Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2025-12-16 16:30:15 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

🧹 chore: pre-release cleanup 2 (#3600)

Browse source 
* refactor: scrollToEnd

* fix(validateConvoAccess): search conversation by ID for proper validation

* feat: Add unique index for conversationId and user in convoSchema

* refactor: Update font sizes 1 rem -> font-size-base in style.css

* fix: Assistants map type issues

* refactor: Remove obsolete scripts

* fix: Update DropdownNoState component to handle both string and OptionType values

* refactor: Remove config/loader.js file

* fix: remove crypto.randomBytes(); refactor: Create reusable function for generating token and hash
This commit is contained in:
Danny Avila 2024-08-09 15:17:13 -04:00 committed by GitHub
parent 6fead1005b
commit 1ff4841603
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
20 changed files with 172 additions and 637 deletions
Download patch file Download diff file Expand all files Collapse all files

20
api/server/services/AuthService.js
View file

@ -1,4 +1,5 @@
const bcrypt = require('bcryptjs');
const { webcrypto } = require('node:crypto');
const { SystemRoles, errorsToString } = require('librechat-data-provider');
const {
findUser,
@ -53,14 +54,23 @@ const logoutUser = async (userId, refreshToken) => {
}
};
/**
* Creates Token and corresponding Hash for verification
* @returns {[string, string]}
*/
const createTokenHash = () => {
const token = Buffer.from(webcrypto.getRandomValues(new Uint8Array(32))).toString('hex');
const hash = bcrypt.hashSync(token, 10);
return [token, hash];
};
/**
* Send Verification Email
* @param {Partial<MongoUser> & { _id: ObjectId, email: string, name: string}} user
* @returns {Promise<void>}
*/
const sendVerificationEmail = async (user) => {
let verifyToken = crypto.randomBytes(32).toString('hex');
const hash = bcrypt.hashSync(verifyToken, 10);
const [verifyToken, hash] = createTokenHash();
const verificationLink = `${
domains.client
@ -226,8 +236,7 @@ const requestPasswordReset = async (req) => {
await token.deleteOne();
}
let resetToken = crypto.randomBytes(32).toString('hex');
const hash = bcrypt.hashSync(resetToken, 10);
const [resetToken, hash] = createTokenHash();
await new Token({
userId: user._id,
@ -365,8 +374,7 @@ const resendVerificationEmail = async (req) => {
return { status: 200, message: genericVerificationMessage };
}
let verifyToken = crypto.randomBytes(32).toString('hex');
const hash = bcrypt.hashSync(verifyToken, 10);
const [verifyToken, hash] = createTokenHash();
const verificationLink = `${
domains.client