Leahnaya/account
1
0
Fork 0
mirror of https://github.com/PretendoNetwork/account.git synced 2026-03-21 17:44:49 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: make NNAS middleware only accept console tokens

Browse Source
This commit is contained in:
Jonathan Barrow 2024-08-09 18:46:34 -04:00
parent 1653b09988
commit 8e557fc072
No known key found for this signature in database
GPG Key ID: E86E9FE9049C741F
2 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/database.ts
View File

@ -104,12 +104,17 @@ export async function getPNIDByBasicAuth(token: string): Promise<HydratedPNIDDoc
return pnid;
}
export async function getPNIDByTokenAuth(token: string): Promise<HydratedPNIDDocument | null> {
export async function getPNIDByTokenAuth(token: string, allowedTypes?: number[]): Promise<HydratedPNIDDocument | null> {
verifyConnected();
try {
const decryptedToken = decryptToken(Buffer.from(token, 'hex'));
const unpackedToken = unpackToken(decryptedToken);
if (allowedTypes && !allowedTypes.includes(unpackedToken.system_type)) {
return null;
}
const pnid = await getPNIDByPID(unpackedToken.pid);
if (pnid) {

7
src/middleware/pnid.ts
View File

@ -14,7 +14,7 @@ async function PNIDMiddleware(request: express.Request, response: express.Respon
const parts = authHeader.split(' ');
const type = parts[0];
let token = parts[1];
let pnid: HydratedPNIDDocument | null;
let pnid: HydratedPNIDDocument | null = null;
if (request.isCemu) {
token = Buffer.from(token, 'hex').toString('base64');
@ -22,8 +22,9 @@ async function PNIDMiddleware(request: express.Request, response: express.Respon
if (type === 'Basic') {
pnid = await getPNIDByBasicAuth(token);
} else {
pnid = await getPNIDByTokenAuth(token);
} else if (type === 'Bearer') {
// TODO - This "accepted types list" is mostly a hack. Change this
pnid = await getPNIDByTokenAuth(token, [1, 2]);
}
if (!pnid) {