liz/wikijs-fork
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: site title check + UI fixes + 2FA setup on account verify

Browse Source
This commit is contained in:
NGPixel
2020-08-23 12:58:56 -04:00
parent f72530bf84
commit 8c205b6950
4 changed files with 21 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
client/components/admin/admin-general.vue
View File

@@ -177,6 +177,8 @@ import editorStore from '../../store/editor'
/* global WIKI */ /* global WIKI */
const titleRegex = /[<>"]/i
WIKI.$store.registerModule('editor', editorStore) WIKI.$store.registerModule('editor', editorStore)
export default { export default {
@@ -186,12 +188,6 @@ export default {
}, },
data() { data() {
return { return {
analyticsServices: [
{ text: 'None', value: '' },
{ text: 'Elasticsearch APM RUM', value: 'elk' },
{ text: 'Google Analytics', value: 'ga' },
{ text: 'Google Tag Manager', value: 'gtm' }
],
config: { config: {
host: '', host: '',
title: '', title: '',
@@ -238,6 +234,15 @@ export default {
}, },
methods: { methods: {
async save () { async save () {
const title = _.get(this.config, 'title', '')
if (titleRegex.test(title)) {
this.$store.commit('showNotification', {
style: 'error',
message: this.$t('admin:general.siteTitleInvalidChars'),
icon: 'alert'
})
return
}
try { try {
await this.$apollo.mutate({ await this.$apollo.mutate({
mutation: gql` mutation: gql`
@@ -300,7 +305,7 @@ export default {
}) })
this.$store.commit('showNotification', { this.$store.commit('showNotification', {
style: 'success', style: 'success',
message: 'Configuration saved successfully.', message: this.$t('admin:general.saveSuccess'),
icon: 'check' icon: 'check'
}) })
this.siteTitle = this.config.title this.siteTitle = this.config.title

2
client/components/common/loader.vue
View File

@@ -8,7 +8,7 @@
:size='60' :size='60'
color='#FFF' color='#FFF'
) )
img(v-else-if='mode === `icon`', :src='`/svg/icon-` + icon + `.svg`', :alt='icon') img(v-else-if='mode === `icon`', :src='`/_assets/svg/icon-` + icon + `.svg`', :alt='icon')
.subtitle-1.white--text {{ title }} .subtitle-1.white--text {{ title }}
.caption {{ subtitle }} .caption {{ subtitle }}
</template> </template>

2
client/components/register.vue
View File

@@ -93,7 +93,7 @@
loader(v-model='isLoading', :mode='loaderMode', :icon='loaderIcon', :color='loaderColor', :title='loaderTitle', :subtitle='loaderSubtitle') loader(v-model='isLoading', :mode='loaderMode', :icon='loaderIcon', :color='loaderColor', :title='loaderTitle', :subtitle='loaderSubtitle')
nav-footer(color='grey darken-5', dark-color='grey darken-5') nav-footer(color='grey darken-5', dark-color='grey darken-5')
notify notify(style='padding-top: 64px;')
</template> </template>
<script> <script>

10
server/controllers/auth.js
View File

@@ -135,10 +135,14 @@ router.get('/verify/:token', bruteforce.prevent, async (req, res, next) => {
try { try {
const usr = await WIKI.models.userKeys.validateToken({ kind: 'verify', token: req.params.token }) const usr = await WIKI.models.userKeys.validateToken({ kind: 'verify', token: req.params.token })
await WIKI.models.users.query().patch({ isVerified: true }).where('id', usr.id) await WIKI.models.users.query().patch({ isVerified: true }).where('id', usr.id)
const result = await WIKI.models.users.refreshToken(usr)
req.brute.reset() req.brute.reset()
res.cookie('jwt', result.token, { expires: moment().add(1, 'years').toDate() }) if (WIKI.config.auth.enforce2FA) {
res.redirect('/') res.redirect('/login')
} else {
const result = await WIKI.models.users.refreshToken(usr)
res.cookie('jwt', result.token, { expires: moment().add(1, 'years').toDate() })
res.redirect('/')
}
} catch (err) { } catch (err) {
next(err) next(err)
} }