MCPcopy
hub / github.com/botpress/botpress / setup

Method setup

packages/bp/src/core/security/strategy-basic.ts:26–78  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

24 }
25
26 async setup() {
27 if (process.env.BP_ADMIN_EMAIL && process.env.BP_ADMIN_PASSWORD && (await this.authService.isFirstUser())) {
28 this.logger.info(`Creating user ${process.env.BP_ADMIN_EMAIL}`)
29 await this._register(process.env.BP_ADMIN_EMAIL, 'default', process.env.BP_ADMIN_PASSWORD, '0.0.0.0')
30 }
31 const router = this.router
32 router.post(
33 '/login/basic/:strategy',
34 this.asyncMiddleware(async (req: Request, res: Response) => {
35 const { password, newPassword, channel, target } = req.body
36 const email = req.body.email.toLowerCase()
37 const { strategy } = req.params
38
39 // Random delay to prevent an attacker from determining if an account exists by the response time. Arbitrary numbers
40 await Promise.delay(_.random(15, 80))
41
42 await this._login(email, password, strategy, newPassword, req.ip)
43 let token: TokenResponse
44
45 // If the channel & target is set, we consider that it's a chat user logging in (even if it's with admin credentials)
46 if (channel && target) {
47 token = await this.authService.generateChatUserToken(email, strategy, channel, target)
48 } else {
49 token = await this.authService.generateSecureToken(email, strategy)
50 }
51
52 if (await this.authService.setJwtCookieResponse(token, res)) {
53 return sendSuccess(res, 'Login successful', _.omit(token, 'jwt'))
54 }
55
56 return sendSuccess(res, 'Login successful', token)
57 })
58 )
59
60 router.post(
61 '/register/basic/:strategyId',
62 this.asyncMiddleware(async (req: RequestWithUser, res) => {
63 const { strategyId } = req.params
64
65 if (!(await this.authService.isFirstUser())) {
66 return res.status(403).send('Registration is disabled')
67 }
68
69 const { email, password } = req.body
70 if (email.length < 4 || password.length < 4) {
71 throw new BadRequestError('Email or password is too short.')
72 }
73
74 const token = await this._register(email, strategyId, password, req.ip)
75 return sendSuccess(res, 'Registration successful', token)
76 })
77 )
78 }
79
80 async resetPassword(email: string, strategy: string): Promise<string> {
81 const password = nanoid(15)

Callers 1

setupStrategiesMethod · 0.95

Calls 10

_registerMethod · 0.95
_loginMethod · 0.95
sendSuccessFunction · 0.90
isFirstUserMethod · 0.80
postMethod · 0.80
generateChatUserTokenMethod · 0.80
generateSecureTokenMethod · 0.80
setJwtCookieResponseMethod · 0.80
sendMethod · 0.80
infoMethod · 0.65

Tested by

no test coverage detected