From d108690dcc85f8d8dc546e7e5dd0a5131672df44 Mon Sep 17 00:00:00 2001 From: Tiago Evangelista Pinto Date: Mon, 13 Feb 2023 23:28:07 -0300 Subject: [PATCH 1/2] [FIX] Bypassing 2FA on email verification (#647) --- apps/meteor/app/2fa/server/loginHandler.ts | 6 +++++- apps/meteor/app/ui/client/lib/accounts.js | 5 ++--- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/apps/meteor/app/2fa/server/loginHandler.ts b/apps/meteor/app/2fa/server/loginHandler.ts index 8535dfa4f3d22..ebce387299c4e 100644 --- a/apps/meteor/app/2fa/server/loginHandler.ts +++ b/apps/meteor/app/2fa/server/loginHandler.ts @@ -26,7 +26,11 @@ Accounts.registerLoginHandler('totp', function (options) { callbacks.add( 'onValidateLogin', (login) => { - if (login.type === 'resume' || login.type === 'proxy' || login.methodName === 'verifyEmail') { + if (login.methodName === 'verifyEmail') { + throw new Meteor.Error('verify-email', 'E-mail verified'); + } + + if (login.type === 'resume' || login.type === 'proxy') { return login; } // CAS login doesn't yet support 2FA. diff --git a/apps/meteor/app/ui/client/lib/accounts.js b/apps/meteor/app/ui/client/lib/accounts.js index ecb719bc7c58b..7ec6fbdb83800 100644 --- a/apps/meteor/app/ui/client/lib/accounts.js +++ b/apps/meteor/app/ui/client/lib/accounts.js @@ -4,14 +4,13 @@ import { Accounts } from 'meteor/accounts-base'; import { t } from '../../../utils'; import { dispatchToastMessage } from '../../../../client/lib/toast'; -Accounts.onEmailVerificationLink(function (token, done) { +Accounts.onEmailVerificationLink(function (token) { Accounts.verifyEmail(token, function (error) { - if (error == null) { + if (error.error === 'verify-email') { dispatchToastMessage({ type: 'success', message: t('Email_verified') }); Meteor.call('afterVerifyEmail'); } else { dispatchToastMessage({ type: 'error', message: error.message }); } - return done(); }); }); From 383b6ceb173b2ad8bec91f8b6af45d074dc48ac0 Mon Sep 17 00:00:00 2001 From: Tiago Evangelista Pinto Date: Mon, 13 Feb 2023 23:30:49 -0300 Subject: [PATCH 2/2] [FIX] NoSQL injection in listEmojiCustom Meteor method (#643) --- .../server/methods/listEmojiCustom.js | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/apps/meteor/app/emoji-custom/server/methods/listEmojiCustom.js b/apps/meteor/app/emoji-custom/server/methods/listEmojiCustom.js index a4fd124abe911..b553e5b398e43 100644 --- a/apps/meteor/app/emoji-custom/server/methods/listEmojiCustom.js +++ b/apps/meteor/app/emoji-custom/server/methods/listEmojiCustom.js @@ -1,8 +1,30 @@ import { Meteor } from 'meteor/meteor'; import { EmojiCustom } from '@rocket.chat/models'; +import { check, Match } from 'meteor/check'; + +import { methodDeprecationLogger } from '../../../lib/server/lib/deprecationWarningLogger'; + +/** + * @deprecated Will be removed in future versions. + */ Meteor.methods({ async listEmojiCustom(options = {}) { + methodDeprecationLogger.warn('listEmojiCustom will be removed in future versions of Rocket.Chat'); + + const user = Meteor.user(); + + if (!user) { + throw new Meteor.Error('error-invalid-user', 'Invalid user', { + method: 'listEmojiCustom', + }); + } + + check(options, { + name: Match.Optional(String), + aliases: Match.Optional([String]), + }); + return EmojiCustom.find(options).toArray(); }, });