Files
wehub-resource-sync e115934061
Publish `@librechat/data-schemas` to NPM / pack (push) Failing after 8s
Publish `@librechat/client` to NPM / pack (push) Failing after 0s
GitNexus Index / index (push) Failing after 1s
Sync Locize Translations & Create Translation PR / Create Translation PR on Version Published (push) Has been skipped
Sync Helm Chart Tags / Sync chart tags (push) Failing after 2s
Publish `librechat-data-provider` to NPM / pack (push) Failing after 1s
Docker Dev Images Build / build (Dockerfile, librechat-dev, node) (push) Failing after 1s
Docker Dev Images Build / build (Dockerfile.multi, librechat-dev-api, api-build) (push) Failing after 0s
Sync Helm Chart Tags / Ignore non-main push (push) Has been skipped
Sync Locize Translations & Create Translation PR / Sync Translation Keys with Locize (push) Failing after 1s
Publish `@librechat/client` to NPM / publish-npm (push) Has been cancelled
Publish `librechat-data-provider` to NPM / publish-npm (push) Has been cancelled
GitNexus Index / post-index (push) Has been cancelled
Publish `@librechat/data-schemas` to NPM / publish-npm (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 12:08:12 +08:00

105 lines
3.2 KiB
JavaScript

const express = require('express');
const { createSetBalanceConfig, forceRefreshCloudFrontAuthCookies } = require('@librechat/api');
const {
resetPasswordRequestController,
resetPasswordController,
registrationController,
graphTokenController,
refreshController,
} = require('~/server/controllers/AuthController');
const {
regenerateBackupCodes,
disable2FA,
confirm2FA,
enable2FA,
verify2FA,
} = require('~/server/controllers/TwoFactorController');
const { verify2FAWithTempToken } = require('~/server/controllers/auth/TwoFactorAuthController');
const { logoutController } = require('~/server/controllers/auth/LogoutController');
const { loginController } = require('~/server/controllers/auth/LoginController');
const { findBalanceByUser, upsertBalanceFields } = require('~/models');
const { getAppConfig } = require('~/server/services/Config');
const middleware = require('~/server/middleware');
const setBalanceConfig = createSetBalanceConfig({
getAppConfig,
findBalanceByUser,
upsertBalanceFields,
});
const router = express.Router();
const getCloudFrontAuthCookieRefreshResult = (req, res) => {
const warmedResult = req.cloudFrontAuthCookieRefreshResult;
if (warmedResult && (warmedResult.attempted || !warmedResult.enabled)) {
return warmedResult;
}
return forceRefreshCloudFrontAuthCookies(req, res, req.user);
};
const ldapAuth = !!process.env.LDAP_URL && !!process.env.LDAP_USER_SEARCH_BASE;
//Local
router.post('/logout', middleware.requireJwtAuth, logoutController);
router.post(
'/login',
middleware.logHeaders,
middleware.loginLimiter,
middleware.checkBan,
ldapAuth ? middleware.requireLdapAuth : middleware.requireLocalAuth,
setBalanceConfig,
loginController,
);
router.post('/refresh', refreshController);
router.post('/cloudfront/refresh', middleware.requireJwtAuth, (req, res) => {
const result = getCloudFrontAuthCookieRefreshResult(req, res);
if (!result.enabled) {
return res.sendStatus(404);
}
const status = result.refreshed ? 200 : 500;
return res.status(status).json({
ok: result.refreshed,
expiresInSec: result.expiresInSec,
refreshAfterSec: result.refreshAfterSec,
});
});
router.post(
'/register',
middleware.registerLimiter,
middleware.checkBan,
middleware.checkInviteUser,
middleware.validateRegistration,
registrationController,
);
router.post(
'/requestPasswordReset',
middleware.resetPasswordLimiter,
middleware.checkBan,
middleware.validatePasswordReset,
resetPasswordRequestController,
);
router.post(
'/resetPassword',
middleware.resetPasswordSubmissionLimiter,
middleware.checkBan,
middleware.validatePasswordReset,
resetPasswordController,
);
router.post('/2fa/enable', middleware.requireJwtAuth, enable2FA);
router.post('/2fa/verify', middleware.requireJwtAuth, verify2FA);
router.post(
'/2fa/verify-temp',
middleware.setTwoFactorTempUser,
middleware.twoFactorTempLimiter,
middleware.checkBan,
verify2FAWithTempToken,
);
router.post('/2fa/confirm', middleware.requireJwtAuth, confirm2FA);
router.post('/2fa/disable', middleware.requireJwtAuth, disable2FA);
router.post('/2fa/backup/regenerate', middleware.requireJwtAuth, regenerateBackupCodes);
router.get('/graph-token', middleware.requireJwtAuth, graphTokenController);
module.exports = router;