bug fixes

2025-11-25 13:24:24 +00:00 · 2023-10-14 10:50:50 +02:00
parent b31667a77f
commit 02dee5ad0d
5 changed files with 13 additions and 7 deletions
--- a/src/server/backend/plugins/payments/payrexx/payrexxRoutes.js
+++ b/src/server/backend/plugins/payments/payrexx/payrexxRoutes.js
@@ -13,6 +13,7 @@ const ticket = require( '../../../tickets/ticketGenerator.js' );
 const payrexxModule = require( './module.payrexx.js' );
 const payrexx = payrexxModule.init();
 const TicketGenerator = new ticket();
+const generator = require( '../../../token.js' );

 let sessionReference = {};
 let waitingClients = {};
@@ -101,6 +102,7 @@ module.exports = ( app, settings ) => {
                        response.write( 'data: ready\n\n' );
                        response.end();
                        delete waitingClients[ request.session.id ];
+                        request.session.id = generator.generateToken( 30 );
                    }, 2000 );
                } else if ( stat === 'noTicket' ) {
                    clearInterval( ping );
@@ -120,6 +122,7 @@ module.exports = ( app, settings ) => {
            if ( !pendingPayments[ request.session.id ] ) {
                const stat = TicketGenerator.getGenerationStatus( request.session.id );
                if ( stat === 'done' ) {
+                    request.session.id = generator.generateToken( 30 );
                    response.send( { 'status': 'ticketOk' } );
                } else if ( stat === 'noTicket' ) {
                    response.send( { 'status': 'noTicket' } );
--- a/src/server/backend/plugins/payments/stripe/stripeRoutes.js
+++ b/src/server/backend/plugins/payments/stripe/stripeRoutes.js
@@ -16,6 +16,7 @@ const stripe = require( 'stripe' )( stripeConfig[ 'APIKey' ] );
 const bodyParser = require( 'body-parser' );
 const ticket = require( '../../../tickets/ticketGenerator.js' );
 const TicketGenerator = new ticket();
+const generator = require( '../../../token.js' );

 const endpointSecret = stripeConfig[ 'endpointSecret' ];

@@ -103,6 +104,7 @@ module.exports = ( app, settings ) => {
                        response.write( 'data: ready\n\n' );
                        response.end();
                        delete waitingClients[ request.session.id ];
+                        request.session.id = generator.generateToken( 30 );
                    }, 2000 );
                } else if ( stat === 'noTicket' ) {
                    clearInterval( ping );
@@ -122,6 +124,7 @@ module.exports = ( app, settings ) => {
            if ( !pendingPayments[ request.session.id ] ) {
                const stat = TicketGenerator.getGenerationStatus( request.session.id );
                if ( stat === 'done' ) {
+                    request.session.id = generator.generateToken( 30 );
                    response.send( { 'status': 'ticketOk' } );
                } else if ( stat === 'noTicket' ) {
                    response.send( { 'status': 'noTicket' } );
--- a/src/server/backend/userRoutes.js
+++ b/src/server/backend/userRoutes.js
@@ -178,7 +178,7 @@ module.exports = ( app, settings ) => {
                            'name': request.body.name, 
                            'two_fa': 'disabled', 
                            'user_data': JSON.stringify( { 'country': request.body.country } ), 
-                            'marketing': request.body.newsletter ? generator.generateToken( 60 ) : null 
+                            'marketing': request.body.newsletter ?? null 
                        } ).then( () => {
                            request.session.loggedInUser = true;
                            request.session.username = request.body.mail;
@@ -215,6 +215,8 @@ module.exports = ( app, settings ) => {
            if ( call === '2fa' ) {
                db.writeDataSimple( 'users', 'email', request.session.username, { 'two_fa': request.body.twoFA } );
                response.send( 'ok' );
+            } else {
+                response.status( 404 ).send( 'Not found' );
            }
        } else {
            response.status( 403 ).send( 'unauthorised' );
--- a/src/server/ui/en/signup/allowTwoFA.html
+++ b/src/server/ui/en/signup/allowTwoFA.html
@@ -90,11 +90,10 @@
        <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js"></script>
        <script>
            function submitFunction () {
-                let code = document.getElementById( '2fa' ).value;
-                let data = '';
+                let mode = document.getElementById( '2fa' ).value;
                let fetchOptions = {
                    method: 'post',
-                    body: JSON.stringify( { 'twoFA': data } ),
+                    body: JSON.stringify( { 'twoFA': mode } ),
                    headers: {
                        'Content-Type': 'application/json',
                        'charset': 'utf-8'
--- a/src/server/ui/en/signup/enforceTwoFA.html
+++ b/src/server/ui/en/signup/enforceTwoFA.html
@@ -89,11 +89,10 @@
        <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js"></script>
        <script>
            function submitFunction () {
-                let code = document.getElementById( '2fa' ).value;
-                let data = '';
+                let mode = document.getElementById( '2fa' ).value;
                let fetchOptions = {
                    method: 'post',
-                    body: JSON.stringify( { 'twoFA': data } ),
+                    body: JSON.stringify( { 'twoFA': mode } ),
                    headers: {
                        'Content-Type': 'application/json',
                        'charset': 'utf-8'