@cocalc/server
Version:
CoCalc server functionality: functions used by either the hub and the next.js server
34 lines • 1.82 kB
JavaScript
;
/*
* This file is part of CoCalc: Copyright © 2020 Sagemath, Inc.
* License: AGPLv3 s.t. "Commons Clause" – see LICENSE.md for details
*/
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.createReset = exports.recentAttempts = void 0;
const uuid_1 = require("uuid");
const pool_1 = __importDefault(require("@cocalc/database/pool"));
const util_1 = require("@cocalc/database/pool/util");
// Returns number of "recent" attempts to reset the password with this
// email from this ip address. By "recent" we mean, "in the last 10 minutes".
async function recentAttempts(email_address, ip_address) {
const pool = (0, pool_1.default)();
const { rows } = await pool.query("SELECT COUNT(*)::INT FROM password_reset_attempts WHERE email_address=$1 AND ip_address=$2 AND time >= NOW() - INTERVAL '10 min'", [email_address, ip_address]);
return rows[0].count;
}
exports.recentAttempts = recentAttempts;
async function createReset(email_address, ip_address, ttl_s) {
const pool = (0, pool_1.default)();
// Record that there was an attempt:
if (ip_address) {
await pool.query("INSERT INTO password_reset_attempts(id, email_address,ip_address,time,expire) VALUES($1::UUID,$2::TEXT,$3,NOW(),NOW() + INTERVAL '1 day')", [(0, uuid_1.v4)(), email_address, ip_address]);
}
// Create the expiring password reset token:
const id = (0, uuid_1.v4)();
await pool.query("INSERT INTO password_reset(id,email_address,expire) VALUES($1::UUID,$2::TEXT,$3::TIMESTAMP)", [id, email_address, (0, util_1.expireTime)(ttl_s)]);
return id;
}
exports.createReset = createReset;
//# sourceMappingURL=password-reset.js.map