Domů Procházet Nápověda
Registrovat se Přihlásit se
root
/
HeyPuter
zrcadlo https://github.com/HeyPuter/puter.git
1
0
Rozštěpit 0
Soubory Úkoly 0 Wiki
Procházet zdrojové kódy

fix(security): skip cache when checking old passwd

KernelDeimos před 1 rokem
rodič
25eea41f60
revize
7800ef6102
2 změnil soubory, kde provedl 16 přidání a 13 odebrání
Rozdělené zobrazení Ukázat statistiku rozdílových dat
  1. 13 11
      packages/backend/src/helpers.js
  2. 3 2
      packages/backend/src/routers/passwd.js

+ 13 - 11
packages/backend/src/helpers.js
Zobrazit soubor 

@@ -184,7 +184,7 @@ async function id2uuid(id){
 
 
     const cached = options.cached ?? true;
 
 
-    if ( cached ) {
 
+    if ( cached && ! options.force ) {
 
         if (options.username) user = kv.get('users:username:' + options.username);
 
         else if (options.email) user = kv.get('users:email:' + options.email);
 
         else if (options.uuid) user = kv.get('users:uuid:' + options.uuid);
 
@@ -194,16 +194,18 @@ async function id2uuid(id){
 
         if ( user ) return user;
 
     }
 
 
-    if(options.username)
 
-        user = await db.read("SELECT * FROM `user` WHERE `username` = ? LIMIT 1", [options.username]);
 
-    else if(options.email)
 
-        user = await db.read("SELECT * FROM `user` WHERE `email` = ? LIMIT 1", [options.email]);
 
-    else if(options.uuid)
 
-        user = await db.read("SELECT * FROM `user` WHERE `uuid` = ? LIMIT 1", [options.uuid]);
 
-    else if(options.id)
 
-        user = await db.read("SELECT * FROM `user` WHERE `id` = ? LIMIT 1", [options.id]);
 
-    else if(options.referral_code)
 
-        user = await db.read("SELECT * FROM `user` WHERE `referral_code` = ? LIMIT 1", [options.referral_code]);
 
+    if ( ! options.force ) {
 
+        if(options.username)
 
+            user = await db.read("SELECT * FROM `user` WHERE `username` = ? LIMIT 1", [options.username]);
 
+        else if(options.email)
 
+            user = await db.read("SELECT * FROM `user` WHERE `email` = ? LIMIT 1", [options.email]);
 
+        else if(options.uuid)
 
+            user = await db.read("SELECT * FROM `user` WHERE `uuid` = ? LIMIT 1", [options.uuid]);
 
+        else if(options.id)
 
+            user = await db.read("SELECT * FROM `user` WHERE `id` = ? LIMIT 1", [options.id]);
 
+        else if(options.referral_code)
 
+            user = await db.read("SELECT * FROM `user` WHERE `referral_code` = ? LIMIT 1", [options.referral_code]);
 
+    }
 
 
     if(!user || !user[0]){
 
         if(options.username)

+ 3 - 2
packages/backend/src/routers/passwd.js
Zobrazit soubor 

@@ -18,7 +18,7 @@
 
  */
 
 "use strict"
 
 const express = require('express');
 
-const { invalidate_cached_user } = require('../helpers');
 
+const { invalidate_cached_user, get_user } = require('../helpers');
 
 const router = new express.Router();
 
 const auth = require('../middleware/auth.js');
 
 const { DB_WRITE } = require('../services/database/consts');
 
@@ -51,8 +51,9 @@ router.post('/passwd', auth, express.json(), async (req, res, next)=>{
 
     }
 
 
     try{
 
+        const user = await get_user({ id: req.user.id, force: true });
 
         // check old_pass
 
-        const isMatch = await bcrypt.compare(req.body.old_pass, req.user.password)
 
+        const isMatch = await bcrypt.compare(req.body.old_pass, user.password)
 
         if(!isMatch)
 
             return res.status(400).send('old_pass does not match your current password.')
 
         // check new_pass length