external/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-03-09 15:40:18 +00:00
Code Issues Releases Wiki Activity

More SMS work.

Browse source
This commit is contained in:
Ylian Saint-Hilaire 2020-04-22 02:23:02 -07:00
parent 200acde9c8
commit 2b6925205f
4 changed files with 36 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

24
meshuser.js
View file

@ -3713,24 +3713,20 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
if (parent.parent.smsserver == null) return;
if (common.validateString(command.phone, 1, 18) == false) break; // Check phone length
if (command.phone.match(/^\(?([0-9]{3})\)?[-. ]?([0-9]{3})[-. ]?([0-9]{4})$/) == false) break; // Check phone
var code = getRandomEightDigitInteger();
//console.log(code);
const code = getRandomEightDigitInteger();
// TODO: We need to tie this cookie to this session and limit how many times we can guess the code
const phoneCookie = parent.parent.encodeCookie({ a: 'verifyPhone', c: code, p: command.phone });
ws.send(JSON.stringify({ action: 'verifyPhone', cookie: phoneCookie, success: true })); // DEBUG
/*
// TODO: We need limit how many times we can guess the code
const phoneCookie = parent.parent.encodeCookie({ a: 'verifyPhone', c: code, p: command.phone, s: ws.sessionId });
parent.parent.smsserver.sendPhoneCheck(domain, command.phone, code, parent.getLanguageCodes(req), function (success) {
ws.send(JSON.stringify({ action: 'verifyPhone', cookie: phoneCookie, success: success }));
});
*/
break;
}
case 'confirmPhone': {
if ((parent.parent.smsserver == null) || (typeof command.cookie != 'string') || (typeof command.code != 'number')) break; // Input checks
var cookie = parent.parent.decodeCookie(command.cookie);
if (cookie == null) break; // Invalid cookie
if (cookie.s != ws.sessionId) break; // Invalid session
if (cookie.c != command.code) { ws.send(JSON.stringify({ action: 'verifyPhone', cookie: command.cookie, success: true })); break; } // Code does not match
// Set the user's phone
@ -3758,6 +3754,18 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
break;
}
case 'smsuser': { // Send a SMS message to a user
if (parent.parent.smsserver == null) break;
if ((user.siteadmin & 2) == 0) break;
if (common.validateString(command.userid, 1, 2048) == false) break;
if (common.validateString(command.msg, 1, 160) == false) break;
var smsuser = parent.users[command.userid];
if ((smsuser == null) || (smsuser.phone == null)) break;
parent.parent.smsserver.sendSMS(smsuser.phone, command.msg, function (success) {
// TODO
});
break;
}
case 'getClip': {
if (common.validateString(command.nodeid, 1, 1024) == false) break; // Check nodeid