnsFrom": [
"emojiId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["emojiId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
},
@ -232,12 +217,8 @@
"name": "EmojiToNote_noteId_Notes_id_fk",
"tableFrom": "EmojiToNote",
"tableTo": "Notes",
"columnsFrom": [
"noteId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["noteId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
}
@ -265,17 +246,12 @@
"indexes": {
"EmojiToUser_emojiId_userId_index": {
"name": "EmojiToUser_emojiId_userId_index",
"columns": [
"emojiId",
"userId"
],
"columns": ["emojiId", "userId"],
"isUnique": true
},
"EmojiToUser_userId_index": {
"name": "EmojiToUser_userId_index",
"columns": [
"userId"
],
"columns": ["userId"],
"isUnique": false
}
},
@ -284,12 +260,8 @@
"name": "EmojiToUser_emojiId_Emojis_id_fk",
"tableFrom": "EmojiToUser",
"tableTo": "Emojis",
"columnsFrom": [
"emojiId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["emojiId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
},
@ -297,12 +269,8 @@
"name": "EmojiToUser_userId_Users_id_fk",
"tableFrom": "EmojiToUser",
"tableTo": "Users",
"columnsFrom": [
"userId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["userId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
}
@ -364,12 +332,8 @@
"name": "Emojis_instanceId_Instances_id_fk",
"tableFrom": "Emojis",
"tableTo": "Instances",
"columnsFrom": [
"instanceId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["instanceId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
}
@ -413,12 +377,8 @@
"name": "FilterKeywords_filterId_Filters_id_fk",
"tableFrom": "FilterKeywords",
"tableTo": "Filters",
"columnsFrom": [
"filterId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["filterId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
}
@ -481,12 +441,8 @@
"name": "Filters_userId_Users_id_fk",
"tableFrom": "Filters",
"tableTo": "Users",
"columnsFrom": [
"userId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["userId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
}
@ -538,12 +494,8 @@
"name": "Flags_noteId_Notes_id_fk",
"tableFrom": "Flags",
"tableTo": "Notes",
"columnsFrom": [
"noteId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["noteId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
},
@ -551,12 +503,8 @@
"name": "Flags_userId_Users_id_fk",
"tableFrom": "Flags",
"tableTo": "Users",
"columnsFrom": [
"userId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["userId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
}
@ -649,12 +597,8 @@
"name": "Likes_likerId_Users_id_fk",
"tableFrom": "Likes",
"tableTo": "Users",
"columnsFrom": [
"likerId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["likerId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
},
@ -662,12 +606,8 @@
"name": "Likes_likedId_Notes_id_fk",
"tableFrom": "Likes",
"tableTo": "Notes",
"columnsFrom": [
"likedId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["likedId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
}
@ -733,16 +673,12 @@
"indexes": {
"LysandObject_remote_id_index": {
"name": "LysandObject_remote_id_index",
"columns": [
"remote_id"
],
"columns": ["remote_id"],
"isUnique": true
},
"LysandObject_uri_index": {
"name": "LysandObject_uri_index",
"columns": [
"uri"
],
"columns": ["uri"],
"isUnique": true
}
},
@ -751,12 +687,8 @@
"name": "LysandObject_authorId_LysandObject_id_fk",
"tableFrom": "LysandObject",
"tableTo": "LysandObject",
"columnsFrom": [
"authorId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["authorId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
}
@ -813,12 +745,8 @@
"name": "Markers_noteId_Notes_id_fk",
"tableFrom": "Markers",
"tableTo": "Notes",
"columnsFrom": [
"noteId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["noteId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
},
@ -826,12 +754,8 @@
"name": "Markers_notificationId_Notifications_id_fk",
"tableFrom": "Markers",
"tableTo": "Notifications",
"columnsFrom": [
"notificationId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["notificationId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
},
@ -839,12 +763,8 @@
"name": "Markers_userId_Users_id_fk",
"tableFrom": "Markers",
"tableTo": "Users",
"columnsFrom": [
"userId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["userId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
}
@ -901,12 +821,8 @@
"name": "ModNotes_noteId_Notes_id_fk",
"tableFrom": "ModNotes",
"tableTo": "Notes",
"columnsFrom": [
"noteId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["noteId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
},
@ -914,12 +830,8 @@
"name": "ModNotes_userId_Users_id_fk",
"tableFrom": "ModNotes",
"tableTo": "Users",
"columnsFrom": [
"userId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["userId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
},
@ -927,12 +839,8 @@
"name": "ModNotes_modId_Users_id_fk",
"tableFrom": "ModNotes",
"tableTo": "Users",
"columnsFrom": [
"modId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["modId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
}
@ -989,12 +897,8 @@
"name": "ModTags_noteId_Notes_id_fk",
"tableFrom": "ModTags",
"tableTo": "Notes",
"columnsFrom": [
"noteId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["noteId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
},
@ -1002,12 +906,8 @@
"name": "ModTags_userId_Users_id_fk",
"tableFrom": "ModTags",
"tableTo": "Users",
"columnsFrom": [
"userId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["userId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
},
@ -1015,12 +915,8 @@
"name": "ModTags_modId_Users_id_fk",
"tableFrom": "ModTags",
"tableTo": "Users",
"columnsFrom": [
"modId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["modId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
}
@ -1048,17 +944,12 @@
"indexes": {
"NoteToMentions_noteId_userId_index": {
"name": "NoteToMentions_noteId_userId_index",
"columns": [
"noteId",
"userId"
],
"columns": ["noteId", "userId"],
"isUnique": true
},
"NoteToMentions_userId_index": {
"name": "NoteToMentions_userId_index",
"columns": [
"userId"
],
"columns": ["userId"],
"isUnique": false
}
},
@ -1067,12 +958,8 @@
"name": "NoteToMentions_noteId_Notes_id_fk",
"tableFrom": "NoteToMentions",
"tableTo": "Notes",
"columnsFrom": [
"noteId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["noteId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
},
@ -1080,12 +967,8 @@
"name": "NoteToMentions_userId_Users_id_fk",
"tableFrom": "NoteToMentions",
"tableTo": "Users",
"columnsFrom": [
"userId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["userId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
}
@ -1201,12 +1084,8 @@
"name": "Notes_authorId_Users_id_fk",
"tableFrom": "Notes",
"tableTo": "Users",
"columnsFrom": [
"authorId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["authorId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
},
@ -1214,12 +1093,8 @@
"name": "Notes_reblogId_Notes_id_fk",
"tableFrom": "Notes",
"tableTo": "Notes",
"columnsFrom": [
"reblogId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["reblogId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
},
@ -1227,12 +1102,8 @@
"name": "Notes_replyId_Notes_id_fk",
"tableFrom": "Notes",
"tableTo": "Notes",
"columnsFrom": [
"replyId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["replyId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
},
@ -1240,12 +1111,8 @@
"name": "Notes_quoteId_Notes_id_fk",
"tableFrom": "Notes",
"tableTo": "Notes",
"columnsFrom": [
"quoteId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["quoteId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
},
@ -1253,12 +1120,8 @@
"name": "Notes_applicationId_Applications_id_fk",
"tableFrom": "Notes",
"tableTo": "Applications",
"columnsFrom": [
"applicationId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["applicationId"],
"columnsTo": ["id"],
"onDelete": "set null",
"onUpdate": "cascade"
}
@ -1268,9 +1131,7 @@
"Notes_uri_unique": {
"name": "Notes_uri_unique",
"nullsNotDistinct": false,
"columns": [
"uri"
]
"columns": ["uri"]
}
}
},
@ -1330,12 +1191,8 @@
"name": "Notifications_notifiedId_Users_id_fk",
"tableFrom": "Notifications",
"tableTo": "Users",
"columnsFrom": [
"notifiedId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["notifiedId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
},
@ -1343,12 +1200,8 @@
"name": "Notifications_accountId_Users_id_fk",
"tableFrom": "Notifications",
"tableTo": "Users",
"columnsFrom": [
"accountId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["accountId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
},
@ -1356,12 +1209,8 @@
"name": "Notifications_noteId_Notes_id_fk",
"tableFrom": "Notifications",
"tableTo": "Notes",
"columnsFrom": [
"noteId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["noteId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
}
@ -1405,12 +1254,8 @@
"name": "OpenIdAccounts_userId_Users_id_fk",
"tableFrom": "OpenIdAccounts",
"tableTo": "Users",
"columnsFrom": [
"userId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["userId"],
"columnsTo": ["id"],
"onDelete": "set null",
"onUpdate": "cascade"
}
@ -1454,12 +1299,8 @@
"name": "OpenIdLoginFlows_applicationId_Applications_id_fk",
"tableFrom": "OpenIdLoginFlows",
"tableTo": "Applications",
"columnsFrom": [
"applicationId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["applicationId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
}
@ -1589,12 +1430,8 @@
"name": "Relationships_ownerId_Users_id_fk",
"tableFrom": "Relationships",
"tableTo": "Users",
"columnsFrom": [
"ownerId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["ownerId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
},
@ -1602,12 +1439,8 @@
"name": "Relationships_subjectId_Users_id_fk",
"tableFrom": "Relationships",
"tableTo": "Users",
"columnsFrom": [
"subjectId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["subjectId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
}
@ -1702,12 +1535,8 @@
"name": "Tokens_userId_Users_id_fk",
"tableFrom": "Tokens",
"tableTo": "Users",
"columnsFrom": [
"userId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["userId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
},
@ -1715,12 +1544,8 @@
"name": "Tokens_applicationId_Applications_id_fk",
"tableFrom": "Tokens",
"tableTo": "Applications",
"columnsFrom": [
"applicationId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["applicationId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
}
@ -1748,17 +1573,12 @@
"indexes": {
"UserToPinnedNotes_userId_noteId_index": {
"name": "UserToPinnedNotes_userId_noteId_index",
"columns": [
"userId",
"noteId"
],
"columns": ["userId", "noteId"],
"isUnique": true
},
"UserToPinnedNotes_noteId_index": {
"name": "UserToPinnedNotes_noteId_index",
"columns": [
"noteId"
],
"columns": ["noteId"],
"isUnique": false
}
},
@ -1767,12 +1587,8 @@
"name": "UserToPinnedNotes_userId_Users_id_fk",
"tableFrom": "UserToPinnedNotes",
"tableTo": "Users",
"columnsFrom": [
"userId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["userId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
},
@ -1780,12 +1596,8 @@
"name": "UserToPinnedNotes_noteId_Notes_id_fk",
"tableFrom": "UserToPinnedNotes",
"tableTo": "Notes",
"columnsFrom": [
"noteId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["noteId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
}
@ -1949,23 +1761,17 @@
"indexes": {
"Users_uri_index": {
"name": "Users_uri_index",
"columns": [
"uri"
],
"columns": ["uri"],
"isUnique": true
},
"Users_username_index": {
"name": "Users_username_index",
"columns": [
"username"
],
"columns": ["username"],
"isUnique": true
},
"Users_email_index": {
"name": "Users_email_index",
"columns": [
"email"
],
"columns": ["email"],
"isUnique": true
}
},
@ -1974,12 +1780,8 @@
"name": "Users_instanceId_Instances_id_fk",
"tableFrom": "Users",
"tableTo": "Instances",
"columnsFrom": [
"instanceId"
],
"columnsTo": [
"id"
],
"columnsFrom": ["instanceId"],
"columnsTo": ["id"],
"onDelete": "cascade",
"onUpdate": "cascade"
}

2
drizzle/schema.ts
View file

@ -1,5 +1,6 @@
import { relations, sql } from "drizzle-orm";
import {
type AnyPgColumn,
boolean,
foreignKey,
index,
@ -10,7 +11,6 @@ import {
timestamp,
uniqueIndex,
uuid,
type AnyPgColumn,
} from "drizzle-orm/pg-core";
import type * as Lysand from "lysand-types";
import type { Source as APISource } from "~types/mastodon/source";

67
server/api/api/auth/login/index.ts
View file

@ -2,14 +2,11 @@ import { apiRoute, applyConfig } from "@api";
import { errorResponse, response } from "@response";
import { eq } from "drizzle-orm";
import { SignJWT } from "jose";
import { stringify } from "qs";
import { z } from "zod";
import { fromZodError } from "zod-validation-error";
import { db } from "~drizzle/db";
import { Users } from "~drizzle/schema";
import { config } from "~packages/config-manager";
import { User } from "~packages/database-interface/user";
import { RequestParser } from "~packages/request-parser";
export const meta = applyConfig({
allowedMethods: ["POST"],
@ -53,47 +50,27 @@ export const schema = z.object({
.default(60 * 60 * 24 * 7),
});
export const querySchema = z.object({
scope: z.string().optional(),
redirect_uri: z.string().url().optional(),
response_type: z.enum([
"code",
"token",
"none",
"id_token",
"code id_token",
"code token",
"token id_token",
"code token id_token",
]),
client_id: z.string(),
state: z.string().optional(),
code_challenge: z.string().optional(),
code_challenge_method: z.enum(["plain", "S256"]).optional(),
prompt: z
.enum(["none", "login", "consent", "select_account"])
.optional()
.default("none"),
max_age: z
.number()
.int()
.optional()
.default(60 * 60 * 24 * 7),
});
const returnError = (query: object, error: string, description: string) => {
const searchParams = new URLSearchParams();
const returnError = (query: object, error: string, description: string) =>
response(null, 302, {
Location: `/oauth/authorize?${stringify({
...query,
error,
error_description: description,
})}`,
});
// Add all data that is not undefined except email and password
for (const [key, value] of Object.entries(query)) {
if (key !== "email" && key !== "password" && value !== undefined)
searchParams.append(key, value);
}
searchParams.append("error", error);
searchParams.append("error_description", description);
return response(null, 302, {
Location: `/oauth/authorize?${searchParams.toString()}`,
});
};
/**
* Login flow
*/
export default apiRoute(async (req, matchedRoute, extraData) => {
export default apiRoute<typeof meta, typeof schema>(
async (req, matchedRoute, extraData) => {
const { email, password } = extraData.parsedRequest;
if (!email || !password)
@ -104,11 +81,14 @@ export default apiRoute(async (req, matchedRoute, extraData) => {
);
// Find user
const user = await User.fromSql(eq(Users.email, email));
const user = await User.fromSql(eq(Users.email, email.toLowerCase()));
if (
!user ||
!(await Bun.password.verify(password, user.getUser().password || ""))
!(await Bun.password.verify(
password,
user.getUser().password || "",
))
)
return returnError(
extraData.parsedRequest,
@ -158,7 +138,7 @@ export default apiRoute(async (req, matchedRoute, extraData) => {
// Add all data that is not undefined except email and password
for (const [key, value] of Object.entries(extraData.parsedRequest)) {
if (key !== "email" && key !== "password" && value !== undefined)
searchParams.append(key, value);
searchParams.append(key, String(value));
}
// Redirect to OAuth authorize with JWT
@ -172,4 +152,5 @@ export default apiRoute(async (req, matchedRoute, extraData) => {
60 * 60
}`,
});
});
},
);

2
server/api/api/v1/accounts/index.ts
View file

@ -22,7 +22,7 @@ export const meta = applyConfig({
// No validation on the Zod side as we need to do custom validation
export const schema = z.object({
username: z.string(),
username: z.string().toLowerCase(),
email: z.string(),
password: z.string(),
agreement: z.boolean(),