From 8026164ae49ab0e0f73949bcbeed3de637df2a0e Mon Sep 17 00:00:00 2001
From: Bryan Ashby <bryan@l33t.codes>
Date: Wed, 4 Jan 2023 21:25:33 -0700
Subject: [PATCH] Standardize on _enig prefix for internal routes; update all
 _internal to this prefix

---
 WHATSNEW.md                       |  2 +-
 core/user_2fa_otp_web_register.js | 12 ++++++++----
 core/web_password_reset.js        | 16 ++++++++++------
 3 files changed, 19 insertions(+), 11 deletions(-)

diff --git a/WHATSNEW.md b/WHATSNEW.md
index f91313a6..3efd0752 100644
--- a/WHATSNEW.md
+++ b/WHATSNEW.md
@@ -4,7 +4,7 @@ This document attempts to track **major** changes and additions in ENiGMA½. For
 ## 0.0.14-beta
 * The [Web Server](/docs/_docs/servers/contentservers/web-server.md) has made some possibly breaking changes:
     * `/static/` prefixes are no longer required. This was a ugly hack.
-    * Some internal routes such as those used for password resets live within `/_internal/`.
+    * Some internal routes such as those used for password resets live within `/_enig/`.
     * Routes for the file base now default to `/_f/` prefixed instead of just `/f/`. If `/f/` is in your `config.hjson` you are encouraged to update it!
     * Finally, the system will search for `index.html` and `index.htm` in that order, if another suitable route cannot be established.
 
diff --git a/core/user_2fa_otp_web_register.js b/core/user_2fa_otp_web_register.js
index edae1d5b..27944a5c 100644
--- a/core/user_2fa_otp_web_register.js
+++ b/core/user_2fa_otp_web_register.js
@@ -5,6 +5,7 @@
 const Config = require('./config.js').get;
 const getServer = require('./listening_server.js').getServer;
 const webServerPackageName = require('./servers/content/web.js').moduleInfo.packageName;
+const { WellKnownLocations } = require('./servers/content/web');
 const {
     createToken,
     deleteToken,
@@ -76,7 +77,8 @@ module.exports = class User2FA_OTPWebRegister {
                 (token, textTemplate, htmlTemplate, callback) => {
                     const webServer = getWebServer();
                     const registerUrl = webServer.instance.buildUrl(
-                        `/_internal/enable_2fa_otp?token=${token}&otpType=${otpType}`
+                        WellKnownLocations.Internal +
+                            `/2fa/enable_2fa_otp?token=${token}&otpType=${otpType}`
                     );
 
                     const replaceTokens = s => {
@@ -170,7 +172,9 @@ module.exports = class User2FA_OTPWebRegister {
                     return User2FA_OTPWebRegister.accessDenied(webServer, resp);
                 }
 
-                const postUrl = webServer.instance.buildUrl('/_internal/enable_2fa_otp');
+                const postUrl = webServer.instance.buildUrl(
+                    WellKnownLocations.Internal + '/2fa/enable_2fa_otp'
+                );
                 const config = Config();
                 return webServer.instance.routeTemplateFilePage(
                     _.get(config, 'users.twoFactorAuth.otp.registerPageTemplate'),
@@ -296,12 +300,12 @@ ${backupCodes}
         [
             {
                 method: 'GET',
-                path: /^\/_internal\/enable_2fa_otp\?token=[a-f0-9]+&otpType=[a-zA-Z0-9_]+$/,
+                path: /^\/_enig\/2fa\/enable_2fa_otp\?token=[a-f0-9]+&otpType=[a-zA-Z0-9_]+$/,
                 handler: User2FA_OTPWebRegister.routeRegisterGet,
             },
             {
                 method: 'POST',
-                path: /^\/_internal\/enable_2fa_otp$/,
+                path: /^\/_enig\/2fa\/enable_2fa_otp$/,
                 handler: User2FA_OTPWebRegister.routeRegisterPost,
             },
         ].forEach(r => {
diff --git a/core/web_password_reset.js b/core/web_password_reset.js
index dbc4f88d..a1b46bf1 100644
--- a/core/web_password_reset.js
+++ b/core/web_password_reset.js
@@ -6,6 +6,7 @@ const Config = require('./config.js').get;
 const Errors = require('./enig_error.js').Errors;
 const getServer = require('./listening_server.js').getServer;
 const webServerPackageName = require('./servers/content/web.js').moduleInfo.packageName;
+const { WellKnownLocations } = require('./servers/content/web');
 const User = require('./user.js');
 const userDb = require('./database.js').dbs.user;
 const getISOTimestampString = require('./database.js').getISOTimestampString;
@@ -121,9 +122,10 @@ class WebPasswordReset {
                     const sendMail = require('./email.js').sendMail;
 
                     const resetUrl = webServer.instance.buildUrl(
-                        `/_internal/reset_password?token=${
-                            user.properties[UserProps.EmailPwResetToken]
-                        }`
+                        WellKnownLocations.Internal +
+                            `/sec/reset_password?token=${
+                                user.properties[UserProps.EmailPwResetToken]
+                            }`
                     );
 
                     function replaceTokens(s) {
@@ -194,13 +196,13 @@ class WebPasswordReset {
             {
                 //  this is the page displayed to user when they GET it
                 method: 'GET',
-                path: /^\/_internal\/reset_password\?token=[a-f0-9]+$/,
+                path: /^\/_enig\/sec\/reset_password\?token=[a-f0-9]+$/,
                 handler: WebPasswordReset.routeResetPasswordGet,
             },
             //  POST handler for performing the actual reset
             {
                 method: 'POST',
-                path: /^\/_internal\/reset_password$/,
+                path: /^\/_enig\/sec\/reset_password$/,
                 handler: WebPasswordReset.routeResetPasswordPost,
             },
         ].forEach(r => {
@@ -269,7 +271,9 @@ class WebPasswordReset {
                 );
             }
 
-            const postResetUrl = webServer.instance.buildUrl('/_internal/reset_password');
+            const postResetUrl = webServer.instance.buildUrl(
+                WellKnownLocations.Internal + '/sec/reset_password'
+            );
 
             const config = Config();
             return webServer.instance.routeTemplateFilePage(