From fd7fc1adbfc19e1b75865a409e2bf8438f14b6aa Mon Sep 17 00:00:00 2001 From: Thomas Lynch Date: Thu, 11 Aug 2022 01:03:22 +1000 Subject: [PATCH] Close #470 ability to renew an existing bypass, which is slightly useful if you allow long living bypasses --- db/bypass.js | 9 +++++++-- models/forms/blockbypass.js | 5 +++-- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/db/bypass.js b/db/bypass.js index a9ced9a5..630760e1 100644 --- a/db/bypass.js +++ b/db/bypass.js @@ -29,10 +29,15 @@ module.exports = { 'anonymizer': anonymizer, 'expireAt': new Date(Date.now() + blockBypass.expireAfterTime) }; - if (anonymizer === true && id !== null) { + if (id !== null) { newBypass._id = Mongo.ObjectId(id); + return db.replaceOne({ + _id: newBypass._id + }, newBypass, { + upsert: true, + }); } - return db.insertOne(newBypass); + return db.insertOne(newBypass); }, deleteAll: () => { diff --git a/models/forms/blockbypass.js b/models/forms/blockbypass.js index 16bce877..14d9619d 100644 --- a/models/forms/blockbypass.js +++ b/models/forms/blockbypass.js @@ -8,8 +8,9 @@ const { Bypass } = require(__dirname+'/../../db/') module.exports = async (req, res) => { const { secureCookies, blockBypass } = config.get; - const bypass = await Bypass.getBypass(res.locals.anonymizer, res.locals.pseudoIp, blockBypass.expireAfterUses); - const bypassId = bypass.insertedId; + const existingBypassId = req.signedCookies.bypassid || res.locals.pseudoIp; + const bypass = await Bypass.getBypass(res.locals.anonymizer, existingBypassId, blockBypass.expireAfterUses); + const bypassId = bypass.insertedId || existingBypassId; // if upserted, insertedId will be null, and will be the existingId res.locals.blockBypass = true; res.cookie('bypassid', bypassId.toString(), {