mbkauthe 4.8.4 → 4.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (16) hide show
  1. package/README.md +1 -0
  2. package/index.js +1 -0
  3. package/lib/db/AuthRepository.js +295 -0
  4. package/lib/db/BaseRepository.js +185 -0
  5. package/lib/db/dialects/postgres.js +18 -0
  6. package/lib/middleware/auth.js +20 -49
  7. package/lib/middleware/index.js +8 -14
  8. package/lib/routes/auth.js +63 -132
  9. package/lib/routes/misc.js +11 -46
  10. package/lib/routes/oauth.js +7 -28
  11. package/package.json +1 -1
  12. package/public/main.css +35 -2
  13. package/views/header.handlebars +1 -1
  14. package/views/pages/2fa.handlebars +9 -5
  15. package/views/pages/loginmbkauthe.handlebars +42 -25
  16. package/views/showmessage.handlebars +2 -2
package/views/pages/2fa.handlebars CHANGED
@@ -31,7 +31,9 @@
31
31
  title="Token must be exactly 6 digits" maxlength="6" minlength="6" autocomplete="off" autofocus
32
32
  required />
33
33
  <label class="form-label">2FA Token</label>
34
- <i class="fas fa-info-circle input-icon" onclick="tokeninfo()"></i>
34
+ <button type="button" class="icon-button input-icon" onclick="tokeninfo()" aria-label="What is the 2FA token?">
35
+ <i class="fas fa-info-circle"></i>
36
+ </button>
35
37
  </div>
36
38
 
37
39
  <div class="trust-device-container">
@@ -40,8 +42,10 @@
40
42
  <span class="checkbox-custom"></span>
41
43
  <span class="checkbox-text">Trust this device for {{DEVICE_TRUST_DURATION_DAYS}} days</span>
42
44
  </label>
43
- <i class="fas fa-info-circle trust-device-info" onclick="trustDeviceInfo()"
44
- title="Learn more about trusted devices"></i>
45
+ <button type="button" class="icon-button trust-device-info" onclick="trustDeviceInfo()"
46
+ title="Learn more about trusted devices" aria-label="Learn more about trusted devices">
47
+ <i class="fas fa-info-circle"></i>
48
+ </button>
45
49
  </div>
46
50
 
47
51
  <button type="submit" class="btn-login" id="loginButton">
@@ -50,10 +54,10 @@
50
54
 
51
55
  <p class="terms-info">
52
56
  By logging in, you agree to our
53
- <a href="https://mbktech.org/PrivacyPolicy" target="_blank" class="terms-link">Terms &
57
+ <a href="https://mbktech.org/PrivacyPolicy" target="_blank" rel="noopener noreferrer" class="terms-link">Terms &
54
58
  Conditions</a>
55
59
  and
56
- <a href="https://mbktech.org/PrivacyPolicy" target="_blank" class="terms-link">Privacy Policy</a>.
60
+ <a href="https://mbktech.org/PrivacyPolicy" target="_blank" rel="noopener noreferrer" class="terms-link">Privacy Policy</a>.
57
61
  </p>
58
62
  </form>
59
63
  </div>
package/views/pages/loginmbkauthe.handlebars CHANGED
@@ -97,20 +97,18 @@
97
97
 
98
98
  <div class="sidebar-actions">
99
99
  {{#if githubLoginEnabled }}
100
- <a type="button" id="githubLoginBtn" class="btn-social btn-switch-side last-used-parent">
100
+ <button type="button" id="githubLoginBtn" class="btn-social btn-switch-side last-used-parent">
101
101
  <i class="fab fa-github"></i>
102
102
  <span>Login with GitHub</span>
103
- {{#if lastLoginGithub}}<span class="last-used-badge" aria-hidden="true"
104
- title="Last used">Last</span>{{/if}}
105
- </a>
103
+ {{#if lastLoginGithub}}<span class="last-used-badge" aria-hidden="true" title="Last used">Last</span>{{/if}}
104
+ </button>
106
105
  {{/if}}
107
106
  {{#if googleLoginEnabled }}
108
- <a type="button" id="googleLoginBtn" class="btn-social btn-google-side last-used-parent">
107
+ <button type="button" id="googleLoginBtn" class="btn-social btn-google-side last-used-parent">
109
108
  <i class="fab fa-google"></i>
110
109
  <span>Login with Google</span>
111
- {{#if lastLoginGoogle}}<span class="last-used-badge" aria-hidden="true"
112
- title="Last used">Last</span>{{/if}}
113
- </a>
110
+ {{#if lastLoginGoogle}}<span class="last-used-badge" aria-hidden="true" title="Last used">Last</span>{{/if}}
111
+ </button>
114
112
  {{/if}}
115
113
  <a href="/mbkauthe/accounts" id="switchacc" class="btn-social btn-switch-side">
116
114
  <i class="fa fa-user-group"></i>
@@ -119,10 +117,10 @@
119
117
  </div>
120
118
 
121
119
  <div class="sidebar-links">
122
- <a href="https://portal.mbktech.org/forgot-password" class="sidebar-link">
120
+ <a href="https://portal.mbktech.org/forgot-password" class="sidebar-link" rel="noopener noreferrer">
123
121
  <i class="fas fa-key"></i> Forgot Password?
124
122
  </a>
125
- <a href="https://mbktech.org/Support" target="_blank" class="sidebar-link">
123
+ <a href="https://mbktech.org/Support" target="_blank" rel="noopener noreferrer" class="sidebar-link">
126
124
  <i class="fas fa-life-ring"></i> Need Help?
127
125
  </a>
128
126
  </div>
@@ -133,6 +131,18 @@
133
131
  <div class="login-main">
134
132
  <h1 class="login-title">Login</h1>
135
133
 
134
+ {{#if showLoggedOutMessage}}
135
+ <div class="WarningboxInfo" style="margin-bottom: 20px; border-left-color: #ff3b30;">
136
+ <strong>Authentication Required</strong>
137
+ <div>You have been redirected here because you are not logged in or your session has expired. Please log in to continue.</div>
138
+ {{#if redirectTarget}}
139
+ <div style="margin-top: 10px; font-size: 0.9em; opacity: 0.9;">
140
+ <strong>Attempted URL:</strong> <code>{{redirectTarget}}</code>
141
+ </div>
142
+ {{/if}}
143
+ </div>
144
+ {{/if}}
145
+
136
146
  <form id="loginForm" method="POST" class="login-form">
137
147
  <input type="hidden" name="_csrf" value="{{csrfToken}}">
138
148
  <div class="form-group">
@@ -141,14 +151,18 @@
141
151
  title="Username must contain lowercase letters, numbers, and periods only, no spaces, no special characters."
142
152
  oninput="this.value = this.value.toLowerCase().replace(/[^a-z0-9.]/g, '')" />
143
153
  <label class="form-label">Username</label>
144
- <i class="fas fa-info-circle input-icon" onclick="usernameinfo()"></i>
154
+ <button type="button" class="icon-button input-icon" onclick="usernameinfo()" aria-label="What is my username?">
155
+ <i class="fas fa-info-circle"></i>
156
+ </button>
145
157
  </div>
146
158
 
147
159
  <div class="form-group">
148
160
  <input id="loginPassword" class="form-input" type="password" name="Password" placeholder=""
149
161
  required minlength="8" title="Password must be at least 8 characters long" />
150
162
  <label class="form-label">Password</label>
151
- <i class="fas fa-eye input-icon" id="togglePassword"></i>
163
+ <button type="button" class="icon-button input-icon" id="togglePassword" aria-label="Show password">
164
+ <i class="fas fa-eye"></i>
165
+ </button>
152
166
  </div>
153
167
 
154
168
  <div class="form-row-split">
@@ -185,18 +199,18 @@
185
199
  <span>or</span>
186
200
  </div>
187
201
  <div class="social-icons-row">
188
- <a type="button" class="swi s mobile-github-btn last-used-parent"
189
- title="Login with GitHub">
202
+ <button type="button" class="swi s mobile-github-btn last-used-parent"
203
+ title="Login with GitHub" aria-label="Login with GitHub">
190
204
  <i class="fab fa-github"></i>
191
205
  {{#if lastLoginGithub}}<span class="last-used-badge" aria-hidden="true"
192
206
  title="Last used">Last</span>{{/if}}
193
- </a>
194
- <a type="button" class="swi s mobile-google-btn last-used-parent"
195
- title="Login with Google">
207
+ </button>
208
+ <button type="button" class="swi s mobile-google-btn last-used-parent"
209
+ title="Login with Google" aria-label="Login with Google">
196
210
  <i class="fab fa-google"></i>
197
211
  {{#if lastLoginGoogle}}<span class="last-used-badge" aria-hidden="true"
198
212
  title="Last used">Last</span>{{/if}}
199
- </a>
213
+ </button>
200
214
  </div>
201
215
  </div>
202
216
  {{/if}}
@@ -219,10 +233,10 @@
219
233
 
220
234
  <p class="terms-info">
221
235
  By logging in, you agree to our
222
- <a href="https://mbktech.org/PrivacyPolicy" target="_blank" class="terms-link">Terms &
236
+ <a href="https://mbktech.org/PrivacyPolicy" target="_blank" rel="noopener noreferrer" class="terms-link">Terms &
223
237
  Conditions</a>
224
238
  and
225
- <a href="https://mbktech.org/PrivacyPolicy" target="_blank" class="terms-link">Privacy
239
+ <a href="https://mbktech.org/PrivacyPolicy" target="_blank" rel="noopener noreferrer" class="terms-link">Privacy
226
240
  Policy</a>.
227
241
  </p>
228
242
  </form>
@@ -238,21 +252,23 @@
238
252
  // Toggle password visibility
239
253
  const togglePassword = document.getElementById('togglePassword');
240
254
  const passwordInput = document.getElementById('loginPassword');
255
+ const togglePasswordIcon = togglePassword.querySelector('i');
241
256
 
242
257
  togglePassword.addEventListener('click', function () {
243
258
  const type = passwordInput.getAttribute('type') === 'password' ? 'text' : 'password';
244
259
  passwordInput.setAttribute('type', type);
245
- togglePassword.classList.toggle('fa-eye');
246
- togglePassword.classList.toggle('fa-eye-slash');
260
+ togglePassword.setAttribute('aria-label', type === 'password' ? 'Show password' : 'Hide password');
261
+ togglePasswordIcon.classList.toggle('fa-eye');
262
+ togglePasswordIcon.classList.toggle('fa-eye-slash');
247
263
  });
248
264
 
249
265
  function fpass() {
250
- showMessage(`If you have forgotten your password, please contact support at <a href="https://mbktech.org/Support" target="_blank">https://mbktech.org/Support</a> to reset it.`, `Forgot Password`);
266
+ showMessage(`If you have forgotten your password, please contact support at <a href="https://mbktech.org/Support" target="_blank" rel="noopener noreferrer">https://mbktech.org/Support</a> to reset it.`, `Forgot Password`);
251
267
  }
252
268
 
253
269
  // Info dialogs
254
270
  function usernameinfo() {
255
- showMessage(`Your username is the part of your MBKTech.org email before the @ (e.g., abc.xyz@mbktech.org → abc.xyz). For guests or if you’ve forgotten your credentials, contact <a href="https://mbktech.org/Support">Support</a>.`, `What is my username?`);
271
+ showMessage(`Your username is the part of your MBKTech.org email before the @ (e.g., abc.xyz@mbktech.org → abc.xyz). For guests or if you’ve forgotten your credentials, contact <a href="https://mbktech.org/Support" rel="noopener noreferrer">Support</a>.`, `What is my username?`);
256
272
  }
257
273
 
258
274
  function tokeninfo() {
@@ -284,7 +300,8 @@
284
300
  loginButtonText.textContent = 'Authenticating...';
285
301
 
286
302
  // Pass redirect query param through to server so it can be used by 2FA flow
287
- const pageRedirect = new URLSearchParams(window.location.search).get('redirect');
303
+ const urlParams = new URLSearchParams(window.location.search);
304
+ const pageRedirect = urlParams.get('redirect');
288
305
  fetch('/mbkauthe/api/login', {
289
306
  method: 'POST',
290
307
  credentials: 'include',
package/views/showmessage.handlebars CHANGED
@@ -10,14 +10,14 @@
10
10
 
11
11
  <div class="messageBody">
12
12
  <p id="messageContent"></p>
13
- <a href="#" target="_blank" class="errorCodeBadge is-hidden" id="errorCodeLink">
13
+ <a href="#" target="_blank" rel="noopener noreferrer" class="errorCodeBadge is-hidden" id="errorCodeLink">
14
14
  <i class="fas fa-bug"></i>
15
15
  <span id="errorCodeText"></span>
16
16
  </a>
17
17
  </div>
18
18
 
19
19
  <div class="messageFooter">
20
- <button class="btn-message-action" onclick="hideMessage()">Okay</button>
20
+ <button type="button" class="btn-message-action" onclick="hideMessage()">Okay</button>
21
21
  </div>
22
22
  </div>
23
23
  </div>