feat!: reset password with email

2023-02-09 18:17:53 +01:00
parent 8ab359b71d
commit 5d1a7f0310
20 changed files with 459 additions and 156 deletions
--- a/frontend/src/middleware.ts
+++ b/frontend/src/middleware.ts
@@ -12,6 +12,15 @@ export const config = {
 };

 export async function middleware(request: NextRequest) {
+  const routes = {
+    unauthenticated: new Routes(["/auth/signIn", "/auth/resetPassword*", "/"]),
+    public: new Routes(["/share/*", "/upload/*"]),
+    setupStatusRegistered: new Routes(["/auth/*", "/admin/setup"]),
+    admin: new Routes(["/admin/*"]),
+    account: new Routes(["/account/*"]),
+    disabledRoutes: new Routes([]),
+  };
+
  // Get config from backend
  const config = await (
    await fetch("http://localhost:8080/api/configs")
@@ -21,14 +30,6 @@ export async function middleware(request: NextRequest) {
    return configService.get(key, config);
  };

-  const containsRoute = (routes: string[], url: string) => {
-    for (const route of routes) {
-      if (new RegExp("^" + route.replace(/\*/g, ".*") + "$").test(url))
-        return true;
-    }
-    return false;
-  };
-
  const route = request.nextUrl.pathname;
  let user: { isAdmin: boolean } | null = null;
  const accessToken = request.cookies.get("access_token")?.value;
@@ -44,57 +45,51 @@ export async function middleware(request: NextRequest) {
    user = null;
  }

-  const unauthenticatedRoutes = ["/auth/signIn", "/"];
-  let publicRoutes = ["/share/*", "/upload/*"];
-  const setupStatusRegisteredRoutes = ["/auth/*", "/admin/setup"];
-  const adminRoutes = ["/admin/*"];
-  const accountRoutes = ["/account/*"];
-
-  if (getConfig("ALLOW_REGISTRATION")) {
-    unauthenticatedRoutes.push("/auth/signUp");
+  if (!getConfig("ALLOW_REGISTRATION")) {
+    routes.disabledRoutes.routes.push("/auth/signUp");
  }

  if (getConfig("ALLOW_UNAUTHENTICATED_SHARES")) {
-    publicRoutes = ["*"];
+    routes.public.routes = ["*"];
  }

-  const isPublicRoute = containsRoute(publicRoutes, route);
-  const isUnauthenticatedRoute = containsRoute(unauthenticatedRoutes, route);
-  const isAdminRoute = containsRoute(adminRoutes, route);
-  const isAccountRoute = containsRoute(accountRoutes, route);
-  const isSetupStatusRegisteredRoute = containsRoute(
-    setupStatusRegisteredRoutes,
-    route
-  );
+  if (!getConfig("SMTP_ENABLED")) {
+    routes.disabledRoutes.routes.push("/auth/resetPassword*");
+  }

  // prettier-ignore
  const rules = [
+    // Disabled routes
+    {
+      condition: routes.disabledRoutes.contains(route),
+      path: "/",
+    },
    // Setup status
    {
      condition: getConfig("SETUP_STATUS") == "STARTED" && route != "/auth/signUp",
      path: "/auth/signUp",
    },
    {
-      condition: getConfig("SETUP_STATUS") == "REGISTERED" && !isSetupStatusRegisteredRoute,
+      condition: getConfig("SETUP_STATUS") == "REGISTERED" && !routes.setupStatusRegistered.contains(route),
      path: user ? "/admin/setup" : "/auth/signIn",
    },
     // Authenticated state
     {
-      condition: user && isUnauthenticatedRoute,
+      condition: user && routes.unauthenticated.contains(route) && !getConfig("ALLOW_UNAUTHENTICATED_SHARES"),
      path: "/upload",
    },
    // Unauthenticated state
    {
-      condition: !user && !isPublicRoute && !isUnauthenticatedRoute,
+      condition: !user && !routes.public.contains(route) && !routes.unauthenticated.contains(route),
      path: "/auth/signIn",
    },
    {
-      condition: !user && isAccountRoute,
+      condition: !user && routes.account.contains(route),
      path: "/upload",
    },
    // Admin privileges
    {
-      condition: isAdminRoute && !user?.isAdmin,
+      condition: routes.admin.contains(route) && !user?.isAdmin,
      path: "/upload",
    },
    // Home page
@@ -103,7 +98,6 @@ export async function middleware(request: NextRequest) {
      path: "/upload",
    },
  ];
-
  for (const rule of rules) {
    if (rule.condition) {
      let { path } = rule;
@@ -115,3 +109,17 @@ export async function middleware(request: NextRequest) {
    }
  }
 }
+
+// Helper class to check if a route matches a list of routes
+class Routes {
+  // eslint-disable-next-line no-unused-vars
+  constructor(public routes: string[]) {}
+
+  contains(_route: string) {
+    for (const route of this.routes) {
+      if (new RegExp("^" + route.replace(/\*/g, ".*") + "$").test(_route))
+        return true;
+    }
+    return false;
+  }
+}