diff --git a/api/server/controllers/auth/LoginController.js b/api/server/controllers/auth/LoginController.js index 925eb21d7..1b543e9ba 100644 --- a/api/server/controllers/auth/LoginController.js +++ b/api/server/controllers/auth/LoginController.js @@ -1,42 +1,20 @@ const { setAuthTokens } = require('~/server/services/AuthService'); -const { getUserById, updateUser } = require('~/models/userMethods'); -const { isEnabled, checkEmailConfig } = require('~/server/utils'); const { logger } = require('~/config'); -// Unix timestamp for 2024-06-07 15:20:18 Eastern Time -const verificationEnabledTimestamp = 1717788018; - const loginController = async (req, res) => { try { - const user = await getUserById(req.user._id, '-password -__v'); - - // If user doesn't exist, return error - if (!user) { + if (!req.user) { return res.status(400).json({ message: 'Invalid credentials' }); } - const emailEnabled = checkEmailConfig(); - const userCreatedAtTimestamp = Math.floor(new Date(user.createdAt).getTime() / 1000); + const { password: _, __v, ...user } = req.user; + user.id = user._id.toString(); - if ( - !emailEnabled && - !user.emailVerified && - userCreatedAtTimestamp < verificationEnabledTimestamp - ) { - await updateUser(user._id, { emailVerified: true }); - user.emailVerified = true; - } - - if (!user.emailVerified && !isEnabled(process.env.ALLOW_UNVERIFIED_EMAIL_LOGIN)) { - return res.status(422).json({ message: 'Email not verified' }); - } - - const token = await setAuthTokens(user._id, res); + const token = await setAuthTokens(req.user._id, res); return res.status(200).send({ token, user }); } catch (err) { logger.error('[loginController]', err); - return res.status(500).json({ message: 'Something went wrong' }); } }; diff --git a/api/server/services/AuthService.js b/api/server/services/AuthService.js index 489c3f32f..c335d2cab 100644 --- a/api/server/services/AuthService.js +++ b/api/server/services/AuthService.js @@ -297,7 +297,7 @@ const resetPassword = async (userId, token, password) => { /** * Set Auth Tokens * - * @param {String} userId + * @param {String | ObjectId} userId * @param {Object} res * @param {String} sessionId * @returns diff --git a/api/strategies/jwtStrategy.js b/api/strategies/jwtStrategy.js index 7053ab169..8d55baaed 100644 --- a/api/strategies/jwtStrategy.js +++ b/api/strategies/jwtStrategy.js @@ -11,7 +11,7 @@ const jwtLogin = async () => }, async (payload, done) => { try { - const user = await getUserById(payload?.id); + const user = await getUserById(payload?.id, '-password -__v'); user.id = user._id.toString(); if (user) { done(null, user); diff --git a/api/strategies/localStrategy.js b/api/strategies/localStrategy.js index e0e46c2be..9c87a5b31 100644 --- a/api/strategies/localStrategy.js +++ b/api/strategies/localStrategy.js @@ -1,10 +1,13 @@ const { errorsToString } = require('librechat-data-provider'); const { Strategy: PassportLocalStrategy } = require('passport-local'); -const { findUser, comparePassword } = require('~/models'); +const { findUser, comparePassword, updateUser } = require('~/models'); +const { isEnabled, checkEmailConfig } = require('~/server/utils'); const { loginSchema } = require('./validators'); -const { isEnabled } = require('~/server/utils'); const logger = require('~/utils/logger'); +// Unix timestamp for 2024-06-07 15:20:18 Eastern Time +const verificationEnabledTimestamp = 1717788018; + async function validateLoginRequest(req) { const { error } = loginSchema.safeParse(req.body); return error ? errorsToString(error.errors) : null; @@ -33,6 +36,18 @@ async function passportLogin(req, email, password, done) { return done(null, false, { message: 'Incorrect password.' }); } + const emailEnabled = checkEmailConfig(); + const userCreatedAtTimestamp = Math.floor(new Date(user.createdAt).getTime() / 1000); + + if ( + !emailEnabled && + !user.emailVerified && + userCreatedAtTimestamp < verificationEnabledTimestamp + ) { + await updateUser(user._id, { emailVerified: true }); + user.emailVerified = true; + } + if (!user.emailVerified && !isEnabled(process.env.ALLOW_UNVERIFIED_EMAIL_LOGIN)) { logError('Passport Local Strategy - Email not verified', { email }); logger.error(`[Login] [Login failed] [Username: ${email}] [Request-IP: ${req.ip}]`);