なんかもうめっちゃ変えた

2022-09-18 03:27:08 +09:00 · 2022-09-18 03:27:08 +09:00 · b75184ec8e
commit b75184ec8e
parent d9ab03f086
946 changed files with 41219 additions and 28839 deletions
--- a/packages/backend/src/server/api/endpoints/i/2fa/register-key.ts
+++ b/packages/backend/src/server/api/endpoints/i/2fa/register-key.ts
@ -1,10 +1,12 @@
-import bcrypt from 'bcryptjs';
-import define from '../../../define.js';
-import { UserProfiles, AttestationChallenges } from '@/models/index.js';
 import { promisify } from 'node:util';
 import * as crypto from 'node:crypto';
-import { genId } from '@/misc/gen-id.js';
-import { hash } from '../../../2fa.js';
+import bcrypt from 'bcryptjs';
+import { Inject, Injectable } from '@nestjs/common';
+import { Endpoint } from '@/server/api/endpoint-base.js';
+import { UserProfilesRepository, AttestationChallengesRepository } from '@/models/index.js';
+import { IdService } from '@/core/IdService.js';
+import { TwoFactorAuthenticationService } from '@/core/TwoFactorAuthenticationService.js';
+import { DI } from '@/di-symbols.js';

 const randomBytes = promisify(crypto.randomBytes);

@ -23,39 +25,53 @@ export const paramDef = {
 } as const;

 // eslint-disable-next-line import/no-default-export
-export default define(meta, paramDef, async (ps, user) => {
-	const profile = await UserProfiles.findOneByOrFail({ userId: user.id });
+@Injectable()
+export default class extends Endpoint<typeof meta, typeof paramDef> {
+	constructor(
+		@Inject(DI.userProfilesRepository)
+		private userProfilesRepository: UserProfilesRepository,

-	// Compare password
-	const same = await bcrypt.compare(ps.password, profile.password!);
+		@Inject(DI.attestationChallengesRepository)
+		private attestationChallengesRepository: AttestationChallengesRepository,

-	if (!same) {
-		throw new Error('incorrect password');
+		private idService: IdService,
+		private twoFactorAuthenticationService: TwoFactorAuthenticationService,
+	) {
+		super(meta, paramDef, async (ps, me) => {
+			const profile = await this.userProfilesRepository.findOneByOrFail({ userId: me.id });
+
+			// Compare password
+			const same = await bcrypt.compare(ps.password, profile.password!);
+
+			if (!same) {
+				throw new Error('incorrect password');
+			}
+
+			if (!profile.twoFactorEnabled) {
+				throw new Error('2fa not enabled');
+			}
+
+			// 32 byte challenge
+			const entropy = await randomBytes(32);
+			const challenge = entropy.toString('base64')
+				.replace(/=/g, '')
+				.replace(/\+/g, '-')
+				.replace(/\//g, '_');
+
+			const challengeId = this.idService.genId();
+
+			await this.attestationChallengesRepository.insert({
+				userId: me.id,
+				id: challengeId,
+				challenge: this.twoFactorAuthenticationService.hash(Buffer.from(challenge, 'utf-8')).toString('hex'),
+				createdAt: new Date(),
+				registrationChallenge: true,
+			});
+
+			return {
+				challengeId,
+				challenge,
+			};
+		});
 	}
-
-	if (!profile.twoFactorEnabled) {
-		throw new Error('2fa not enabled');
-	}
-
-	// 32 byte challenge
-	const entropy = await randomBytes(32);
-	const challenge = entropy.toString('base64')
-		.replace(/=/g, '')
-		.replace(/\+/g, '-')
-		.replace(/\//g, '_');
-
-	const challengeId = genId();
-
-	await AttestationChallenges.insert({
-		userId: user.id,
-		id: challengeId,
-		challenge: hash(Buffer.from(challenge, 'utf-8')).toString('hex'),
-		createdAt: new Date(),
-		registrationChallenge: true,
-	});
-
-	return {
-		challengeId,
-		challenge,
-	};
-});
+}