-
Notifications
You must be signed in to change notification settings - Fork 6
Expand file tree
/
Copy pathrecover.ts
More file actions
58 lines (50 loc) · 1.51 KB
/
recover.ts
File metadata and controls
58 lines (50 loc) · 1.51 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
import { authRecoverPost } from '@rctf/api-types/routes'
import { makeFastifyRoute } from '../helpers'
import { v4 as uuidv4 } from 'uuid'
import emailValidator from 'email-validator'
import { makeLogin } from '../../cache/login'
import { normalizeEmail } from '../../util/normalize'
import { getToken, tokenKinds } from '../../auth/token'
import { getUserByEmail } from '../../database/users'
import config from '../../config/server'
import { sendVerification } from '../../email'
import {
checkProtectedAction,
RecaptchaProtectedActions,
verifyRecaptchaCode,
} from '../../util/recaptcha'
const recaptchaEnabled = checkProtectedAction(RecaptchaProtectedActions.recover)
export default makeFastifyRoute(authRecoverPost, async ({ req, res }) => {
if (!config.email) {
return res.badEndpoint()
}
if (
recaptchaEnabled &&
(!req.body.recaptchaCode ||
!(await verifyRecaptchaCode(req.body.recaptchaCode)))
) {
return res.badRecaptchaCode()
}
const email = normalizeEmail(req.body.email)
if (!emailValidator.validate(email)) {
return res.badEmail()
}
const user = await getUserByEmail({ email })
if (user === undefined) {
return res.goodVerifySent()
}
const verifyUuid = uuidv4()
await makeLogin({ id: verifyUuid })
const verifyToken = await getToken(tokenKinds.verify, {
verifyId: verifyUuid,
kind: 'recover',
userId: user.id,
email,
})
await sendVerification({
email,
kind: 'recover',
token: verifyToken,
})
return res.goodVerifySent()
})