1 files changed, 0 insertions, 81 deletions
diff --git a/server/middlewares/validators/two-factor.ts b/server/middlewares/validators/two-factor.ts
deleted file mode 100644
index 106b579b5..000000000
--- a/server/middlewares/validators/two-factor.ts
+++ /dev/null
@@ -1,81 +0,0 @@
-import express from 'express'
-import { body, param } from 'express-validator'
-import { HttpStatusCode, UserRight } from '@shared/models'
-import { exists, isIdValid } from '../../helpers/custom-validators/misc'
-import { areValidationErrors, checkUserIdExist } from './shared'
-const requestOrConfirmTwoFactorValidator = [
-  param('id').custom(isIdValid),
-  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    if (areValidationErrors(req, res)) return
-    if (!await checkCanEnableOrDisableTwoFactor(req.params.id, res)) return
-    if (res.locals.user.otpSecret) {
-      return res.fail({
-        status: HttpStatusCode.BAD_REQUEST_400,
-        message: `Two factor is already enabled.`
-      })
-    }
-    return next()
-  }
-]
-const confirmTwoFactorValidator = [
-  body('requestToken').custom(exists),
-  body('otpToken').custom(exists),
-  (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    if (areValidationErrors(req, res)) return
-    return next()
-  }
-]
-const disableTwoFactorValidator = [
-  param('id').custom(isIdValid),
-  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    if (areValidationErrors(req, res)) return
-    if (!await checkCanEnableOrDisableTwoFactor(req.params.id, res)) return
-    if (!res.locals.user.otpSecret) {
-      return res.fail({
-        status: HttpStatusCode.BAD_REQUEST_400,
-        message: `Two factor is already disabled.`
-      })
-    }
-    return next()
-  }
-]
-// ---------------------------------------------------------------------------
-export {
-  requestOrConfirmTwoFactorValidator,
-  confirmTwoFactorValidator,
-  disableTwoFactorValidator
-}
-// ---------------------------------------------------------------------------
-async function checkCanEnableOrDisableTwoFactor (userId: number | string, res: express.Response) {
-  const authUser = res.locals.oauth.token.user
-  if (!await checkUserIdExist(userId, res)) return
-  if (res.locals.user.id !== authUser.id && authUser.hasRight(UserRight.MANAGE_USERS) !== true) {
-    res.fail({
-      status: HttpStatusCode.FORBIDDEN_403,
-      message: `User ${authUser.username} does not have right to change two factor setting of this user.`
-    })
-    return false
-  }
-  return true
-}

diff --git a/server/middlewares/validators/two-factor.ts b/server/middlewares/validators/two-factor.ts deleted file mode 100644 index 106b579b5..000000000 --- a/server/middlewares/validators/two-factor.ts +++ /dev/null
@@ -1,81 +0,0 @@
1	import express from 'express'
2	import { body, param } from 'express-validator'
3	import { HttpStatusCode, UserRight } from '@shared/models'
4	import { exists, isIdValid } from '../../helpers/custom-validators/misc'
5	import { areValidationErrors, checkUserIdExist } from './shared'
6
7	const requestOrConfirmTwoFactorValidator = [
8	param('id').custom(isIdValid),
9
10	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
11	if (areValidationErrors(req, res)) return
12
13	if (!await checkCanEnableOrDisableTwoFactor(req.params.id, res)) return
14
15	if (res.locals.user.otpSecret) {
16	return res.fail({
17	status: HttpStatusCode.BAD_REQUEST_400,
18	message: `Two factor is already enabled.`
19	})
20	}
21
22	return next()
23	}
24	]
25
26	const confirmTwoFactorValidator = [
27	body('requestToken').custom(exists),
28	body('otpToken').custom(exists),
29
30	(req: express.Request, res: express.Response, next: express.NextFunction) => {
31	if (areValidationErrors(req, res)) return
32
33	return next()
34	}
35	]
36
37	const disableTwoFactorValidator = [
38	param('id').custom(isIdValid),
39
40	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
41	if (areValidationErrors(req, res)) return
42
43	if (!await checkCanEnableOrDisableTwoFactor(req.params.id, res)) return
44
45	if (!res.locals.user.otpSecret) {
46	return res.fail({
47	status: HttpStatusCode.BAD_REQUEST_400,
48	message: `Two factor is already disabled.`
49	})
50	}
51
52	return next()
53	}
54	]
55
56	// ---------------------------------------------------------------------------
57
58	export {
59	requestOrConfirmTwoFactorValidator,
60	confirmTwoFactorValidator,
61	disableTwoFactorValidator
62	}
63
64	// ---------------------------------------------------------------------------
65
66	async function checkCanEnableOrDisableTwoFactor (userId: number \| string, res: express.Response) {
67	const authUser = res.locals.oauth.token.user
68
69	if (!await checkUserIdExist(userId, res)) return
70
71	if (res.locals.user.id !== authUser.id && authUser.hasRight(UserRight.MANAGE_USERS) !== true) {
72	res.fail({
73	status: HttpStatusCode.FORBIDDEN_403,
74	message: `User ${authUser.username} does not have right to change two factor setting of this user.`
75	})
76
77	return false
78	}
79
80	return true
81	}