eightequal/AstralRinth
1
0
Fork 0
forked from didirus/AstralRinth
Code Pull Requests Activity

More secure custom authentication solution (#126)

Browse Source 
* Remove Nuxt Auth from the project, and switch to a custom solution

* Replace old testing code

* Remove warnings

* Add comments to hard to understand function calls in middleware

* Use arrow functions
This commit is contained in:
Geometrically
2021-03-29 09:43:00 -07:00
committed by GitHub
parent 8911bdf966
commit 24c8e29691
23 changed files with 271 additions and 614 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pages/dashboard/misc/revoke-token.vue
View File

@@ -54,7 +54,7 @@ export default {
},
methods: {
async logout() {
await this.$auth.setToken('local', false)
this.$cookies.remove('auth-token')
await this.$router.replace(
'https://api.modrinth.com/api/v1/auth/init?url=https://modrinth.com/'
)

38
pages/dashboard/moderation.vue
View File

@@ -84,20 +84,18 @@ export default {
ModCard,
},
async asyncData(data) {
const config = {
headers: {
Authorization: data.$auth.getToken('local')
? data.$auth.getToken('local')
: '',
},
}
const mods = (
await axios.get(`https://api.modrinth.com/api/v1/moderation/mods`, config)
await axios.get(
`https://api.modrinth.com/api/v1/moderation/mods`,
data.$auth.headers
)
).data
const reports = (
await axios.get(`https://api.modrinth.com/api/v1/report`, config)
await axios.get(
`https://api.modrinth.com/api/v1/report`,
data.$auth.headers
)
).data
return {
@@ -107,36 +105,20 @@ export default {
},
methods: {
async changeModStatus(id, status, index) {
const config = {
headers: {
Authorization: this.$auth.getToken('local')
? this.$auth.getToken('local')
: '',
},
}
await axios.patch(
`https://api.modrinth.com/api/v1/mod/${id}`,
{
status,
},
config
this.$auth.headers
)
this.mods.splice(index, 1)
},
async deleteReport(index) {
const config = {
headers: {
Authorization: this.$auth.getToken('local')
? this.$auth.getToken('local')
: '',
},
}
await axios.delete(
`https://api.modrinth.com/api/v1/report/${this.reports[index].id}`,
config
this.$auth.headers
)
this.reports.splice(index, 1)

24
pages/dashboard/notifications.vue
View File

@@ -53,18 +53,10 @@ export default {
DashboardPage,
},
async asyncData(data) {
const config = {
headers: {
Authorization: data.$auth.getToken('local')
? data.$auth.getToken('local')
: '',
},
}
const notifications = (
await axios.get(
`https://api.modrinth.com/api/v1/user/${data.$auth.user.id}/notifications`,
config
data.$auth.headers
)
).data
@@ -82,25 +74,19 @@ export default {
method: notification.actions[index].action_route[0].toLowerCase(),
url: `https://api.modrinth.com/api/v1/${notification.actions[index].action_route[1]}`,
headers: {
Authorization: this.$auth.getToken('local'),
Authorization: this.$auth.token,
},
}
await axios(config)
}
const config = {
headers: {
Authorization: this.$auth.getToken('local')
? this.$auth.getToken('local')
: '',
},
}
await axios.delete(
`https://api.modrinth.com/api/v1/notification/${notification.id}`,
config
this.$auth.headers
)
this.notifications.splice(index, 1)
} catch (err) {
this.$notify({
group: 'main',

12
pages/dashboard/projects.vue
View File

@@ -46,22 +46,14 @@ export default {
ModCard,
},
async asyncData(data) {
const config = {
headers: {
Authorization: data.$auth.getToken('local')
? data.$auth.getToken('local')
: '',
},
}
let res = await axios.get(
`https://api.modrinth.com/api/v1/user/${data.$auth.user.id}/mods`,
config
data.$auth.headers
)
res = await axios.get(
`https://api.modrinth.com/api/v1/mods?ids=${JSON.stringify(res.data)}`,
config
data.$auth.headers
)
return {

24
pages/dashboard/settings.vue
View File

@@ -114,7 +114,7 @@ export default {
this.name = this.$auth.user.name
this.email = this.$auth.user.email
this.bio = this.$auth.user.bio
this.token = this.$auth.getToken('local')
this.token = this.$auth.token
},
data() {
return {
@@ -134,7 +134,7 @@ export default {
this.$router.replace('/dashboard/misc/revoke-token')
},
async copyToken() {
await this.$copyText(this.token)
await navigator.clipboard.writeText(this.token)
this.$notify({
group: 'main',
title: 'Copied to clipboard.',
@@ -143,12 +143,6 @@ export default {
})
},
async editProfile() {
const config = {
headers: {
Authorization: this.$auth.getToken('local'),
},
}
this.$nuxt.$loading.start()
try {
@@ -162,10 +156,12 @@ export default {
await axios.patch(
`https://api.modrinth.com/api/v1/user/${this.$auth.user.id}`,
data,
config
this.$auth.headers
)
await this.$auth.fetchUser()
await this.$store.dispatch('auth/fetchUser', {
token: this.$auth.token,
})
} catch (err) {
this.$notify({
group: 'main',
@@ -178,18 +174,12 @@ export default {
this.$nuxt.$loading.finish()
},
async deleteAccount() {
const config = {
headers: {
Authorization: this.$auth.getToken('local'),
},
}
this.$nuxt.$loading.start()
try {
await axios.delete(
`https://api.modrinth.com/api/v1/user/${this.$auth.user.id}`,
config
this.$auth.headers
)
} catch (err) {
this.$notify({

20
pages/mod/_id/edit.vue
View File

@@ -314,14 +314,6 @@ export default {
Multiselect,
},
async asyncData(data) {
const config = {
headers: {
Authorization: data.$auth.getToken('local')
? data.$auth.getToken('local')
: '',
},
}
try {
const [
mod,
@@ -334,7 +326,7 @@ export default {
await Promise.all([
axios.get(
`https://api.modrinth.com/api/v1/mod/${data.params.id}`,
config
data.$auth.headers
),
axios.get(`https://api.modrinth.com/api/v1/tag/category`),
axios.get(`https://api.modrinth.com/api/v1/tag/loader`),
@@ -425,12 +417,6 @@ export default {
await this.saveMod()
},
async saveMod() {
const config = {
headers: {
Authorization: this.$auth.getToken('local'),
},
}
this.$nuxt.$loading.start()
try {
@@ -465,7 +451,7 @@ export default {
await axios.patch(
`https://api.modrinth.com/api/v1/mod/${this.mod.id}`,
data,
config
this.$auth.headers
)
if (this.iconChanged) {
@@ -474,7 +460,7 @@ export default {
this.icon.type.split('/')[this.icon.type.split('/').length - 1]
}`,
this.icon,
config
this.$auth.headers
)
}

18
pages/mod/_id/index.vue
View File

@@ -23,19 +23,11 @@ export default {
components: { ModPage },
auth: false,
async asyncData(data) {
const config = {
headers: {
Authorization: data.$auth.getToken('local')
? data.$auth.getToken('local')
: '',
},
}
try {
const mod = (
await axios.get(
`https://api.modrinth.com/api/v1/mod/${data.params.id}`,
config
data.$auth.headers
)
).data
@@ -50,10 +42,10 @@ export default {
`https://api.modrinth.com/api/v1/mod/${mod.id}/version?featured=true`
),
axios.get(
data.$auth.loggedIn
data.$auth.user
? `https://api.modrinth.com/api/v1/user/${data.$auth.user.id}/follows`
: `https://api.modrinth.com`,
config
data.$auth.headers
),
])
).map((it) => it.data)
@@ -63,7 +55,7 @@ export default {
`https://api.modrinth.com/api/v1/users?ids=${JSON.stringify(
members.map((it) => it.user_id)
)}`,
config
data.$auth.headers
)
).data
@@ -73,7 +65,7 @@ export default {
members[index].name = it.username
})
const currentMember = data.$auth.loggedIn
const currentMember = data.$auth.user
? members.find((x) => x.user_id === data.$auth.user.id)
: null

20
pages/mod/_id/newversion.vue
View File

@@ -137,19 +137,11 @@ export default {
Multiselect,
},
async asyncData(data) {
const config = {
headers: {
Authorization: data.$auth.getToken('local')
? data.$auth.getToken('local')
: '',
},
}
try {
const mod = (
await axios.get(
`https://api.modrinth.com/api/v1/mod/${data.params.id}`,
config
data.$auth.headers
)
).data
@@ -168,10 +160,10 @@ export default {
axios.get(`https://api.modrinth.com/api/v1/tag/loader`),
axios.get(`https://api.modrinth.com/api/v1/tag/game_version`),
axios.get(
data.$auth.loggedIn
data.$auth.user
? `https://api.modrinth.com/api/v1/user/${data.$auth.user.id}/follows`
: `https://api.modrinth.com`,
config
data.$auth.headers
),
])
).map((it) => it.data)
@@ -181,7 +173,7 @@ export default {
`https://api.modrinth.com/api/v1/users?ids=${JSON.stringify(
members.map((it) => it.user_id)
)}`,
config
data.$auth.headers
)
).data
@@ -191,7 +183,7 @@ export default {
members[index].name = it.username
})
const currentMember = data.$auth.loggedIn
const currentMember = data.$auth.user
? members.find((x) => x.user_id === data.$auth.user.id)
: null
@@ -244,7 +236,7 @@ export default {
data: formData,
headers: {
'Content-Type': 'multipart/form-data',
Authorization: this.$auth.getToken('local'),
Authorization: this.$auth.token,
},
})
await this.$router.go(null)

52
pages/mod/_id/settings.vue
View File

@@ -246,19 +246,11 @@ import DropdownIcon from '~/assets/images/utils/dropdown.svg?inline'
export default {
components: { ModPage, DropdownIcon },
async asyncData(data) {
const config = {
headers: {
Authorization: data.$auth.getToken('local')
? data.$auth.getToken('local')
: '',
},
}
try {
const mod = (
await axios.get(
`https://api.modrinth.com/api/v1/mod/${data.params.id}`,
config
data.$auth.headers
)
).data
@@ -266,16 +258,16 @@ export default {
await Promise.all([
axios.get(
`https://api.modrinth.com/api/v1/team/${mod.team}/members`,
config
data.$auth.headers
),
axios.get(
`https://api.modrinth.com/api/v1/mod/${mod.id}/version?featured=true`
),
axios.get(
data.$auth.loggedIn
data.$auth.user
? `https://api.modrinth.com/api/v1/user/${data.$auth.user.id}/follows`
: `https://api.modrinth.com`,
config
data.$auth.headers
),
])
).map((it) => it.data)
@@ -286,7 +278,7 @@ export default {
`https://api.modrinth.com/api/v1/users?ids=${JSON.stringify(
members.map((it) => it.user_id)
)}`,
config
data.$auth.headers
),
])
).map((it) => it.data)
@@ -297,7 +289,7 @@ export default {
members[index].name = it.username
})
const currentMember = data.$auth.loggedIn
const currentMember = data.$auth.user
? members.find((x) => x.user_id === data.$auth.user.id)
: null
@@ -333,12 +325,6 @@ export default {
},
methods: {
async inviteTeamMember() {
const config = {
headers: {
Authorization: this.$auth.getToken('local'),
},
}
this.$nuxt.$loading.start()
try {
@@ -355,7 +341,7 @@ export default {
await axios.post(
`https://api.modrinth.com/api/v1/team/${this.mod.team}/members`,
data,
config
this.auth.headers
)
await this.$router.go(null)
} catch (err) {
@@ -370,18 +356,12 @@ export default {
this.$nuxt.$loading.finish()
},
async removeTeamMember(index) {
const config = {
headers: {
Authorization: this.$auth.getToken('local'),
},
}
this.$nuxt.$loading.start()
try {
await axios.delete(
`https://api.modrinth.com/api/v1/team/${this.mod.team}/members/${this.members[index].user_id}`,
config
this.$auth.headers
)
await this.$router.go(null)
} catch (err) {
@@ -396,12 +376,6 @@ export default {
this.$nuxt.$loading.finish()
},
async updateTeamMember(index) {
const config = {
headers: {
Authorization: this.$auth.getToken('local'),
},
}
this.$nuxt.$loading.start()
try {
@@ -413,7 +387,7 @@ export default {
await axios.patch(
`https://api.modrinth.com/api/v1/team/${this.mod.team}/members/${this.members[index].user_id}`,
data,
config
this.$auth.headers
)
await this.$router.go(null)
} catch (err) {
@@ -428,15 +402,9 @@ export default {
this.$nuxt.$loading.finish()
},
async deleteMod() {
const config = {
headers: {
Authorization: this.$auth.getToken('local'),
},
}
await axios.delete(
`https://api.modrinth.com/api/v1/mod/${this.mod.id}`,
config
this.$auth.headers
)
},
},

28
pages/mod/_id/version/_version/edit.vue
View File

@@ -126,19 +126,11 @@ export default {
},
auth: false,
async asyncData(data) {
const config = {
headers: {
Authorization: data.$auth.getToken('local')
? data.$auth.getToken('local')
: '',
},
}
try {
const mod = (
await axios.get(
`https://api.modrinth.com/api/v1/mod/${data.params.id}`,
config
data.$auth.headers
)
).data
@@ -159,10 +151,10 @@ export default {
axios.get(`https://api.modrinth.com/api/v1/tag/loader`),
axios.get(`https://api.modrinth.com/api/v1/tag/game_version`),
axios.get(
data.$auth.loggedIn
data.$auth.user
? `https://api.modrinth.com/api/v1/user/${data.$auth.user.id}/follows`
: `https://api.modrinth.com`,
config
data.$auth.headers
),
])
).map((it) => it.data)
@@ -172,7 +164,7 @@ export default {
`https://api.modrinth.com/api/v1/users?ids=${JSON.stringify(
members.map((it) => it.user_id)
)}`,
config
data.$auth.headers
)
).data
@@ -192,7 +184,7 @@ export default {
primaryFile = version.files[0]
}
const currentMember = data.$auth.loggedIn
const currentMember = data.$auth.user
? members.find((x) => x.user_id === data.$auth.user.id)
: null
@@ -221,21 +213,13 @@ export default {
},
methods: {
async saveVersion() {
const config = {
headers: {
Authorization: this.$auth.getToken('local')
? this.$auth.getToken('local')
: '',
},
}
this.$nuxt.$loading.start()
try {
await axios.patch(
`https://api.modrinth.com/api/v1/version/${this.version.id}`,
this.version,
config
this.$auth.headers
)
await this.$router.replace(
`/mod/${this.mod.id}/version/${this.version.id}`

46
pages/mod/_id/version/_version/index.vue
View File

@@ -29,7 +29,7 @@
<Categories :categories="version.loaders" />
<div class="buttons">
<nuxt-link
v-if="this.$auth.loggedIn"
v-if="this.$auth.user"
:to="`/report/create?id=${version.id}&t=version`"
class="action iconified-button"
>
@@ -154,19 +154,11 @@ export default {
},
auth: false,
async asyncData(data) {
const config = {
headers: {
Authorization: data.$auth.getToken('local')
? data.$auth.getToken('local')
: '',
},
}
try {
const mod = (
await axios.get(
`https://api.modrinth.com/api/v1/mod/${data.params.id}`,
config
data.$auth.headers
)
).data
@@ -178,10 +170,10 @@ export default {
`https://api.modrinth.com/api/v1/mod/${mod.id}/version?featured=true`
),
axios.get(
data.$auth.loggedIn
data.$auth.user
? `https://api.modrinth.com/api/v1/user/${data.$auth.user.id}/follows`
: `https://api.modrinth.com`,
config
data.$auth.headers
),
])
).map((it) => it.data)
@@ -191,7 +183,7 @@ export default {
`https://api.modrinth.com/api/v1/users?ids=${JSON.stringify(
members.map((it) => it.user_id)
)}`,
config
data.$auth.headers
)
).data
@@ -211,7 +203,7 @@ export default {
primaryFile = version.files[0]
}
const currentMember = data.$auth.loggedIn
const currentMember = data.$auth.user
? members.find((x) => x.user_id === data.$auth.user.id)
: null
@@ -255,15 +247,9 @@ export default {
async deleteFile(hash) {
this.$nuxt.$loading.start()
const config = {
headers: {
Authorization: this.$auth.getToken('local'),
},
}
await axios.delete(
`https://api.modrinth.com/api/v1/version_file/${hash}`,
config
this.$auth.headers
)
await this.$router.go(null)
@@ -272,18 +258,12 @@ export default {
async makePrimary(hash) {
this.$nuxt.$loading.start()
const config = {
headers: {
Authorization: this.$auth.getToken('local'),
},
}
await axios.patch(
`https://api.modrinth.com/api/v1/version/${this.version.id}`,
{
primary_file: ['sha1', hash],
},
config
this.$auth.headers
)
await this.$router.go(null)
@@ -317,7 +297,7 @@ export default {
data: formData,
headers: {
'Content-Type': 'multipart/form-data',
Authorization: this.$auth.getToken('local'),
Authorization: this.$auth.token,
},
})
@@ -337,15 +317,9 @@ export default {
async deleteVersion() {
this.$nuxt.$loading.start()
const config = {
headers: {
Authorization: this.$auth.getToken('local'),
},
}
await axios.delete(
`https://api.modrinth.com/api/v1/version/${this.version.id}`,
config
this.$auth.headers
)
await this.$router.replace(`/mod/${this.mod.id}`)

18
pages/mod/_id/versions.vue
View File

@@ -107,19 +107,11 @@ export default {
},
auth: false,
async asyncData(data) {
const config = {
headers: {
Authorization: data.$auth.getToken('local')
? data.$auth.getToken('local')
: '',
},
}
try {
const mod = (
await axios.get(
`https://api.modrinth.com/api/v1/mod/${data.params.id}`,
config
data.$auth.headers
)
).data
@@ -131,10 +123,10 @@ export default {
`https://api.modrinth.com/api/v1/mod/${mod.id}/version?featured=true`
),
axios.get(
data.$auth.loggedIn
data.$auth.user
? `https://api.modrinth.com/api/v1/user/${data.$auth.user.id}/follows`
: `https://api.modrinth.com`,
config
data.$auth.headers
),
])
).map((it) => it.data)
@@ -144,7 +136,7 @@ export default {
`https://api.modrinth.com/api/v1/users?ids=${JSON.stringify(
members.map((it) => it.user_id)
)}`,
config
data.$auth.headers
)
).data
@@ -154,7 +146,7 @@ export default {
members[index].name = it.username
})
const currentMember = data.$auth.loggedIn
const currentMember = data.$auth.user
? members.find((x) => x.user_id === data.$auth.user.id)
: null

2
pages/mod/create.vue
View File

@@ -660,7 +660,7 @@ export default {
data: formData,
headers: {
'Content-Type': 'multipart/form-data',
Authorization: this.$auth.getToken('local'),
Authorization: this.$auth.token,
},
})

14
pages/report/create.vue
View File

@@ -119,14 +119,6 @@ export default {
this.$nuxt.$loading.start()
try {
const config = {
headers: {
Authorization: this.$auth.getToken('local')
? this.$auth.getToken('local')
: '',
},
}
const data = {
report_type: this.reportType,
item_id: this.itemId,
@@ -134,7 +126,11 @@ export default {
body: this.body,
}
await axios.post('https://api.modrinth.com/api/v1/report', data, config)
await axios.post(
'https://api.modrinth.com/api/v1/report',
data,
this.$auth.headers
)
await this.$router.replace(`/${this.itemType}/${this.itemId}`)
} catch (err) {

24
pages/user/_id.vue
View File

@@ -19,7 +19,7 @@
<p v-if="user.bio" class="bio">{{ user.bio }}</p>
<div class="buttons">
<nuxt-link
v-if="this.$auth.loggedIn"
v-if="this.$auth.user"
:to="`/report/create?id=${user.id}&t=user`"
class="iconified-button"
>
@@ -102,32 +102,19 @@ export default {
ReportIcon,
},
async asyncData(data) {
const config = {
headers: {
Authorization: data.$auth.getToken('local')
? data.$auth.getToken('local')
: '',
},
}
try {
let res = await axios.get(
`https://api.modrinth.com/api/v1/user/${data.params.id}`,
config
`https://api.modrinth.com/api/v1/user/${data.params.id}`
)
const user = res.data
let mods = []
res = await axios.get(
`https://api.modrinth.com/api/v1/user/${user.id}/mods`,
config
`https://api.modrinth.com/api/v1/user/${user.id}/mods`
)
if (res.data) {
res = await axios.get(
`https://api.modrinth.com/api/v1/mods?ids=${JSON.stringify(
res.data
)}`,
config
`https://api.modrinth.com/api/v1/mods?ids=${JSON.stringify(res.data)}`
)
mods = res.data
}
@@ -250,7 +237,4 @@ export default {
}
}
}
.mods {
}
</style>