mirror of
https://git.joinsharkey.org/Sharkey/Sharkey.git
synced 2024-11-22 10:53:09 +02:00
Compare commits
45 commits
3c68d15bbb
...
e2f1683b52
Author | SHA1 | Date | |
---|---|---|---|
|
e2f1683b52 | ||
|
e0afeff248 | ||
|
cfc8081cec | ||
|
011ccd3a9a | ||
|
56dca6dbf5 | ||
|
2a634e0309 | ||
|
e6970a0e7c | ||
|
571272a564 | ||
|
30bb0f60a2 | ||
|
328546c4cd | ||
|
f4e89f2e6b | ||
|
2cad97c1ab | ||
|
6ecfe7c7c3 | ||
|
23f476dbf3 | ||
|
b31a59a297 | ||
|
7a1251423f | ||
|
7f5492a395 | ||
|
11d9fd9199 | ||
|
6132bc3b3e | ||
|
fef7a7b99a | ||
|
1948ca9aa8 | ||
|
848e1f9a56 | ||
|
9c4353ee79 | ||
|
a6e257f502 | ||
|
310e1a1262 | ||
|
15f3c046d1 | ||
|
01d695428a | ||
|
acf3e3460f | ||
|
4c8116859c | ||
|
0e13397db7 | ||
|
ad8818508f | ||
|
d444ee662f | ||
|
4c354fff2d | ||
|
b81448edf6 | ||
|
134d2895f0 | ||
|
7ba8fde9b9 | ||
|
1022280465 | ||
|
021d3924e6 | ||
|
b6d50d781f | ||
|
1d411bb885 | ||
|
f7afd1ae4a | ||
|
1ef1f2a03c | ||
|
829ce4f86a | ||
|
6d5d863150 | ||
|
fc7d4bc420 |
21 changed files with 73 additions and 72 deletions
|
@ -55,6 +55,8 @@ getImageTag:
|
|||
only:
|
||||
- stable
|
||||
- develop
|
||||
- tags
|
||||
|
||||
buildDocker:
|
||||
stage: deploy
|
||||
needs:
|
||||
|
@ -78,6 +80,8 @@ buildDocker:
|
|||
only:
|
||||
- stable
|
||||
- develop
|
||||
- tags
|
||||
|
||||
mergeManifests:
|
||||
stage: deploy
|
||||
needs:
|
||||
|
@ -103,3 +107,4 @@ mergeManifests:
|
|||
only:
|
||||
- stable
|
||||
- develop
|
||||
- tags
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "sharkey",
|
||||
"version": "2024.3.1",
|
||||
"version": "2024.3.2-devel",
|
||||
"codename": "shonk",
|
||||
"repository": {
|
||||
"type": "git",
|
||||
|
|
|
@ -172,7 +172,7 @@
|
|||
"stringz": "2.1.0",
|
||||
"systeminformation": "5.22.0",
|
||||
"tinycolor2": "1.6.0",
|
||||
"tmp": "0.2.2",
|
||||
"tmp": "0.2.3",
|
||||
"tsc-alias": "1.8.8",
|
||||
"tsconfig-paths": "4.2.0",
|
||||
"typeorm": "0.3.20",
|
||||
|
|
|
@ -5,8 +5,7 @@
|
|||
|
||||
import { randomUUID } from 'node:crypto';
|
||||
import { Inject, Injectable } from '@nestjs/common';
|
||||
import * as argon2 from 'argon2';
|
||||
//import bcrypt from 'bcryptjs';
|
||||
import bcrypt from 'bcryptjs';
|
||||
import { IsNull, DataSource } from 'typeorm';
|
||||
import { genRsaKeyPair } from '@/misc/gen-key-pair.js';
|
||||
import { MiUser } from '@/models/User.js';
|
||||
|
@ -33,8 +32,8 @@ export class CreateSystemUserService {
|
|||
const password = randomUUID();
|
||||
|
||||
// Generate hash of password
|
||||
//const salt = await bcrypt.genSalt(8);
|
||||
const hash = await argon2.hash(password);
|
||||
const salt = await bcrypt.genSalt(8);
|
||||
const hash = await bcrypt.hash(password, salt);
|
||||
|
||||
// Generate secret
|
||||
const secret = generateNativeUserToken();
|
||||
|
|
|
@ -5,8 +5,7 @@
|
|||
|
||||
import { generateKeyPair } from 'node:crypto';
|
||||
import { Inject, Injectable } from '@nestjs/common';
|
||||
//import bcrypt from 'bcryptjs';
|
||||
import * as argon2 from 'argon2';
|
||||
import bcrypt from 'bcryptjs';
|
||||
import { DataSource, IsNull } from 'typeorm';
|
||||
import { DI } from '@/di-symbols.js';
|
||||
import type { UsedUsernamesRepository, UsersRepository } from '@/models/_.js';
|
||||
|
@ -69,8 +68,8 @@ export class SignupService {
|
|||
}
|
||||
|
||||
// Generate hash of password
|
||||
//const salt = await bcrypt.genSalt(8);
|
||||
hash = await argon2.hash(password);
|
||||
const salt = await bcrypt.genSalt(8);
|
||||
hash = await bcrypt.hash(password, salt);
|
||||
}
|
||||
|
||||
// Generate secret
|
||||
|
|
|
@ -139,7 +139,22 @@ export class SigninApiService {
|
|||
}
|
||||
|
||||
// Compare password
|
||||
const same = await argon2.verify(profile.password!, password) || bcrypt.compareSync(password, profile.password!);
|
||||
let same;
|
||||
|
||||
if (profile.password?.startsWith('$argon2')) {
|
||||
same = await argon2.verify(profile.password, password);
|
||||
|
||||
if (same) {
|
||||
// rehash
|
||||
const salt = await bcrypt.genSalt(8);
|
||||
const newHash = await bcrypt.hash(password, salt);
|
||||
await this.userProfilesRepository.update(user.id, {
|
||||
password: newHash,
|
||||
});
|
||||
}
|
||||
} else {
|
||||
same = await bcrypt.compare(password, profile.password!);
|
||||
}
|
||||
|
||||
const fail = async (status?: number, failure?: { id: string }) => {
|
||||
// Append signin history
|
||||
|
@ -156,12 +171,6 @@ export class SigninApiService {
|
|||
|
||||
if (!profile.twoFactorEnabled) {
|
||||
if (same) {
|
||||
if (profile.password!.startsWith('$2')) {
|
||||
const newHash = await argon2.hash(password);
|
||||
this.userProfilesRepository.update(user.id, {
|
||||
password: newHash
|
||||
});
|
||||
}
|
||||
if (!instance.approvalRequiredForSignup && !user.approved) this.usersRepository.update(user.id, { approved: true });
|
||||
|
||||
return this.signinService.signin(request, reply, user);
|
||||
|
@ -180,12 +189,6 @@ export class SigninApiService {
|
|||
}
|
||||
|
||||
try {
|
||||
if (profile.password!.startsWith('$2')) {
|
||||
const newHash = await argon2.hash(password);
|
||||
this.userProfilesRepository.update(user.id, {
|
||||
password: newHash
|
||||
});
|
||||
}
|
||||
await this.userAuthService.twoFactorAuthenticate(profile, token);
|
||||
} catch (e) {
|
||||
return await fail(403, {
|
||||
|
|
|
@ -4,8 +4,7 @@
|
|||
*/
|
||||
|
||||
import { Inject, Injectable } from '@nestjs/common';
|
||||
//import bcrypt from 'bcryptjs';
|
||||
import * as argon2 from 'argon2';
|
||||
import bcrypt from 'bcryptjs';
|
||||
import { IsNull } from 'typeorm';
|
||||
import { DI } from '@/di-symbols.js';
|
||||
import type { RegistrationTicketsRepository, UsedUsernamesRepository, UserPendingsRepository, UserProfilesRepository, UsersRepository, MiRegistrationTicket } from '@/models/_.js';
|
||||
|
@ -20,10 +19,10 @@ import { MiLocalUser } from '@/models/User.js';
|
|||
import { FastifyReplyError } from '@/misc/fastify-reply-error.js';
|
||||
import { bindThis } from '@/decorators.js';
|
||||
import { L_CHARS, secureRndstr } from '@/misc/secure-rndstr.js';
|
||||
import { SigninService } from './SigninService.js';
|
||||
import type { FastifyRequest, FastifyReply } from 'fastify';
|
||||
import instance from './endpoints/charts/instance.js';
|
||||
import { RoleService } from '@/core/RoleService.js';
|
||||
import { SigninService } from './SigninService.js';
|
||||
import instance from './endpoints/charts/instance.js';
|
||||
import type { FastifyRequest, FastifyReply } from 'fastify';
|
||||
|
||||
@Injectable()
|
||||
export class SignupApiService {
|
||||
|
@ -193,8 +192,8 @@ export class SignupApiService {
|
|||
const code = secureRndstr(16, { chars: L_CHARS });
|
||||
|
||||
// Generate hash of password
|
||||
//const salt = await bcrypt.genSalt(8);
|
||||
const hash = await argon2.hash(password);
|
||||
const salt = await bcrypt.genSalt(8);
|
||||
const hash = await bcrypt.hash(password, salt);
|
||||
|
||||
const pendingUser = await this.userPendingsRepository.insert({
|
||||
id: this.idService.gen(),
|
||||
|
|
|
@ -4,8 +4,7 @@
|
|||
*/
|
||||
|
||||
import { Inject, Injectable } from '@nestjs/common';
|
||||
//import bcrypt from 'bcryptjs';
|
||||
import * as argon2 from 'argon2';
|
||||
import bcrypt from 'bcryptjs';
|
||||
import { Endpoint } from '@/server/api/endpoint-base.js';
|
||||
import type { UsersRepository, UserProfilesRepository } from '@/models/_.js';
|
||||
import { DI } from '@/di-symbols.js';
|
||||
|
@ -66,7 +65,8 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
|||
const passwd = secureRndstr(8);
|
||||
|
||||
// Generate hash of password
|
||||
const hash = await argon2.hash(passwd);
|
||||
const salt = await bcrypt.genSalt(8);
|
||||
const hash = await bcrypt.hash(passwd, salt);
|
||||
|
||||
await this.userProfilesRepository.update({
|
||||
userId: user.id,
|
||||
|
|
|
@ -3,8 +3,7 @@
|
|||
* SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
|
||||
//import bcrypt from 'bcryptjs';
|
||||
import * as argon2 from 'argon2';
|
||||
import bcrypt from 'bcryptjs';
|
||||
import { Inject, Injectable } from '@nestjs/common';
|
||||
import { Endpoint } from '@/server/api/endpoint-base.js';
|
||||
import { UserEntityService } from '@/core/entities/UserEntityService.js';
|
||||
|
@ -87,7 +86,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
|
|||
}
|
||||
}
|
||||
|
||||
const passwordMatched = await argon2.verify(profile.password ?? '', ps.password);
|
||||
const passwordMatched = await bcrypt.compare(ps.password, profile.password ?? '');
|
||||
if (!passwordMatched) {
|
||||
throw new ApiError(meta.errors.incorrectPassword);
|
||||
}
|
||||
|
|
|
@ -3,8 +3,7 @@
|
|||
* SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
|
||||
//import bcrypt from 'bcryptjs';
|
||||
import * as argon2 from 'argon2';
|
||||
import bcrypt from 'bcryptjs';
|
||||
import { Inject, Injectable } from '@nestjs/common';
|
||||
import { Endpoint } from '@/server/api/endpoint-base.js';
|
||||
import type { UserProfilesRepository } from '@/models/_.js';
|
||||
|
@ -219,7 +218,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
|
|||
}
|
||||
}
|
||||
|
||||
const passwordMatched = await argon2.verify(profile.password ?? '', ps.password);
|
||||
const passwordMatched = await bcrypt.compare(ps.password, profile.password ?? '');
|
||||
if (!passwordMatched) {
|
||||
throw new ApiError(meta.errors.incorrectPassword);
|
||||
}
|
||||
|
|
|
@ -3,8 +3,7 @@
|
|||
* SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
|
||||
//import bcrypt from 'bcryptjs';
|
||||
import * as argon2 from 'argon2';
|
||||
import bcrypt from 'bcryptjs';
|
||||
import * as OTPAuth from 'otpauth';
|
||||
import * as QRCode from 'qrcode';
|
||||
import { Inject, Injectable } from '@nestjs/common';
|
||||
|
@ -78,7 +77,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
|||
}
|
||||
}
|
||||
|
||||
const passwordMatched = await argon2.verify(profile.password ?? '', ps.password);
|
||||
const passwordMatched = await bcrypt.compare(ps.password, profile.password ?? '');
|
||||
if (!passwordMatched) {
|
||||
throw new ApiError(meta.errors.incorrectPassword);
|
||||
}
|
||||
|
|
|
@ -3,8 +3,7 @@
|
|||
* SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
|
||||
//import bcrypt from 'bcryptjs';
|
||||
import * as argon2 from 'argon2';
|
||||
import bcrypt from 'bcryptjs';
|
||||
import { Inject, Injectable } from '@nestjs/common';
|
||||
import { Endpoint } from '@/server/api/endpoint-base.js';
|
||||
import type { UserProfilesRepository, UserSecurityKeysRepository } from '@/models/_.js';
|
||||
|
@ -68,7 +67,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
|||
}
|
||||
}
|
||||
|
||||
const passwordMatched = await argon2.verify(profile.password ?? '', ps.password);
|
||||
const passwordMatched = await bcrypt.compare(ps.password, profile.password ?? '');
|
||||
if (!passwordMatched) {
|
||||
throw new ApiError(meta.errors.incorrectPassword);
|
||||
}
|
||||
|
|
|
@ -3,8 +3,7 @@
|
|||
* SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
|
||||
//import bcrypt from 'bcryptjs';
|
||||
import * as argon2 from 'argon2';
|
||||
import bcrypt from 'bcryptjs';
|
||||
import { Inject, Injectable } from '@nestjs/common';
|
||||
import { Endpoint } from '@/server/api/endpoint-base.js';
|
||||
import { UserEntityService } from '@/core/entities/UserEntityService.js';
|
||||
|
@ -63,7 +62,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
|||
}
|
||||
}
|
||||
|
||||
const passwordMatched = await argon2.verify(profile.password ?? '', ps.password);
|
||||
const passwordMatched = await bcrypt.compare(ps.password, profile.password ?? '');
|
||||
if (!passwordMatched) {
|
||||
throw new ApiError(meta.errors.incorrectPassword);
|
||||
}
|
||||
|
|
|
@ -3,8 +3,7 @@
|
|||
* SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
|
||||
//import bcrypt from 'bcryptjs';
|
||||
import * as argon2 from 'argon2';
|
||||
import bcrypt from 'bcryptjs';
|
||||
import { Inject, Injectable } from '@nestjs/common';
|
||||
import { Endpoint } from '@/server/api/endpoint-base.js';
|
||||
import type { UserProfilesRepository } from '@/models/_.js';
|
||||
|
@ -51,15 +50,15 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
|||
}
|
||||
}
|
||||
|
||||
const passwordMatched = await argon2.verify(profile.password!, ps.currentPassword);
|
||||
const passwordMatched = await bcrypt.compare(ps.currentPassword, profile.password!);
|
||||
|
||||
if (!passwordMatched) {
|
||||
throw new Error('incorrect password');
|
||||
}
|
||||
|
||||
// Generate hash of password
|
||||
//const salt = await bcrypt.genSalt(8);
|
||||
const hash = await argon2.hash(ps.newPassword);
|
||||
const salt = await bcrypt.genSalt(8);
|
||||
const hash = await bcrypt.hash(ps.newPassword, salt);
|
||||
|
||||
await this.userProfilesRepository.update(me.id, {
|
||||
password: hash,
|
||||
|
|
|
@ -3,8 +3,7 @@
|
|||
* SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
|
||||
//import bcrypt from 'bcryptjs';
|
||||
import * as argon2 from 'argon2';
|
||||
import bcrypt from 'bcryptjs';
|
||||
import { Inject, Injectable } from '@nestjs/common';
|
||||
import type { UsersRepository, UserProfilesRepository } from '@/models/_.js';
|
||||
import { Endpoint } from '@/server/api/endpoint-base.js';
|
||||
|
@ -60,7 +59,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
|||
return;
|
||||
}
|
||||
|
||||
const passwordMatched = await argon2.verify(profile.password!, ps.password);
|
||||
const passwordMatched = await bcrypt.compare(ps.password, profile.password!);
|
||||
if (!passwordMatched) {
|
||||
throw new Error('incorrect password');
|
||||
}
|
||||
|
|
|
@ -3,8 +3,7 @@
|
|||
* SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
|
||||
//import bcrypt from 'bcryptjs';
|
||||
import * as argon2 from 'argon2';
|
||||
import bcrypt from 'bcryptjs';
|
||||
import { Inject, Injectable } from '@nestjs/common';
|
||||
import { Endpoint } from '@/server/api/endpoint-base.js';
|
||||
import type { UsersRepository, UserProfilesRepository } from '@/models/_.js';
|
||||
|
@ -44,7 +43,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
|||
const profile = await this.userProfilesRepository.findOneByOrFail({ userId: me.id });
|
||||
|
||||
// Compare password
|
||||
const same = await argon2.verify(profile.password!, ps.password);
|
||||
const same = await bcrypt.compare(ps.password, profile.password!);
|
||||
|
||||
if (!same) {
|
||||
throw new Error('incorrect password');
|
||||
|
|
|
@ -5,8 +5,7 @@
|
|||
|
||||
import { Inject, Injectable } from '@nestjs/common';
|
||||
import ms from 'ms';
|
||||
//import bcrypt from 'bcryptjs';
|
||||
import * as argon2 from 'argon2';
|
||||
import bcrypt from 'bcryptjs';
|
||||
import { Endpoint } from '@/server/api/endpoint-base.js';
|
||||
import type { UserProfilesRepository } from '@/models/_.js';
|
||||
import { UserEntityService } from '@/core/entities/UserEntityService.js';
|
||||
|
@ -88,7 +87,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
|||
}
|
||||
}
|
||||
|
||||
const passwordMatched = await argon2.verify(profile.password!, ps.password);
|
||||
const passwordMatched = await bcrypt.compare(ps.password, profile.password!);
|
||||
if (!passwordMatched) {
|
||||
throw new ApiError(meta.errors.incorrectPassword);
|
||||
}
|
||||
|
|
|
@ -3,8 +3,7 @@
|
|||
* SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
|
||||
//import bcrypt from 'bcryptjs';
|
||||
import * as argon2 from 'argon2';
|
||||
import bcrypt from 'bcryptjs';
|
||||
import { Inject, Injectable } from '@nestjs/common';
|
||||
import type { UserProfilesRepository, PasswordResetRequestsRepository } from '@/models/_.js';
|
||||
import { Endpoint } from '@/server/api/endpoint-base.js';
|
||||
|
@ -54,8 +53,8 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
|||
}
|
||||
|
||||
// Generate hash of password
|
||||
//const salt = await bcrypt.genSalt(8);
|
||||
const hash = await argon2.hash(ps.password);
|
||||
const salt = await bcrypt.genSalt(8);
|
||||
const hash = await bcrypt.hash(ps.password, salt);
|
||||
|
||||
await this.userProfilesRepository.update(req.userId, {
|
||||
password: hash,
|
||||
|
|
|
@ -5,8 +5,8 @@ block vars
|
|||
- const title = user.name ? `${user.name} (@${user.username})` : `@${user.username}`;
|
||||
- const url = `${config.url}/notes/${note.id}`;
|
||||
- const isRenote = note.renote && note.text == null && note.fileIds.length == 0 && note.poll == null;
|
||||
- const images = (note.files || []).filter(file => file.type.startsWith('image/') && !file.isSensitive)
|
||||
- const videos = (note.files || []).filter(file => file.type.startsWith('video/') && !file.isSensitive)
|
||||
- const images = note.cw ? [] : (note.files || []).filter(file => file.type.startsWith('image/') && !file.isSensitive)
|
||||
- const videos = note.cw ? [] : (note.files || []).filter(file => file.type.startsWith('video/') && !file.isSensitive)
|
||||
|
||||
block title
|
||||
= `${title} | ${instanceName}`
|
||||
|
|
|
@ -392,8 +392,8 @@ importers:
|
|||
specifier: 1.6.0
|
||||
version: 1.6.0
|
||||
tmp:
|
||||
specifier: 0.2.2
|
||||
version: 0.2.2
|
||||
specifier: 0.2.3
|
||||
version: 0.2.3
|
||||
tsc-alias:
|
||||
specifier: 1.8.8
|
||||
version: 1.8.8
|
||||
|
@ -18813,6 +18813,12 @@ packages:
|
|||
engines: {node: '>=14'}
|
||||
dependencies:
|
||||
rimraf: 5.0.5
|
||||
dev: true
|
||||
|
||||
/tmp@0.2.3:
|
||||
resolution: {integrity: sha512-nZD7m9iCPC5g0pYmcaxogYKggSfLsdxl8of3Q/oIbqCqLLIO9IAF0GWjX1z9NZRHPiXv8Wex4yDCaZsgEw0Y8w==}
|
||||
engines: {node: '>=14.14'}
|
||||
dev: false
|
||||
|
||||
/tmpl@1.0.5:
|
||||
resolution: {integrity: sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==}
|
||||
|
|
Loading…
Reference in a new issue