mirror of
https://github.com/standardnotes/server
synced 2026-07-14 00:01:54 -04:00
* fix(api-gateway): reduce exports * wip controllers * fix: imports of controllers * fix(api-gateway): rename http service interface to proxy interface * wip: self-registering services and controllers * wip: add registering controller method bindings and services in container * feat: merge two services together * wip: resolving endpoints to direct code calls * wip: bind controller container to a singleton * fix: controller binding to instantiate and self-register on controller container * fix: move signout endpoint to auth controller * wip: define inversify controllers in the controller container * fix(auth): bind inversify controllers to controller container * fix(auth): linter issues * fix(auth): specs * fix(auth): inversify controllers bindings * wip: endpoint resolving * wip: add endpoint for more auth controllers * wip: add sessions controller endpoint resolvings * wip: add subscription invites endpoint resolvings * wip: add subscription tokens endpoint resolvings * wip: add all binding for auth server controllers * wip: fix migrations path * fix: configure default env vars and ci setup
53 lines
1.6 KiB
TypeScript
53 lines
1.6 KiB
TypeScript
import { Username } from '@standardnotes/domain-core'
|
|
import { NextFunction, Request, Response } from 'express'
|
|
import { inject, injectable } from 'inversify'
|
|
import { BaseMiddleware } from 'inversify-express-utils'
|
|
import TYPES from '../Bootstrap/Types'
|
|
import { LockRepositoryInterface } from '../Domain/User/LockRepositoryInterface'
|
|
|
|
import { UserRepositoryInterface } from '../Domain/User/UserRepositoryInterface'
|
|
|
|
@injectable()
|
|
export class LockMiddleware extends BaseMiddleware {
|
|
constructor(
|
|
@inject(TYPES.Auth_UserRepository) private userRepository: UserRepositoryInterface,
|
|
@inject(TYPES.Auth_LockRepository) private lockRepository: LockRepositoryInterface,
|
|
) {
|
|
super()
|
|
}
|
|
|
|
async handler(request: Request, response: Response, next: NextFunction): Promise<void> {
|
|
try {
|
|
let identifier = request.body.email ?? request.body.username
|
|
const usernameOrError = Username.create(identifier)
|
|
if (usernameOrError.isFailed()) {
|
|
response.status(400).send({
|
|
error: {
|
|
message: usernameOrError.getError(),
|
|
},
|
|
})
|
|
}
|
|
const username = usernameOrError.getValue()
|
|
|
|
const user = await this.userRepository.findOneByUsernameOrEmail(username)
|
|
if (user !== null) {
|
|
identifier = user.uuid
|
|
}
|
|
|
|
if (await this.lockRepository.isUserLocked(identifier)) {
|
|
response.status(423).send({
|
|
error: {
|
|
message: 'Too many successive login requests. Please try your request again later.',
|
|
},
|
|
})
|
|
|
|
return
|
|
}
|
|
|
|
return next()
|
|
} catch (error) {
|
|
return next(error)
|
|
}
|
|
}
|
|
}
|