From fafeea9e831eb4f267daf9dc774682dff0f38500 Mon Sep 17 00:00:00 2001 From: MantasMikal Date: Sat, 6 Feb 2021 13:18:21 +0000 Subject: [PATCH] feat: store all log in attempt timings --- models/user.js | 4 ++-- routes/register.js | 5 ----- routes/timings.js | 23 ++++++++++++++++++++--- 3 files changed, 22 insertions(+), 10 deletions(-) diff --git a/models/user.js b/models/user.js index 0cfb321..c2e3fc1 100644 --- a/models/user.js +++ b/models/user.js @@ -33,10 +33,10 @@ const User = mongoose.model( type: Object, }, passwordAuthTimings: { - type: Object, + type: Array, }, fido2AuthTimings: { - type: Object, + type: Array, }, userAgent: { type: Object diff --git a/routes/register.js b/routes/register.js index ce42ed3..a1f0e4d 100644 --- a/routes/register.js +++ b/routes/register.js @@ -31,13 +31,11 @@ router.post("/registration-options", async (req, res) => { const { email } = req.body; if (!email) { - console.log("Missing email"); return res.status(400).json({ error: "Missing email field" }); } const userExists = await User.findOne({ email }); if (userExists) { - console.log("User already exists"); return res.status(400).json({ error: "User already exists" }); } @@ -101,8 +99,6 @@ router.post("/register", async (req, res) => { code: secretVerificationCode, }); verificationCode.save(); - - console.log("Created new account for: ", email); await mailTo( [email], accountVerificationTemplate( @@ -140,7 +136,6 @@ router.post("/authenticate", async (req, res) => { const { credential, authDuration, password, email, method } = req.body; const user = await User.findOne({ email }); - console.log("🚀 ~ file: register.js ~ line 138 ~ router.post ~ user", user); if (!user) { return res.status(401).json({ error: "Incorrect login details" }); diff --git a/routes/timings.js b/routes/timings.js index 29d360c..9db5c9b 100644 --- a/routes/timings.js +++ b/routes/timings.js @@ -18,8 +18,18 @@ router.post("/registration", async (req, res) => { router.post("/fido2-authentication", async (req, res) => { const { email, fido2AuthTimings } = req.body; + try { - await User.findOneAndUpdate({ email: email }, { fido2AuthTimings }); + // TODO: optimise + const user = await User.findOne({ email: email }); + const timings = [ + ...user.fido2AuthTimings, + { + ...fido2AuthTimings, + date: Date.now().toLocaleDateString("en-US"), + }, + ]; + await User.findOneAndUpdate({ email: email }, { fido2AuthTimings: timings }); return res.status(200).json({ status: "Success" }); } catch (err) { return res.status(500).json({ error: "Server error: " + err }); @@ -29,12 +39,19 @@ router.post("/fido2-authentication", async (req, res) => { router.post("/pw-authentication", async (req, res) => { const { email, passwordAuthTimings } = req.body; try { - await User.findOneAndUpdate({ email: email }, { passwordAuthTimings }); + const user = await User.findOne({ email: email }); + const timings = [ + ...user.passwordAuthTimings, + { + ...passwordAuthTimings, + date: Date.now().toLocaleDateString("en-US"), + }, + ]; + await User.findOneAndUpdate({ email: email }, { passwordAuthTimings: timings }); return res.status(200).json({ status: "Success" }); } catch (err) { return res.status(500).json({ error: "Server error: " + err }); } }); - export default router;