1
0
Fork 0

add utility for revoking bearer tokens

refactor/models
Matthew 2020-06-29 18:07:10 -04:00
parent e09665bad6
commit 891e77a43f
No known key found for this signature in database
GPG Key ID: 210AF32ADE3B5C4B
4 changed files with 34 additions and 3 deletions

View File

@ -28,8 +28,7 @@ export default class Root extends Route {
cpuClock: os.cpus()[0].speed / 1000, cpuClock: os.cpus()[0].speed / 1000,
cpuCores: os.cpus().length, cpuCores: os.cpus().length,
hostname: os.hostname(), hostname: os.hostname(),
ipv4: os.networkInterfaces().eth0.filter((r) => r.family === 'IPv4')[0].address, ipv4: os.networkInterfaces().enp0s3.filter((r) => r.family === 'IPv4')[0].address,
ipv6: os.networkInterfaces().eth0.filter((r) => r.family === 'IPv6')[0].address,
}, },
}; };
res.status(200).json({ code: this.constants.codes.SUCCESS, message: response }); res.status(200).json({ code: this.constants.codes.SUCCESS, message: response });

View File

@ -40,6 +40,7 @@ export default class Security {
const res: any = jwt.verify(bearer, this.keys.key, { issuer: 'Library of Code sp-us | CSD' }); const res: any = jwt.verify(bearer, this.keys.key, { issuer: 'Library of Code sp-us | CSD' });
const account = await this.client.db.Account.findOne({ _id: res.id }); const account = await this.client.db.Account.findOne({ _id: res.id });
if (!account) return null; if (!account) return null;
if (account.revokedBearers?.includes(bearer)) return null;
return account; return account;
} catch { } catch {
return null; return null;

View File

@ -1,5 +1,6 @@
import { Message } from 'eris'; import { Message } from 'eris';
import { Client, Command } from '../class'; import { Client, Command } from '../class';
import Bearer_Revoke from './bearer_revoke';
export default class Bearer extends Command { export default class Bearer extends Command {
constructor(client: Client) { constructor(client: Client) {
@ -7,6 +8,7 @@ export default class Bearer extends Command {
this.name = 'bearer'; this.name = 'bearer';
this.description = 'Creates a bearer token.'; this.description = 'Creates a bearer token.';
this.usage = `${this.client.config.prefix}bearer`; this.usage = `${this.client.config.prefix}bearer`;
this.subcmds = [Bearer_Revoke];
this.guildOnly = false; this.guildOnly = false;
this.enabled = true; this.enabled = true;
} }
@ -19,7 +21,7 @@ export default class Bearer extends Command {
const bearer = await this.client.server.security.createBearer(account._id); const bearer = await this.client.server.security.createBearer(account._id);
const dm = await this.client.getDMChannel(message.author.id); const dm = await this.client.getDMChannel(message.author.id);
const msg = await dm.createMessage(`__**Library of Code sp-us | Cloud Services [API]**__\n*This message will automatically be deleted in 60 seconds, copy the token and save it. You cannot recover it.*\n\n${bearer}`); const msg = await dm.createMessage(`__**Library of Code sp-us | Cloud Services [API]**__\n*This message will automatically be deleted in 60 seconds, copy the token and save it. You cannot recover it.*\n\n${bearer}`);
this.error(message.channel, 'Bearer token sent to direct messages.'); this.success(message.channel, 'Bearer token sent to direct messages.');
return setTimeout(() => { return setTimeout(() => {
msg.delete(); msg.delete();
}, 60000); }, 60000);

View File

@ -0,0 +1,29 @@
import { Message } from 'eris';
import { Client, Command } from '../class';
export default class Bearer_Revoke extends Command {
constructor(client: Client) {
super(client);
this.name = 'revoke';
this.description = 'Revokes an API bearer token.';
this.usage = `${this.client.config.prefix}bearer revoke <token>`;
this.enabled = true;
this.guildOnly = false;
}
public async run(message: Message, args: string[]) {
try {
if (!args[0]) return this.client.commands.get('help').run(message, ['bearer', this.name]);
const account = await this.client.db.Account.findOne({ userID: message.author.id });
if (!account) return this.error(message.channel, 'You do not have an account.');
const bearerVerify = await this.client.server.security.checkBearer(args[0]);
if (!bearerVerify || bearerVerify?.userID !== account.userID) return this.error(message.channel, 'Permission denied.');
if (account.revokedBearers?.includes(args[0])) return this.error(message.channel, 'This bearer token is already revoked.');
await account.updateOne({ $addToSet: { revokedBearers: args[0] } });
return this.success(message.channel, 'Revoked bearer token.');
} catch (err) {
return this.client.util.handleError(err, message, this);
}
}
}