From b216c72bdaf932f0d29738fc4714e37058a9601b Mon Sep 17 00:00:00 2001
From: TomatoCake <60300461+DEVTomatoCake@users.noreply.github.com>
Date: Thu, 29 Aug 2024 10:40:18 +0200
Subject: [PATCH] Fixes for password, mfa code & email validation
---
assets/openapi.json | 29 +++++++++++++++++++
assets/schemas.json | 23 +++++++++++++++
.../schemas/ApplicationAuthorizeSchema.ts | 10 +++++--
.../schemas/BackupCodesChallengeSchema.ts | 10 +++++--
src/util/schemas/LoginSchema.ts | 10 +++++--
src/util/schemas/MfaCodesSchema.ts | 10 +++++--
src/util/schemas/PasswordResetSchema.ts | 10 +++++--
src/util/schemas/TotpDisableSchema.ts | 10 +++++--
src/util/schemas/TotpEnableSchema.ts | 14 +++++++--
src/util/schemas/UserModifySchema.ts | 15 ++++++++++
10 files changed, 120 insertions(+), 21 deletions(-)
diff --git a/assets/openapi.json b/assets/openapi.json
index b6544d27b..b1818f4ba 100644
--- a/assets/openapi.json
+++ b/assets/openapi.json
@@ -102,6 +102,8 @@
"type": "string"
},
"code": {
+ "minLength": 6,
+ "maxLength": 6,
"type": "string"
}
},
@@ -174,6 +176,8 @@
"type": "object",
"properties": {
"password": {
+ "minLength": 1,
+ "maxLength": 72,
"type": "string"
}
},
@@ -5606,6 +5610,8 @@
"type": "string"
},
"password": {
+ "minLength": 1,
+ "maxLength": 72,
"type": "string"
},
"undelete": {
@@ -5986,6 +5992,8 @@
"type": "object",
"properties": {
"password": {
+ "minLength": 1,
+ "maxLength": 72,
"type": "string"
},
"regenerate": {
@@ -6022,6 +6030,8 @@
"type": "object",
"properties": {
"password": {
+ "minLength": 1,
+ "maxLength": 72,
"type": "string"
},
"token": {
@@ -6359,6 +6369,8 @@
"type": "object",
"properties": {
"code": {
+ "minLength": 6,
+ "maxLength": 6,
"type": "string"
}
},
@@ -6370,9 +6382,13 @@
"type": "object",
"properties": {
"password": {
+ "minLength": 1,
+ "maxLength": 72,
"type": "string"
},
"code": {
+ "minLength": 6,
+ "maxLength": 6,
"type": "string"
},
"secret": {
@@ -6497,15 +6513,22 @@
"nullable": true
},
"password": {
+ "minLength": 1,
+ "maxLength": 72,
"type": "string"
},
"new_password": {
+ "minLength": 1,
+ "maxLength": 72,
"type": "string"
},
"code": {
+ "minLength": 6,
+ "maxLength": 6,
"type": "string"
},
"email": {
+ "format": "email",
"type": "string"
},
"discriminator": {
@@ -10945,6 +10968,12 @@
},
"tags": [
"scheduled-maintenances"
+ ],
+ "x-badges": [
+ {
+ "label": "Spacebar-only",
+ "color": "red"
+ }
]
}
},
diff --git a/assets/schemas.json b/assets/schemas.json
index 08ba372c4..c92ac3e96 100644
--- a/assets/schemas.json
+++ b/assets/schemas.json
@@ -75,6 +75,8 @@
"type": "string"
},
"code": {
+ "minLength": 6,
+ "maxLength": 6,
"type": "string"
}
},
@@ -155,6 +157,8 @@
"type": "object",
"properties": {
"password": {
+ "minLength": 1,
+ "maxLength": 72,
"type": "string"
}
},
@@ -87935,6 +87939,8 @@
"type": "string"
},
"password": {
+ "minLength": 1,
+ "maxLength": 72,
"type": "string"
},
"undelete": {
@@ -122124,6 +122130,8 @@
"type": "object",
"properties": {
"password": {
+ "minLength": 1,
+ "maxLength": 72,
"type": "string"
},
"regenerate": {
@@ -131818,6 +131826,8 @@
"type": "object",
"properties": {
"password": {
+ "minLength": 1,
+ "maxLength": 72,
"type": "string"
},
"token": {
@@ -190102,6 +190112,8 @@
"type": "object",
"properties": {
"code": {
+ "minLength": 6,
+ "maxLength": 6,
"type": "string"
}
},
@@ -194942,9 +194954,13 @@
"type": "object",
"properties": {
"password": {
+ "minLength": 1,
+ "maxLength": 72,
"type": "string"
},
"code": {
+ "minLength": 6,
+ "maxLength": 6,
"type": "string"
},
"secret": {
@@ -214395,15 +214411,22 @@
]
},
"password": {
+ "minLength": 1,
+ "maxLength": 72,
"type": "string"
},
"new_password": {
+ "minLength": 1,
+ "maxLength": 72,
"type": "string"
},
"code": {
+ "minLength": 6,
+ "maxLength": 6,
"type": "string"
},
"email": {
+ "format": "email",
"type": "string"
},
"discriminator": {
diff --git a/src/util/schemas/ApplicationAuthorizeSchema.ts b/src/util/schemas/ApplicationAuthorizeSchema.ts
index bf7998e2a..04b7b1eaa 100644
--- a/src/util/schemas/ApplicationAuthorizeSchema.ts
+++ b/src/util/schemas/ApplicationAuthorizeSchema.ts
@@ -1,17 +1,17 @@
/*
Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
Copyright (C) 2023 Spacebar and Spacebar Contributors
-
+
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
-
+
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see .
*/
@@ -21,5 +21,9 @@ export interface ApplicationAuthorizeSchema {
guild_id: string;
permissions: string;
captcha_key?: string;
+ /**
+ * @minLength 6
+ * @maxLength 6
+ */
code?: string; // 2fa code
}
diff --git a/src/util/schemas/BackupCodesChallengeSchema.ts b/src/util/schemas/BackupCodesChallengeSchema.ts
index 9ac375183..25f1b707d 100644
--- a/src/util/schemas/BackupCodesChallengeSchema.ts
+++ b/src/util/schemas/BackupCodesChallengeSchema.ts
@@ -1,21 +1,25 @@
/*
Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
Copyright (C) 2023 Spacebar and Spacebar Contributors
-
+
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
-
+
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see .
*/
export interface BackupCodesChallengeSchema {
+ /**
+ * @minLength 1
+ * @maxLength 72
+ */
password: string;
}
diff --git a/src/util/schemas/LoginSchema.ts b/src/util/schemas/LoginSchema.ts
index aec8272da..55b6a020f 100644
--- a/src/util/schemas/LoginSchema.ts
+++ b/src/util/schemas/LoginSchema.ts
@@ -1,23 +1,27 @@
/*
Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
Copyright (C) 2023 Spacebar and Spacebar Contributors
-
+
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
-
+
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see .
*/
export interface LoginSchema {
login: string;
+ /**
+ * @minLength 1
+ * @maxLength 72
+ */
password: string;
undelete?: boolean;
captcha_key?: string;
diff --git a/src/util/schemas/MfaCodesSchema.ts b/src/util/schemas/MfaCodesSchema.ts
index 9104fa5c6..1f66f08c8 100644
--- a/src/util/schemas/MfaCodesSchema.ts
+++ b/src/util/schemas/MfaCodesSchema.ts
@@ -1,22 +1,26 @@
/*
Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
Copyright (C) 2023 Spacebar and Spacebar Contributors
-
+
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
-
+
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see .
*/
export interface MfaCodesSchema {
+ /**
+ * @minLength 1
+ * @maxLength 72
+ */
password: string;
regenerate?: boolean;
}
diff --git a/src/util/schemas/PasswordResetSchema.ts b/src/util/schemas/PasswordResetSchema.ts
index 7c6b71a5e..15489a91d 100644
--- a/src/util/schemas/PasswordResetSchema.ts
+++ b/src/util/schemas/PasswordResetSchema.ts
@@ -1,22 +1,26 @@
/*
Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
Copyright (C) 2023 Spacebar and Spacebar Contributors
-
+
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
-
+
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see .
*/
export interface PasswordResetSchema {
+ /**
+ * @minLength 1
+ * @maxLength 72
+ */
password: string;
token: string;
}
diff --git a/src/util/schemas/TotpDisableSchema.ts b/src/util/schemas/TotpDisableSchema.ts
index 0bc0b8b2d..29706f484 100644
--- a/src/util/schemas/TotpDisableSchema.ts
+++ b/src/util/schemas/TotpDisableSchema.ts
@@ -1,21 +1,25 @@
/*
Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
Copyright (C) 2023 Spacebar and Spacebar Contributors
-
+
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
-
+
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see .
*/
export interface TotpDisableSchema {
+ /**
+ * @minLength 6
+ * @maxLength 6
+ */
code: string;
}
diff --git a/src/util/schemas/TotpEnableSchema.ts b/src/util/schemas/TotpEnableSchema.ts
index 39c09eed5..a80e06ac4 100644
--- a/src/util/schemas/TotpEnableSchema.ts
+++ b/src/util/schemas/TotpEnableSchema.ts
@@ -1,23 +1,31 @@
/*
Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
Copyright (C) 2023 Spacebar and Spacebar Contributors
-
+
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
-
+
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see .
*/
export interface TotpEnableSchema {
+ /**
+ * @minLength 1
+ * @maxLength 72
+ */
password: string;
+ /**
+ * @minLength 6
+ * @maxLength 6
+ */
code?: string;
secret?: string;
}
diff --git a/src/util/schemas/UserModifySchema.ts b/src/util/schemas/UserModifySchema.ts
index e4ed10716..6d2998ebf 100644
--- a/src/util/schemas/UserModifySchema.ts
+++ b/src/util/schemas/UserModifySchema.ts
@@ -25,9 +25,24 @@ export interface UserModifySchema {
bio?: string;
accent_color?: number;
banner?: string | null;
+ /**
+ * @minLength 1
+ * @maxLength 72
+ */
password?: string;
+ /**
+ * @minLength 1
+ * @maxLength 72
+ */
new_password?: string;
+ /**
+ * @minLength 6
+ * @maxLength 6
+ */
code?: string;
+ /**
+ * @TJS-format email
+ */
email?: string;
/**
* @minLength 4