|
|
@ -62,7 +62,7 @@ module.exports = class Server { |
|
|
|
|
|
|
|
|
let dbPassword = await redisClient.get(username); |
|
|
let dbPassword = await redisClient.get(username); |
|
|
|
|
|
|
|
|
if (dbPassword !== password || dbPassword == null) { |
|
|
if ((dbPassword !== password || dbPassword == null) && USERS_PATH) { |
|
|
const usersJson = await fs.readFile(USERS_PATH, 'utf8'); |
|
|
const usersJson = await fs.readFile(USERS_PATH, 'utf8'); |
|
|
const users = JSON.parse(usersJson); |
|
|
const users = JSON.parse(usersJson); |
|
|
|
|
|
|
|
|
@ -71,14 +71,14 @@ module.exports = class Server { |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
dbPassword = await redisClient.get(username); |
|
|
dbPassword = await redisClient.get(username); |
|
|
|
|
|
} |
|
|
if (dbPassword == null) { |
|
|
|
|
|
throw new ServerError('Wrong Username', 401); |
|
|
if (dbPassword == null) { |
|
|
} |
|
|
throw new ServerError('Wrong Username', 401); |
|
|
|
|
|
} |
|
|
if (dbPassword !== password) { |
|
|
|
|
|
throw new ServerError('Wrong Password', 401); |
|
|
if (dbPassword !== password) { |
|
|
} |
|
|
throw new ServerError('Wrong Password', 401); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
req.session.authenticated = true; |
|
|
req.session.authenticated = true; |
|
|
@ -110,25 +110,29 @@ module.exports = class Server { |
|
|
newPassword, |
|
|
newPassword, |
|
|
checkPassword, |
|
|
checkPassword, |
|
|
} = req.body; |
|
|
} = req.body; |
|
|
|
|
|
|
|
|
|
|
|
if (newPassword !== checkPassword) { |
|
|
|
|
|
throw new ServerError("Passwords don't match", 401); |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
const username = req.session.username; |
|
|
const username = req.session.username; |
|
|
|
|
|
|
|
|
const usersJson = await fs.readFile(USERS_PATH, 'utf8'); |
|
|
if (USERS_PATH) { |
|
|
const users = JSON.parse(usersJson); |
|
|
const usersJson = await fs.readFile(USERS_PATH, 'utf8'); |
|
|
let user = users.find(findUser => findUser.username === username); |
|
|
const users = JSON.parse(usersJson); |
|
|
|
|
|
let user = users.find(findUser => findUser.username === username); |
|
|
|
|
|
|
|
|
if (typeof user !== 'object') { |
|
|
if (typeof user !== 'object') { |
|
|
throw new ServerError('This session.username does not exists', 401); |
|
|
throw new ServerError('This session.username does not exists', 401); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
if (newPassword !== checkPassword) { |
|
|
user.password = newPassword; |
|
|
throw new ServerError("Passwords don't match", 401); |
|
|
await fs.writeFile(USERS_PATH, JSON.stringify(users, false, 2), { |
|
|
|
|
|
mode: 0o660, |
|
|
|
|
|
}); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
user.password = newPassword; |
|
|
redisClient.set(username, newPassword); |
|
|
await fs.writeFile(USERS_PATH, JSON.stringify(users, false, 2), { |
|
|
|
|
|
mode: 0o660, |
|
|
|
|
|
}); |
|
|
|
|
|
redisClient.set(user.username, user.password); |
|
|
|
|
|
})) |
|
|
})) |
|
|
// WireGuard
|
|
|
// WireGuard
|
|
|
.get('/api/wireguard/client', Util.promisify(async req => { |
|
|
.get('/api/wireguard/client', Util.promisify(async req => { |
|
|
|