mbkauthe 1.1.17 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/README.md +1 -1
  2. package/index.js +8 -4
  3. package/lib/main.js +155 -88
  4. package/lib/pool.js +1 -2
  5. package/lib/validateSessionAndRole.js +29 -29
  6. package/package.json +2 -1
  7. package/views/2fa.handlebars +535 -0
  8. package/views/Error/dError.handlebars +1 -1
  9. package/views/loginmbkauthe.handlebars +57 -209
  10. package/views/showmessage.handlebars +170 -0
package/views/loginmbkauthe.handlebars CHANGED
@@ -471,178 +471,7 @@
471
471
  </nav>
472
472
  </header>
473
473
 
474
- <div>
475
- <div class="showMessageblurWindow">
476
- <div class="showmessageWindow">
477
- <h1></h1>
478
- <p></p>
479
- <a href="" target="_blank" class="error-code"></a>
480
- <button class="btn btn-save full" style="font-size: 20px; margin-top: 10px;"
481
- onclick="hideMessage()">Okay</button>
482
- </div>
483
- </div>
484
- <script>
485
- // showMessage("Failed to load the page. Please try again later.", "Error", "404");
486
- function showMessage(message, heading, errorCode) {
487
- document.querySelector(".showmessageWindow h1").innerText = heading;
488
- document.querySelector(".showmessageWindow p").innerHTML = message;
489
- if (errorCode) {
490
- document.querySelector(".showmessageWindow .error-code").style.display = "block";
491
- document.querySelector(".showmessageWindow .error-code").innerText = `Error Code: ${errorCode}`;
492
- } else {
493
- document.querySelector(".showmessageWindow .error-code").style.display = "none";
494
- }
495
- document.querySelector(".showmessageWindow .error-code").href = `https://mbktechstudio.com/ErrorCode/#${errorCode}`;
496
- document
497
- .querySelector(".showMessageblurWindow")
498
- .classList
499
- .add("active");
500
- document
501
- .body
502
- .classList
503
- .add("blur-active");
504
- }
505
- function hideMessage() {
506
- const blurWindow = document.querySelector(".showMessageblurWindow");
507
- blurWindow.classList.add("fade-out");
508
- setTimeout(() => {
509
- blurWindow.classList.remove("active", "fade-out");
510
- document
511
- .body
512
- .classList
513
- .remove("blur-active");
514
- }, 500);
515
- }
516
- </script>
517
- <style>
518
- .showMessageblurWindow {
519
- position: fixed;
520
- top: 0;
521
- left: 0;
522
- width: 100%;
523
- height: 100%;
524
- background: rgba(0, 0, 0, 0.5);
525
- display: none;
526
- justify-content: center;
527
- align-items: center;
528
- z-index: 1000;
529
- backdrop-filter: blur(10px);
530
- }
531
-
532
- .showMessageblurWindow.active {
533
- display: flex;
534
- }
535
-
536
- .showMessageblurWindow.fade-out {
537
- animation: fadeOut 0.5s ease-in-out forwards;
538
- }
539
-
540
- body.blur-active {
541
- overflow: hidden;
542
- }
543
-
544
- .showmessageWindow {
545
- display: flex;
546
- flex-direction: column;
547
- align-items: center;
548
- justify-content: center;
549
- font-family: 'Roboto', sans-serif;
550
- background: rgba(0, 0, 0, 0.6);
551
- padding: 20px 30px;
552
- border-radius: 15px;
553
- max-width: 90%;
554
- width: 600px;
555
- position: relative;
556
- color: #fff;
557
- border: 2px solid #007bff;
558
- animation: fadeIn 0.5s ease-in-out;
559
- }
560
-
561
- .showmessageWindow h1 {
562
- font-family: 'Roboto', sans-serif;
563
- margin-top: 0;
564
- font-size: 30px;
565
- text-align: center;
566
- color: #fff;
567
- text-shadow: 0 0 10px rgba(0, 0, 0, 0.5);
568
- margin-bottom: 10px;
569
- }
570
-
571
- .showmessageWindow p {
572
- font-family: 'Roboto', sans-serif;
573
- font-size: 18px;
574
- text-align: center;
575
- color: #ddd;
576
- }
577
-
578
- .showmessageWindow .close-btn {
579
- position: absolute;
580
- top: 10px;
581
- right: 10px;
582
- background: none;
583
- border: none;
584
- font-size: 30px;
585
- cursor: pointer;
586
- color: #bbb;
587
- transition: color 0.3s;
588
- }
589
-
590
- .showmessageWindow .close-btn:hover {
591
- color: #fff;
592
- }
593
-
594
- @keyframes fadeIn {
595
- from {
596
- opacity: 0;
597
- transform: scale(0.9);
598
- }
599
-
600
- to {
601
- opacity: 1;
602
- transform: scale(1);
603
- }
604
- }
605
-
606
- .showmessageWindow .error-code {
607
- font-family: 'Roboto', sans-serif;
608
- font-size: 16px;
609
- text-align: center;
610
- color: #ff4d4d;
611
- font-weight: 700;
612
- margin: 10px auto;
613
- padding: 5px 10px;
614
- background: rgba(255, 77, 77, 0.1);
615
- border: 1px solid #ff4d4d;
616
- border-radius: 5px;
617
- display: inline-block;
618
- transition: all 0.3s ease-in;
619
- }
620
-
621
- .showmessageWindow .error-code:hover {
622
- background: rgba(255, 77, 77, 0.2);
623
- color: #007bff;
624
- text-decoration: none;
625
- transition: all 0.3s ease-out;
626
- }
627
-
628
-
629
- .showmessageWindow .btn-save {
630
- width: 100%;
631
- }
632
-
633
- @keyframes fadeOut {
634
- from {
635
- opacity: 1;
636
- transform: scale(1);
637
- }
638
-
639
- to {
640
- opacity: 0;
641
- transform: scale(0.9);
642
- }
643
- }
644
- </style>
645
- </div>
474
+ {{> showmessage}}
646
475
 
647
476
  <section class="login-container">
648
477
 
@@ -657,6 +486,7 @@
657
486
  <h1 class="login-title">Login</h1>
658
487
 
659
488
  <form id="loginForm" method="POST">
489
+ <input type="hidden" name="_csrf" value="{{csrfToken}}">
660
490
  <div class="form-group">
661
491
  <input id="loginUsername" class="form-input" type="text" name="username" placeholder=" " required
662
492
  pattern="^[a-z0-9.]+$"
@@ -673,13 +503,6 @@
673
503
  <i class="fas fa-eye input-icon" id="togglePassword"></i>
674
504
  </div>
675
505
 
676
- <div class="form-group token-container disable" id="tokenCon">
677
- <input id="token" class="form-input" type="text" name="token" placeholder=" " pattern="\d{6}"
678
- title="Token must be exactly 6 digits" maxlength="6" minlength="6" />
679
- <label class="form-label">2FA Token</label>
680
- <i class="fas fa-info-circle input-icon" onclick="tokeninfo()"></i>
681
- </div>
682
-
683
506
  <div class="form-group remember-me">
684
507
  <input type="checkbox" id="rememberMe" name="rememberMe">
685
508
  <label for="rememberMe">Remember me</label>
@@ -698,7 +521,7 @@
698
521
  {{/if }}
699
522
 
700
523
  <div class="login-links">
701
- <a onclick="fpass()" class="login-link">Forgot Password?</a>
524
+ <a href="https://portal.mbktechstudio.com/forgot-password" class="login-link">Forgot Password?</a>
702
525
  <a href="https://www.mbktechstudio.com/Support" target="_blank" class="login-link">Need Help?</a>
703
526
  </div>
704
527
 
@@ -751,7 +574,6 @@
751
574
 
752
575
  const username = document.getElementById('loginUsername').value.trim();
753
576
  const password = document.getElementById('loginPassword').value.trim();
754
- const token = document.getElementById('token') ? document.getElementById('token').value.trim() : '';
755
577
  const loginButton = document.getElementById('loginButton');
756
578
  const loginButtonText = document.getElementById('loginButtonText');
757
579
  const rememberMe = document.getElementById('rememberMe').checked;
@@ -772,52 +594,77 @@
772
594
  },
773
595
  body: JSON.stringify({
774
596
  username,
775
- password,
776
- token
597
+ password
777
598
  })
778
599
  })
779
600
  .then(response => response.json())
780
601
  .then(data => {
781
602
  if (data.success) {
782
- loginButtonText.textContent = 'Success! Redirecting...';
783
- sessionStorage.setItem('sessionId', data.sessionId);
784
-
785
- if (rememberMe) {
786
- localStorage.setItem('rememberedUsername', username);
603
+ if (data.twoFactorRequired) {
604
+ // Redirect to 2FA page
605
+ window.location.href = '/mbkauthe/2fa';
787
606
  } else {
788
- localStorage.removeItem('rememberedUsername');
607
+ loginButtonText.textContent = 'Success! Redirecting...';
608
+ sessionStorage.setItem('sessionId', data.sessionId);
609
+
610
+ if (rememberMe) {
611
+ setCookie('rememberedUsername', username, 30); // 30 days
612
+ } else {
613
+ deleteCookie('rememberedUsername');
614
+ }
615
+
616
+ // Redirect to the appropriate page
617
+ const redirectUrl = new URLSearchParams(window.location.search).get('redirect');
618
+ window.location.href = redirectUrl ? decodeURIComponent(redirectUrl) : '{{customURL}}';
789
619
  }
790
-
791
- // Redirect to the appropriate page
792
- const redirectUrl = new URLSearchParams(window.location.search).get('redirect');
793
- window.location.href = redirectUrl ? decodeURIComponent(redirectUrl) : '{{customURL}}';
794
-
795
- loginButton.disabled = false;
796
- loginButtonText.textContent = 'Login';
797
620
  } else {
798
621
  // Handle errors
799
622
  loginButton.disabled = false;
800
623
  loginButtonText.textContent = 'Login';
801
-
802
- if (data.message === "Please Enter 2FA code") {
803
- console.log('2FA required');
804
- document.getElementById('tokenCon').classList.remove('disable');
805
- document.getElementById('tokenCon').classList.add('enable');
806
- document.getElementById('tokenCon').style.animation = 'fadeInUp 0.4s ease-out';
807
- showMessage('Please enter your 2FA token', '2FA Required');
808
- } else {
809
- showMessage(data.message || 'Login failed. Please try again.', 'Login Error');
810
- }
624
+ showMessage(data.message || 'Login failed. Please try again.', 'Login Error', data.errorCode);
811
625
  }
812
626
  })
813
627
  .catch(error => {
814
628
  loginButton.disabled = false;
815
629
  loginButtonText.textContent = 'Login';
816
- console.error('Error:', error);
630
+ console.error('[mbkauthe] Error:', error);
817
631
  showMessage('An error occurred. Please try again.', 'Login Error');
818
632
  });
819
633
  });
820
634
 
635
+ // Cookie helper functions for cross-domain functionality
636
+ function setCookie(name, value, days) {
637
+ let expires = "";
638
+ if (days) {
639
+ const date = new Date();
640
+ date.setTime(date.getTime() + (days * 24 * 60 * 60 * 1000));
641
+ expires = "; expires=" + date.toUTCString();
642
+ }
643
+ // Set cookie for the entire domain (works across all subdomains)
644
+ const domain = window.location.hostname.includes('.') ?
645
+ '.' + window.location.hostname.split('.').slice(-2).join('.') :
646
+ window.location.hostname;
647
+ document.cookie = name + "=" + (value || "") + expires + "; path=/; domain=" + domain + "; SameSite=Lax";
648
+ }
649
+
650
+ function getCookie(name) {
651
+ const nameEQ = name + "=";
652
+ const ca = document.cookie.split(';');
653
+ for (let i = 0; i < ca.length; i++) {
654
+ let c = ca[i];
655
+ while (c.charAt(0) === ' ') c = c.substring(1, c.length);
656
+ if (c.indexOf(nameEQ) === 0) return c.substring(nameEQ.length, c.length);
657
+ }
658
+ return null;
659
+ }
660
+
661
+ function deleteCookie(name) {
662
+ const domain = window.location.hostname.includes('.') ?
663
+ '.' + window.location.hostname.split('.').slice(-2).join('.') :
664
+ window.location.hostname;
665
+ document.cookie = name + "=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/; domain=" + domain;
666
+ }
667
+
821
668
  // Check for URL parameters
822
669
  document.addEventListener('DOMContentLoaded', function () {
823
670
  const urlParams = new URLSearchParams(window.location.search);
@@ -850,6 +697,7 @@
850
697
  // Automatically focus the username field
851
698
  usernameInput.focus();
852
699
  });
700
+
853
701
  //Remember me functionality
854
702
  document.addEventListener('DOMContentLoaded', function () {
855
703
  const urlParams = new URLSearchParams(window.location.search);
@@ -857,8 +705,8 @@
857
705
  const passwordFromUrl = urlParams.get('password');
858
706
  const usernameInput = document.getElementById('loginUsername');
859
707
 
860
- // Check for remembered username in localStorage
861
- const rememberedUsername = localStorage.getItem('rememberedUsername');
708
+ // Check for remembered username in cookies
709
+ const rememberedUsername = getCookie('rememberedUsername');
862
710
  if (rememberedUsername) {
863
711
  usernameInput.value = rememberedUsername;
864
712
  document.getElementById('rememberMe').checked = true;
package/views/showmessage.handlebars ADDED
@@ -0,0 +1,170 @@
1
+ <div class="showMessageblurWindow">
2
+ <div class="showmessageWindow">
3
+ <h1></h1>
4
+ <p></p>
5
+ <a href="" target="_blank" class="error-code"></a>
6
+ <button class="btn btn-save full" style="font-size: 20px; margin-top: 10px;"
7
+ onclick="hideMessage()">Okay</button>
8
+ </div>
9
+ </div>
10
+ <script>
11
+ // showMessage("Failed to load the page. Please try again later.", "Error", "404");
12
+ function showMessage(message, heading, errorCode) {
13
+ document.querySelector(".showmessageWindow h1").innerText = heading;
14
+ document.querySelector(".showmessageWindow p").innerHTML = message;
15
+ if (errorCode) {
16
+ document.querySelector(".showmessageWindow .error-code").style.display = "block";
17
+ document.querySelector(".showmessageWindow .error-code").innerText = `Error Code: ${errorCode}`;
18
+ } else {
19
+ document.querySelector(".showmessageWindow .error-code").style.display = "none";
20
+ }
21
+ document.querySelector(".showmessageWindow .error-code").href = `https://mbktechstudio.com/ErrorCode/#${errorCode}`;
22
+ document
23
+ .querySelector(".showMessageblurWindow")
24
+ .classList
25
+ .add("active");
26
+ document
27
+ .body
28
+ .classList
29
+ .add("blur-active");
30
+ }
31
+ function hideMessage() {
32
+ const blurWindow = document.querySelector(".showMessageblurWindow");
33
+ blurWindow.classList.add("fade-out");
34
+ setTimeout(() => {
35
+ blurWindow.classList.remove("active", "fade-out");
36
+ document
37
+ .body
38
+ .classList
39
+ .remove("blur-active");
40
+ }, 500);
41
+ }
42
+ </script>
43
+ <style>
44
+ .showMessageblurWindow {
45
+ position: fixed;
46
+ top: 0;
47
+ left: 0;
48
+ width: 100%;
49
+ height: 100%;
50
+ background: rgba(0, 0, 0, 0.5);
51
+ display: none;
52
+ justify-content: center;
53
+ align-items: center;
54
+ z-index: 1000;
55
+ backdrop-filter: blur(10px);
56
+ }
57
+
58
+ .showMessageblurWindow.active {
59
+ display: flex;
60
+ }
61
+
62
+ .showMessageblurWindow.fade-out {
63
+ animation: fadeOut 0.5s ease-in-out forwards;
64
+ }
65
+
66
+ body.blur-active {
67
+ overflow: hidden;
68
+ }
69
+
70
+ .showmessageWindow {
71
+ display: flex;
72
+ flex-direction: column;
73
+ align-items: center;
74
+ justify-content: center;
75
+ font-family: 'Roboto', sans-serif;
76
+ background: rgba(0, 0, 0, 0.6);
77
+ padding: 20px 30px;
78
+ border-radius: 15px;
79
+ max-width: 90%;
80
+ width: 600px;
81
+ position: relative;
82
+ color: #fff;
83
+ border: 2px solid #007bff;
84
+ animation: fadeIn 0.5s ease-in-out;
85
+ }
86
+
87
+ .showmessageWindow h1 {
88
+ font-family: 'Roboto', sans-serif;
89
+ margin-top: 0;
90
+ font-size: 30px;
91
+ text-align: center;
92
+ color: #fff;
93
+ text-shadow: 0 0 10px rgba(0, 0, 0, 0.5);
94
+ margin-bottom: 10px;
95
+ }
96
+
97
+ .showmessageWindow p {
98
+ font-family: 'Roboto', sans-serif;
99
+ font-size: 18px;
100
+ text-align: center;
101
+ color: #ddd;
102
+ }
103
+
104
+ .showmessageWindow .close-btn {
105
+ position: absolute;
106
+ top: 10px;
107
+ right: 10px;
108
+ background: none;
109
+ border: none;
110
+ font-size: 30px;
111
+ cursor: pointer;
112
+ color: #bbb;
113
+ transition: color 0.3s;
114
+ }
115
+
116
+ .showmessageWindow .close-btn:hover {
117
+ color: #fff;
118
+ }
119
+
120
+ @keyframes fadeIn {
121
+ from {
122
+ opacity: 0;
123
+ transform: scale(0.9);
124
+ }
125
+
126
+ to {
127
+ opacity: 1;
128
+ transform: scale(1);
129
+ }
130
+ }
131
+
132
+ .showmessageWindow .error-code {
133
+ font-family: 'Roboto', sans-serif;
134
+ font-size: 16px;
135
+ text-align: center;
136
+ color: #ff4d4d;
137
+ font-weight: 700;
138
+ margin: 10px auto;
139
+ padding: 5px 10px;
140
+ background: rgba(255, 77, 77, 0.1);
141
+ border: 1px solid #ff4d4d;
142
+ border-radius: 5px;
143
+ display: inline-block;
144
+ transition: all 0.3s ease-in;
145
+ }
146
+
147
+ .showmessageWindow .error-code:hover {
148
+ background: rgba(255, 77, 77, 0.2);
149
+ color: #007bff;
150
+ text-decoration: none;
151
+ transition: all 0.3s ease-out;
152
+ }
153
+
154
+
155
+ .showmessageWindow .btn-save {
156
+ width: 100%;
157
+ }
158
+
159
+ @keyframes fadeOut {
160
+ from {
161
+ opacity: 1;
162
+ transform: scale(1);
163
+ }
164
+
165
+ to {
166
+ opacity: 0;
167
+ transform: scale(0.9);
168
+ }
169
+ }
170
+ </style>