MirrorSave
/
budibase
mirror of https://github.com/Budibase/budibase.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Move password checks to db

This commit is contained in:
Adria Navarro 2024-01-03 12:00:25 +01:00
parent 66fd8b936f
commit b45717a1e1
3 changed files with 7 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
packages/backend-core/src/users/db.ts
View File

@ -27,6 +27,7 @@ import {
} from "./utils" } from "./utils"
import { searchExistingEmails } from "./lookup" import { searchExistingEmails } from "./lookup"
import { hash } from "../utils" import { hash } from "../utils"
import { security } from ".."
type QuotaUpdateFn = ( type QuotaUpdateFn = (
change: number, change: number,
@ -110,6 +111,12 @@ export class UserDB {
if (await UserDB.isPreventPasswordActions(user, account)) { if (await UserDB.isPreventPasswordActions(user, account)) {
throw new HTTPError("Password change is disabled for this user", 400) throw new HTTPError("Password change is disabled for this user", 400)
} }
const passwordValidation = security.validatePassword(password)
if (!passwordValidation.valid) {
throw new HTTPError(passwordValidation.error, 400)
}
hashedPassword = opts.hashPassword ? await hash(password) : password hashedPassword = opts.hashPassword ? await hash(password) : password
} else if (dbUser) { } else if (dbUser) {
hashedPassword = dbUser.password hashedPassword = dbUser.password

6
packages/worker/src/api/controllers/global/users.ts
View File

@ -27,7 +27,6 @@ import {
platform, platform,
tenancy, tenancy,
db, db,
security,
} from "@budibase/backend-core" } from "@budibase/backend-core"
import { checkAnyUserExists } from "../../../utilities/users" import { checkAnyUserExists } from "../../../utilities/users"
import { isEmailConfigured } from "../../../utilities/email" import { isEmailConfigured } from "../../../utilities/email"
@ -99,11 +98,6 @@ export const adminUser = async (
ctx.throw(403, "Organisation already exists.") ctx.throw(403, "Organisation already exists.")
} }
const passwordValidation = security.validatePassword(password)
if (!passwordValidation.valid) {
ctx.throw(400, passwordValidation.error)
}
if (env.MULTI_TENANCY) { if (env.MULTI_TENANCY) {
// store the new tenant record in the platform db // store the new tenant record in the platform db
await platform.tenants.addTenant(tenantId) await platform.tenants.addTenant(tenantId)

6
packages/worker/src/sdk/auth/auth.ts
View File

@ -7,7 +7,6 @@ import {
tenancy, tenancy,
utils as coreUtils, utils as coreUtils,
cache, cache,
security,
} from "@budibase/backend-core" } from "@budibase/backend-core"
import { PlatformLogoutOpts, User } from "@budibase/types" import { PlatformLogoutOpts, User } from "@budibase/types"
import jwt from "jsonwebtoken" import jwt from "jsonwebtoken"
@ -77,11 +76,6 @@ export const resetUpdate = async (resetCode: string, password: string) => {
const { userId } = await cache.passwordReset.getCode(resetCode) const { userId } = await cache.passwordReset.getCode(resetCode)
let user = await userSdk.db.getUser(userId) let user = await userSdk.db.getUser(userId)
const validation = security.validatePassword(password)
if (!validation.valid) {
throw new HTTPError(validation.error, 400)
}
user.password = password user.password = password
user = await userSdk.db.save(user) user = await userSdk.db.save(user)