cccc70338d
El prefijo venía del nombre de la app Django (`home`), jubilada y borrada hoy, así que ya no significaba nada: home_stripelog -> stripelog. La BD se sigue llamando django_wow por historia (renombrarla es otra operación). Comprobado antes de tocar nada: 0 colisiones con nombres existentes, 0 palabras reservadas (contrastado contra las 260 de MySQL), sin vistas ni triggers que dependieran de ellas. El RENAME va en una sola sentencia porque así es atómico, y MySQL reapunta solo las 4 claves ajenas entre estas tablas. 170 referencias actualizadas en 37 ficheros. Se dejó a propósito sql/drop_home_securitytoken_authuser_fk.sql sin tocar: es una migración ya aplicada y reescribirla sería falsear el historial. De paso salió un fallo previo: prices.ts consultaba `home_restoreitemprice`, una tabla que NO existe. El try/catch de priceFrom se comía el error y devolvía siempre el precio por defecto, así que el precio de restaurar objetos nunca fue configurable. Se deja documentado en el código; crear la tabla es otra decisión. Verificado tras aplicar: 0 tablas home_, las 51 siguen ahí, y el conteo exacto de filas cuadra con el volcado previo (store_item 3068, item_data 44873, stripelog 35, store_order 26, noticia 50). La web responde 200 en todas las rutas y la portada carga las noticias sin errores. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
113 lines
4.4 KiB
TypeScript
113 lines
4.4 KiB
TypeScript
import crypto from 'node:crypto'
|
|
import type { ResultSetHeader, RowDataPacket } from 'mysql2'
|
|
import { db, DB } from './db'
|
|
import { normalizeEmail, bnetMakeRegistration, gameMakeRegistration, makeGameAccountUsername } from './bnet'
|
|
import { sendMail } from './mail'
|
|
import { activationEmailHtml } from './emails'
|
|
|
|
const GMAIL_RE = /^[a-zA-Z0-9._%+-]+@gmail\.com$/
|
|
|
|
export interface RegisterInput {
|
|
password: string
|
|
confPassword: string
|
|
email: string
|
|
confEmail: string
|
|
recruiter?: string
|
|
}
|
|
|
|
export interface Result {
|
|
success: boolean
|
|
error?: string
|
|
}
|
|
|
|
export async function registerAccount(input: RegisterInput): Promise<Result> {
|
|
const password = (input.password || '').trim()
|
|
const confPassword = (input.confPassword || '').trim()
|
|
const email = (input.email || '').trim()
|
|
const confEmail = (input.confEmail || '').trim()
|
|
const recruiter = (input.recruiter || '').trim()
|
|
|
|
if (!password || !email) return { success: false, error: 'missingFields' }
|
|
if (password !== confPassword) return { success: false, error: 'passwordMismatch' }
|
|
if (password.length > 16) return { success: false, error: 'passwordTooLong' }
|
|
if (email !== confEmail || !GMAIL_RE.test(email)) return { success: false, error: 'invalidEmail' }
|
|
|
|
// ¿ya existe una cuenta Battle.net con ese email?
|
|
try {
|
|
const [rows] = await db(DB.auth).query<RowDataPacket[]>(
|
|
'SELECT COUNT(*) AS n FROM battlenet_accounts WHERE email = ?',
|
|
[normalizeEmail(email)],
|
|
)
|
|
if (Number(rows[0]?.n ?? 0) > 0) return { success: false, error: 'emailExists' }
|
|
} catch {
|
|
// BD de cuentas no disponible en dev: continuamos.
|
|
}
|
|
|
|
// Borrar cualquier activación de registro pendiente para ese email
|
|
await db(DB.default).query('DELETE FROM accountactivation WHERE email = ? AND old_email IS NULL', [email])
|
|
|
|
// Reclutador opcional
|
|
let recruiterId = 0
|
|
if (recruiter) {
|
|
try {
|
|
const [a] = await db(DB.auth).query<RowDataPacket[]>('SELECT id FROM account WHERE username = ?', [recruiter])
|
|
if (a[0]) {
|
|
recruiterId = a[0].id
|
|
} else {
|
|
const [c] = await db(DB.characters).query<RowDataPacket[]>(
|
|
'SELECT account FROM characters WHERE name = ?',
|
|
[recruiter],
|
|
)
|
|
if (c[0]) recruiterId = c[0].account
|
|
else return { success: false, error: 'recruiterNotFound' }
|
|
}
|
|
} catch {
|
|
return { success: false, error: 'recruiterNotFound' }
|
|
}
|
|
}
|
|
|
|
const hash = crypto.randomBytes(16).toString('hex') // 32 hex chars (col hash = CharField(32))
|
|
await db(DB.default).query(
|
|
'INSERT INTO accountactivation (email, password, recruiter_id, hash, created_at, is_used, is_new_email_used) VALUES (?, ?, ?, ?, NOW(), 0, 0)',
|
|
[email, password, recruiterId, hash],
|
|
)
|
|
|
|
const link = `${process.env.SITE_URL}/activate-account?act=${hash}`
|
|
await sendMail(email, `Activación de la cuenta ${email} - Nova WoW`, activationEmailHtml(email, link))
|
|
|
|
return { success: true }
|
|
}
|
|
|
|
export async function activateAccount(hash: string, lastIp = '0.0.0.0'): Promise<Result> {
|
|
const [rows] = await db(DB.default).query<RowDataPacket[]>(
|
|
'SELECT id, email, password, recruiter_id, created_at FROM accountactivation WHERE hash = ? AND old_email IS NULL',
|
|
[hash],
|
|
)
|
|
const act = rows[0]
|
|
if (!act) return { success: false, error: 'invalidLink' }
|
|
if (Date.now() - new Date(act.created_at).getTime() > 3600_000) return { success: false, error: 'expiredLink' }
|
|
|
|
const emailNorm = normalizeEmail(act.email)
|
|
const password: string = act.password
|
|
|
|
// Cuenta Battle.net (SRP6 v2)
|
|
const bnet = bnetMakeRegistration(emailNorm, password)
|
|
const [bnetRes] = await db(DB.auth).query<ResultSetHeader>(
|
|
'INSERT INTO battlenet_accounts (email, srp_version, salt, verifier) VALUES (?, ?, ?, ?)',
|
|
[emailNorm, bnet.srpVersion, bnet.salt, bnet.verifier],
|
|
)
|
|
const bnetId = bnetRes.insertId
|
|
|
|
// Cuenta de juego (SRP6 Grunt)
|
|
const gameUsername = makeGameAccountUsername(bnetId, 1)
|
|
const game = gameMakeRegistration(gameUsername, password)
|
|
await db(DB.auth).query<ResultSetHeader>(
|
|
'INSERT INTO account (username, salt, verifier, email, reg_mail, recruiter, joindate, last_ip, expansion, battlenet_account, battlenet_index) ' +
|
|
'VALUES (?, ?, ?, ?, ?, ?, NOW(), ?, ?, ?, 1)',
|
|
[gameUsername, game.salt, game.verifier, emailNorm, emailNorm, act.recruiter_id || 0, lastIp, 2, bnetId],
|
|
)
|
|
|
|
await db(DB.default).query('DELETE FROM accountactivation WHERE id = ?', [act.id])
|
|
return { success: true }
|
|
}
|