mirror of
https://github.com/Mintplex-Labs/anything-llm.git
synced 2024-11-16 03:10:31 +01:00
732d07829f
* Added improved password complexity checking capability. * Move password complexity checker as User.util dynamically import required libraries depending on code execution flow lint * Ensure persistence of password requirements on restarts via env-dump Copy example schema to docker env as well --------- Co-authored-by: timothycarambat <rambat1010@gmail.com>
130 lines
3.7 KiB
JavaScript
130 lines
3.7 KiB
JavaScript
const prisma = require("../utils/prisma");
|
|
|
|
const User = {
|
|
create: async function ({ username, password, role = "default" }) {
|
|
const passwordCheck = this.checkPasswordComplexity(password);
|
|
if (!passwordCheck.checkedOK) {
|
|
return { user: null, error: passwordCheck.error };
|
|
}
|
|
|
|
try {
|
|
const bcrypt = require("bcrypt");
|
|
const hashedPassword = bcrypt.hashSync(password, 10);
|
|
const user = await prisma.users.create({
|
|
data: {
|
|
username,
|
|
password: hashedPassword,
|
|
role,
|
|
},
|
|
});
|
|
return { user, error: null };
|
|
} catch (error) {
|
|
console.error("FAILED TO CREATE USER.", error.message);
|
|
return { user: null, error: error.message };
|
|
}
|
|
},
|
|
|
|
update: async function (userId, updates = {}) {
|
|
try {
|
|
// Rehash new password if it exists as update field
|
|
if (updates.hasOwnProperty("password")) {
|
|
const passwordCheck = this.checkPasswordComplexity(updates.password);
|
|
if (!passwordCheck.checkedOK) {
|
|
return { success: false, error: passwordCheck.error };
|
|
}
|
|
|
|
const bcrypt = require("bcrypt");
|
|
updates.password = bcrypt.hashSync(updates.password, 10);
|
|
} else {
|
|
delete updates.password;
|
|
}
|
|
|
|
await prisma.users.update({
|
|
where: { id: parseInt(userId) },
|
|
data: updates,
|
|
});
|
|
return { success: true, error: null };
|
|
} catch (error) {
|
|
console.error(error.message);
|
|
return { success: false, error: error.message };
|
|
}
|
|
},
|
|
|
|
get: async function (clause = {}) {
|
|
try {
|
|
const user = await prisma.users.findFirst({ where: clause });
|
|
return user ? { ...user } : null;
|
|
} catch (error) {
|
|
console.error(error.message);
|
|
return null;
|
|
}
|
|
},
|
|
|
|
count: async function (clause = {}) {
|
|
try {
|
|
const count = await prisma.users.count({ where: clause });
|
|
return count;
|
|
} catch (error) {
|
|
console.error(error.message);
|
|
return 0;
|
|
}
|
|
},
|
|
|
|
delete: async function (clause = {}) {
|
|
try {
|
|
await prisma.users.deleteMany({ where: clause });
|
|
return true;
|
|
} catch (error) {
|
|
console.error(error.message);
|
|
return false;
|
|
}
|
|
},
|
|
|
|
where: async function (clause = {}, limit = null) {
|
|
try {
|
|
const users = await prisma.users.findMany({
|
|
where: clause,
|
|
...(limit !== null ? { take: limit } : {}),
|
|
});
|
|
return users;
|
|
} catch (error) {
|
|
console.error(error.message);
|
|
return [];
|
|
}
|
|
},
|
|
|
|
checkPasswordComplexity: function (passwordInput = "") {
|
|
const passwordComplexity = require("joi-password-complexity");
|
|
// Can be set via ENV variable on boot. No frontend config at this time.
|
|
// Docs: https://www.npmjs.com/package/joi-password-complexity
|
|
const complexityOptions = {
|
|
min: process.env.PASSWORDMINCHAR || 8,
|
|
max: process.env.PASSWORDMAXCHAR || 250,
|
|
lowerCase: process.env.PASSWORDLOWERCASE || 0,
|
|
upperCase: process.env.PASSWORDUPPERCASE || 0,
|
|
numeric: process.env.PASSWORDNUMERIC || 0,
|
|
symbol: process.env.PASSWORDSYMBOL || 0,
|
|
// reqCount should be equal to how many conditions you are testing for (1-4)
|
|
requirementCount: process.env.PASSWORDREQUIREMENTS || 0,
|
|
};
|
|
|
|
const complexityCheck = passwordComplexity(
|
|
complexityOptions,
|
|
"password"
|
|
).validate(passwordInput);
|
|
if (complexityCheck.hasOwnProperty("error")) {
|
|
let myError = "";
|
|
let prepend = "";
|
|
for (let i = 0; i < complexityCheck.error.details.length; i++) {
|
|
myError += prepend + complexityCheck.error.details[i].message;
|
|
prepend = ", ";
|
|
}
|
|
return { checkedOK: false, error: myError };
|
|
}
|
|
|
|
return { checkedOK: true, error: "No error." };
|
|
},
|
|
};
|
|
|
|
module.exports = { User };
|