feat: store all log in attempt timings

mikalaum · Feb 6, 2021 · fafeea9e831eb4f267daf9dc774682dff0f38500 · fafeea9
1 parent 83cbc5f
commit fafeea9e831eb4f267daf9dc774682dff0f38500
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 10 deletions.
diff --git a/models/user.js b/models/user.js
@@ -33,10 +33,10 @@ const User = mongoose.model(
       type: Object,
     },
     passwordAuthTimings: {
-      type: Object,
+      type: Array,
     },
     fido2AuthTimings: {
-      type: Object,
+      type: Array,
     },
     userAgent: {
       type: Object

diff --git a/routes/register.js b/routes/register.js
@@ -31,13 +31,11 @@ router.post("/registration-options", async (req, res) => {
   const { email } = req.body;
 
   if (!email) {
-    console.log("Missing email");
     return res.status(400).json({ error: "Missing email field" });
   }
 
   const userExists = await User.findOne({ email });
   if (userExists) {
-    console.log("User already exists");
     return res.status(400).json({ error: "User already exists" });
   }
 
@@ -101,8 +99,6 @@ router.post("/register", async (req, res) => {
       code: secretVerificationCode,
     });
     verificationCode.save();
-
-    console.log("Created new account for: ", email);
     await mailTo(
       [email],
       accountVerificationTemplate(
@@ -140,7 +136,6 @@ router.post("/authenticate", async (req, res) => {
   const { credential, authDuration, password, email, method } = req.body;
 
   const user = await User.findOne({ email });
-  console.log("🚀 ~ file: register.js ~ line 138 ~ router.post ~ user", user);
 
   if (!user) {
     return res.status(401).json({ error: "Incorrect login details" });

diff --git a/routes/timings.js b/routes/timings.js
@@ -18,8 +18,18 @@ router.post("/registration", async (req, res) => {
 
 router.post("/fido2-authentication", async (req, res) => {
   const { email, fido2AuthTimings } = req.body;
+
   try {
-    await User.findOneAndUpdate({ email: email }, { fido2AuthTimings });
+    // TODO: optimise
+    const user = await User.findOne({ email: email });
+    const timings = [
+      ...user.fido2AuthTimings,
+      {
+        ...fido2AuthTimings,
+        date: Date.now().toLocaleDateString("en-US"),
+      },
+    ];
+    await User.findOneAndUpdate({ email: email }, { fido2AuthTimings: timings });
     return res.status(200).json({ status: "Success" });
   } catch (err) {
     return res.status(500).json({ error: "Server error: " + err });
@@ -29,12 +39,19 @@ router.post("/fido2-authentication", async (req, res) => {
 router.post("/pw-authentication", async (req, res) => {
   const { email, passwordAuthTimings } = req.body;
   try {
-    await User.findOneAndUpdate({ email: email }, { passwordAuthTimings });
+    const user = await User.findOne({ email: email });
+    const timings = [
+      ...user.passwordAuthTimings,
+      {
+        ...passwordAuthTimings,
+        date: Date.now().toLocaleDateString("en-US"),
+      },
+    ];
+    await User.findOneAndUpdate({ email: email }, { passwordAuthTimings: timings });
     return res.status(200).json({ status: "Success" });
   } catch (err) {
     return res.status(500).json({ error: "Server error: " + err });
   }
 });
 
-
 export default router;