From daeb08341b700dee93523a4c08e4b35505e6c515 Mon Sep 17 00:00:00 2001
From: MrFry <mrfry@airmail.cc>
Date: Fri, 3 Apr 2020 17:14:34 +0200
Subject: [PATCH] Added basic auth

---
 stable.user.js | 124 ++++++++++++++++++++++++++++++++++++++++---------
 1 file changed, 103 insertions(+), 21 deletions(-)

diff --git a/stable.user.js b/stable.user.js
index 7248d80..9459c8e 100755
--- a/stable.user.js
+++ b/stable.user.js
@@ -61,8 +61,8 @@
   var addEventListener // add event listener function
   const serverAdress = 'https://qmining.frylabs.net/'
   // const serverAdress = 'http://localhost:8080/'
-  const apiAdress = 'https://api.frylabs.net/'
-  // const apiAdress = 'http://localhost:8080/'
+  // const apiAdress = 'https://api.frylabs.net/'
+  const apiAdress = 'http://localhost:8080/'
   const ircAddress = 'https://kiwiirc.com/nextclient/irc.sub.fm/#qmining'
 
   // forcing pages for testing. unless you test, do not set these to true!
@@ -74,7 +74,8 @@
   const log = true
 
   const motdShowCount = 3 /* Ammount of times to show motd */
-  const infoExpireTime = 60 // Every n seconds basic info should be loaded from server
+  // TODO: set to 60
+  const infoExpireTime = 1 // Every n seconds basic info should be loaded from server
   var motd = ''
   var lastestVersion = ''
   var subjInfo
@@ -96,9 +97,11 @@
     passiveTooltip: 'Ha erre kattintasz akkor a script átálítja a neptunban a hallgatói státuszod passzívra',
     retry: 'Újrapróbálás',
     ircButton: 'IRC',
+    invalidPW: 'Hibás jelszó: ',
     search: 'Keresés ...',
     loading: 'Betöltés ...',
     noServer: 'Nem elérhető a szerver!',
+    noUser: 'Nem vagy bejelentkezve!',
     passiveModeActivated: 'Passzív mód bekapcsolva, nem lesz mostantól a szerver piszkálva',
     passiveModeDeactivated: 'Passzív mód kikapcsolva, frissíts az érvénybe lépéshez!',
     passiveMode: 'Passzív mód',
@@ -728,9 +731,30 @@
     }
   }
 
+  function Auth (pw) {
+    SendXHRMessage('login', { pw: pw, script: true })
+      .then((res) => {
+        if (res.result === 'success') {
+          setVal('sessionID', res.sessionID)
+          ConnectToServer(AfterLoad)
+          ClearAllMessages()
+          setPassiveButtonState(false)
+        } else {
+          SafeGetElementById('infoMainDiv', (elem) => {
+            elem.innerText = texts.invalidPW + pw
+          })
+        }
+      })
+  }
+
   function ConnectToServer (cwith) {
+    setVal('sessionID', 'gfdgkldf')
     ClearAllMessages()
     GetXHRInfos().then((inf) => {
+      if (inf.result === 'nouser') {
+        NoUserAction()
+        return
+      }
       lastestVersion = inf.version
       motd = inf.motd
       subjInfo = inf.subjinfo
@@ -742,6 +766,18 @@
     })
   }
 
+  function NoUserAction () {
+    SafeGetElementById('menuButtonDiv', (elem) => {
+      elem.style.backgroundColor = 'red'
+    })
+    SafeGetElementById('infoMainDiv', (elem) => {
+      elem.innerText = texts.noUser
+    })
+    SafeGetElementById('loginDiv', (elem) => {
+      elem.style.display = ''
+    })
+  }
+
   function NoServerAction () {
     SafeGetElementById('menuButtonDiv', (elem) => {
       elem.style.backgroundColor = 'red'
@@ -1019,7 +1055,7 @@
         sentData.id = GetId()
         sentData.quiz = quiz
         console.log('SENT DATA', sentData)
-        SendXHRMessage(JSON.stringify(sentData)).then((res) => {
+        SendXHRMessage('isAdding', sentData).then((res) => {
           next(res.success, sentData, res.newQuestions)
         })
       } catch (e) {
@@ -1427,7 +1463,7 @@
       SetStyle(menuButtonDiv, {
         // width: buttonWidth + 'px',
         // height: buttonHeight + 'px',
-        top: (window.innerHeight - 90) + 'px',
+        top: (window.innerHeight - 120) + 'px',
         left: '10px',
         zIndex: 999999,
         position: 'fixed',
@@ -1506,6 +1542,26 @@
         margin: '5px'
       })
 
+      // login div ----------------------------------------------------------------------------------------------------------------
+      const loginDiv = document.createElement('div')
+      loginDiv.style.display = 'none'
+      loginDiv.setAttribute('id', 'loginDiv')
+      const loginButton = document.createElement('button')
+      loginButton.innerText = 'Login'
+      const loginInput = document.createElement('input')
+      loginInput.type = 'text'
+
+      loginDiv.appendChild(loginInput)
+      loginDiv.appendChild(loginButton)
+
+      SetStyle(loginButton, buttonStyle)
+
+      loginButton.addEventListener('click', function () {
+        Auth(loginInput.value)
+      })
+
+      ibuttonCell.appendChild(loginDiv)
+
       // irc button ----------------------------------------------------------------------------------------------------------------
       let ircButton = CreateNodeWithText(ibuttonCell, texts.ircButton, 'button')
       SetStyle(ircButton, buttonStyle)
@@ -1542,16 +1598,9 @@
       passiveButton.title = texts.passiveTooltip
       SetStyle(passiveButton, buttonStyle)
 
-      let setPassiveButtonState = (isPassive) => {
-        menuButtonDiv.style.background = '#262626'
-        retryButton.style.display = 'none'
-        ircButton.style.display = 'none'
-        if (!isPassive) {
-          infoDiv.innerText = texts.loading
-        } else {
-          infoDiv.innerText = texts.passiveModeMenuBoxText
-        }
-      }
+      // APPEND EVERYTHING
+      appedtTo.appendChild(menuButtonDiv)
+
       setPassiveButtonState(getVal('skipLoad'))
 
       passiveButton.addEventListener('click', function () {
@@ -1569,13 +1618,35 @@
           ConnectToServer(AfterLoad)
         }
       })
-
-      appedtTo.appendChild(menuButtonDiv)
     } catch (e) {
       Exception(e, 'script error at showing menu:')
     }
   }
 
+  function setPassiveButtonState (isPassive) {
+    SafeGetElementById('menuButtonDiv', (elem) => {
+      elem.style.backgroundColor = '#262626'
+    })
+    SafeGetElementById('ircButton', (elem) => {
+      elem.style.display = 'none'
+    })
+    SafeGetElementById('retryButton', (elem) => {
+      elem.style.display = 'none'
+    })
+    SafeGetElementById('loginDiv', (elem) => {
+      elem.style.display = 'none'
+    })
+    if (!isPassive) {
+      SafeGetElementById('infoMainDiv', (elem) => {
+        elem.innerText = texts.loading
+      })
+    } else {
+      SafeGetElementById('infoMainDiv', (elem) => {
+        elem.innerText = texts.passiveModeMenuBoxText
+      })
+    }
+  }
+
   // : }}}
 
   // : Generic utils {{{
@@ -1628,9 +1699,14 @@
             info().script.version +
             '&cid=' + GetId()
 
+        console.log(getVal('sessionID'))
         xmlhttpRequest({
           method: 'GET',
           url: url,
+          headers: {
+            'Cookie': `sessionID=${getVal('sessionID')}`,
+            'Content-Type': 'application/json'
+          },
           onload: function (response) {
             try {
               setVal('lastInfoCheckTime', now)
@@ -1710,15 +1786,21 @@
     })
   }
 
-  function SendXHRMessage (message) {
-    message = SUtils.RemoveSpecialChars(message)
-    var url = apiAdress + 'isAdding'
+  function SendXHRMessage (path, message) {
+    // message = SUtils.RemoveSpecialChars(message) // TODO: check this
+    if (typeof message === 'object') {
+      message = JSON.stringify(message)
+    }
+    const url = apiAdress + path
     return new Promise((resolve, reject) => {
+      console.log(getVal('sessionID'))
       xmlhttpRequest({
         method: 'POST',
         url: url,
+        xhrFields: { withCredentials: true },
         data: message,
         headers: {
+          'Cookie': `sessionID=${getVal('sessionID')}`,
           'Content-Type': 'application/json'
         },
         onerror: function (e) {
@@ -1730,7 +1812,7 @@
             const res = JSON.parse(resp.responseText)
             resolve(res)
           } catch (e) {
-            Log('Errro paring JSON in SendXHRMessage')
+            Log('Error paring JSON in SendXHRMessage')
             Log(e)
             reject(e)
           }