backend: Refactor authentication logic to retrieve user credentials from UserService

2025-03-26 12:41:11 +01:00 · 2025-03-26 12:41:11 +01:00 · 6bd19d1708
commit 6bd19d1708
parent 6725330a7a
2 changed files with 21 additions and 37 deletions
--- a/backend/src/services/auth.service.ts
+++ b/backend/src/services/auth.service.ts
@ -1,9 +1,10 @@
 import { MEET_ADMIN_SECRET, MEET_ADMIN_USER } from '../environment.js';
 import { inject, injectable } from '../config/dependency-injector.config.js';
-import { AuthMode, AuthType, SingleUserAuth, User, ValidAuthMethod } from '@typings-ce';
+import { User } from '@typings-ce';
 import { UserService } from './user.service.js';
 import { GlobalPreferencesService } from './preferences/global-preferences.service.js';
 import { LoggerService } from './logger.service.js';
 import { PasswordHelper } from '../helpers/password.helper.js';
@injectable()
 export class AuthService {
@ -29,29 +30,13 @@ export class AuthService {
 	}
 	private async authenticateUser(username: string, password: string): Promise<boolean> {
-		let requireAuthForRoomCreation: boolean;
+		const userCredentials = await this.userService.getStoredUserCredentials();
 		let authMode: AuthMode;
 		let authMethod: ValidAuthMethod;
-		try {
+		if (!userCredentials) {
 			const { securityPreferences } = await this.globalPrefService.getGlobalPreferences();
 			requireAuthForRoomCreation = securityPreferences.roomCreationPolicy.requireAuthentication;
 			({ authMode, method: authMethod } = securityPreferences.authentication);
 		} catch (error) {
 			this.logger.error('Error checking authentication preferences:' + error);
 			return false;
 		}
-		if (requireAuthForRoomCreation || authMode !== AuthMode.NONE) {
+		const isPasswordValid = await PasswordHelper.verifyPassword(password, userCredentials.passwordHash);
-			if (authMethod.type !== AuthType.SINGLE_USER) {
+		return username === userCredentials.username && isPasswordValid;
 				return false;
 			}
 			const { username: configuredUsername, passwordHash: configurePassword } = (authMethod as SingleUserAuth)
 				.credentials;
 			return username === configuredUsername && password === configurePassword;
 		}
 		return false;
 	}
 }
--- a/backend/src/services/user.service.ts
+++ b/backend/src/services/user.service.ts
@ -1,6 +1,6 @@
 import { MEET_ADMIN_USER } from '../environment.js';
 import { inject, injectable } from '../config/dependency-injector.config.js';
-import { AuthType, UserRole, SingleUserAuth, User } from '@typings-ce';
+import { UserRole, SingleUserAuth, User, SingleUserCredentials } from '@typings-ce';
 import { LoggerService } from './logger.service.js';
 import { GlobalPreferencesService } from './preferences/global-preferences.service.js';
@ -19,27 +19,26 @@ export class UserService {
 			};
 		}
-		let configuredUsername: string | undefined;
+		const userCredentials = await this.getStoredUserCredentials();
-		try {
+		if (userCredentials && username === userCredentials.username) {
 			const { securityPreferences } = await this.globalPrefService.getGlobalPreferences();
 			const method = securityPreferences.authentication.method;
 			if (method.type === AuthType.SINGLE_USER) {
 				configuredUsername = (method as SingleUserAuth).credentials.username;
 			}
 		} catch (error) {
 			this.logger.error('Error checking room creation policy:' + error);
 			return null;
 		}
 		if (username === configuredUsername) {
 			return {
-				username: configuredUsername,
+				username,
 				role: UserRole.USER
 			};
 		}
 		return null;
 	}
 	async getStoredUserCredentials(): Promise<SingleUserCredentials | null> {
 		try {
 			const { securityPreferences } = await this.globalPrefService.getGlobalPreferences();
 			const { method: authMethod } = securityPreferences.authentication;
 			return (authMethod as SingleUserAuth).credentials;
 		} catch (error) {
 			this.logger.error('Error getting stored user credentials:' + error);
 			return null;
 		}
 	}
 }