Modules now return a function which creates app-s, qmining module auth handle

2025-04-01 20:24:18 +02:00 · 2020-04-08 12:11:48 +02:00 · 2020-04-08 12:11:48 +02:00 · a03f56028a
commit a03f56028a
parent b5f9ede2cf
12 changed files with 1046 additions and 990 deletions
--- a/middlewares/auth.middleware.js
+++ b/middlewares/auth.middleware.js
@ -3,7 +3,7 @@ const utils = require('../utils/utils.js')
 const dbtools = require('../utils/dbtools.js')

 module.exports = function (options) {
-  const { authDB, jsonResponse, exceptions } = options
+  const { userDB, jsonResponse, exceptions } = options

  const renderLogin = (res) => {
    if (jsonResponse) {
@ -23,6 +23,12 @@ module.exports = function (options) {
      return req.url === exc
    })

+    // TODO Allowing all urls with _next in it, but not in params
+    if (req.url.split('?')[0].includes('_next')) {
+      next()
+      return
+    }
+
    if (isException) {
      logger.DebugLog(`EXCEPTION: ${req.url}`, 'auth', 1)
      next()
@ -35,7 +41,7 @@ module.exports = function (options) {
      return
    }

-    const user = GetUserBySessionID(authDB, sessionID, req)
+    const user = GetUserBySessionID(userDB, sessionID, req)

    if (!user) {
      logger.DebugLog(`No user:${req.url}`, 'auth', 1)
@ -50,15 +56,15 @@ module.exports = function (options) {

    logger.DebugLog(`ID #${user.id}: ${req.url}`, 'auth', 1)

-    UpdateAccess(authDB, user, ip, sessionID)
+    UpdateAccess(userDB, user, ip, sessionID)

-    dbtools.Update(authDB, 'sessions', {
+    dbtools.Update(userDB, 'sessions', {
      lastAccess: utils.GetDateString()
    }, {
      id: sessionID
    })

-    dbtools.Update(authDB, 'users', {
+    dbtools.Update(userDB, 'users', {
      lastIP: ip,
      lastAccess: utils.GetDateString()
    }, {
--- a/modules.json
+++ b/modules.json
@ -30,10 +30,5 @@
    "path": "./modules/stuff/stuff.js",
    "name": "stuff",
    "urls": [ "stuff.frylabs.net" ]
-  },
-  "old": {
-    "path": "./modules/old/old.js",
-    "name": "old",
-    "urls": [ "qmining.tk", "www.qmining.tk" ]
  }
 }
--- a/modules/api/api.js
+++ b/modules/api/api.js
--- a/modules/dataEditor/dataEditor.js
+++ b/modules/dataEditor/dataEditor.js
@ -26,63 +26,68 @@ const app = express()
 const utils = require('../../utils/utils.js')
 const logger = require('../../utils/logger.js')

-app.set('view engine', 'ejs')
-app.set('views', [
-  './modules/dataEditor/views',
-  './sharedViews'
-])
-app.use(express.static('modules/dataEditor/public'))
-app.use(express.static('public'))
-app.use(busboy({
-  limits: {
-    fileSize: 10000 * 1024 * 1024
-  }
-}))
-app.use(bodyParser.json())
-app.use(bodyParser.urlencoded({
-  limit: '5mb',
-  extended: true
-}))
-app.use(bodyParser.json({
-  limit: '5mb'
-}))
-
-// --------------------------------------------------------------
-
-function AddHtmlRoutes (files) {
-  const routes = files.reduce((acc, f) => {
-    if (f.includes('html')) {
-      acc.push(f.split('.')[0])
-      return acc
+function GetApp () {
+  app.set('view engine', 'ejs')
+  app.set('views', [
+    './modules/dataEditor/views',
+    './sharedViews'
+  ])
+  app.use(express.static('modules/dataEditor/public'))
+  app.use(express.static('public'))
+  app.use(busboy({
+    limits: {
+      fileSize: 10000 * 1024 * 1024
    }
-    return acc
-  }, [])
+  }))
+  app.use(bodyParser.json())
+  app.use(bodyParser.urlencoded({
+    limit: '5mb',
+    extended: true
+  }))
+  app.use(bodyParser.json({
+    limit: '5mb'
+  }))

-  routes.forEach((route) => {
-    logger.DebugLog(`Added route /${route}`, 'DataEditor routes', 1)
-    app.get(`/${route}`, function (req, res) {
-      logger.LogReq(req)
-      res.redirect(`${route}.html`)
+  // --------------------------------------------------------------
+
+  function AddHtmlRoutes (files) {
+    const routes = files.reduce((acc, f) => {
+      if (f.includes('html')) {
+        acc.push(f.split('.')[0])
+        return acc
+      }
+      return acc
+    }, [])
+
+    routes.forEach((route) => {
+      logger.DebugLog(`Added route /${route}`, 'DataEditor routes', 1)
+      app.get(`/${route}`, function (req, res) {
+        logger.LogReq(req)
+        res.redirect(`${route}.html`)
+      })
    })
+  }
+  AddHtmlRoutes(utils.ReadDir('modules/dataEditor/public'))
+
+  // --------------------------------------------------------------
+
+  app.get('/', function (req, res) {
+    res.end('hai')
+    logger.LogReq(req)
  })
+
+  app.get('*', function (req, res) {
+    res.status(404).render('404')
+  })
+
+  app.post('*', function (req, res) {
+    res.status(404).render('404')
+  })
+
+  return {
+    app: app
+  }
 }
-AddHtmlRoutes(utils.ReadDir('modules/dataEditor/public'))

-// --------------------------------------------------------------
-
-app.get('/', function (req, res) {
-  res.end('hai')
-  logger.LogReq(req)
-})
-
-app.get('*', function (req, res) {
-  res.status(404).render('404')
-})
-
-app.post('*', function (req, res) {
-  res.status(404).render('404')
-})
-
-exports.app = app
-
-logger.Log('DataEditor module started', logger.GetColor('yellow'))
+exports.name = 'Data editor'
+exports.getApp = GetApp
--- a/modules/main/main.js
+++ b/modules/main/main.js
@ -25,49 +25,54 @@ const bodyParser = require('body-parser')
 const busboy = require('connect-busboy')
 const app = express()

-const logger = require('../../utils/logger.js')
+// const logger = require('../../utils/logger.js')
 // const utils = require('../utils/utils.js')
 // const actions = require('../utils/actions.js')

-app.set('view engine', 'ejs')
-app.set('views', [
-  './modules/main/views',
-  './sharedViews'
-])
-app.use(express.static('public'))
-app.use(busboy({
-  limits: {
-    fileSize: 10000 * 1024 * 1024
-  }
-}))
-app.use(bodyParser.json())
-app.use(bodyParser.urlencoded({
-  limit: '5mb',
-  extended: true
-}))
-app.use(bodyParser.json({
-  limit: '5mb'
-}))
+function GetApp () {
+  app.set('view engine', 'ejs')
+  app.set('views', [
+    './modules/main/views',
+    './sharedViews'
+  ])
+  app.use(express.static('public'))
+  app.use(busboy({
+    limits: {
+      fileSize: 10000 * 1024 * 1024
+    }
+  }))
+  app.use(bodyParser.json())
+  app.use(bodyParser.urlencoded({
+    limit: '5mb',
+    extended: true
+  }))
+  app.use(bodyParser.json({
+    limit: '5mb'
+  }))

-// --------------------------------------------------------------
+  // --------------------------------------------------------------

-app.get('/', function (req, res) {
-  res.render('main', {
-    siteurl: url
+  app.get('/', function (req, res) {
+    res.render('main', {
+      siteurl: url
+    })
  })
-})

-app.get('*', function (req, res) {
-  res.status(404).render('404')
-})
+  app.get('*', function (req, res) {
+    res.status(404).render('404')
+  })

-app.post('*', function (req, res) {
-  res.status(404).render('404')
-})
+  app.post('*', function (req, res) {
+    res.status(404).render('404')
+  })

-exports.app = app
+  return {
+    app: app
+  }
+}
+
+exports.name = 'Main'
+exports.getApp = GetApp
 exports.setup = (x) => {
  url = x.url
 }
-
-logger.Log('Main module started', logger.GetColor('yellow'))
--- a/modules/old/old.js
+++ b/modules/old/old.js
@ -1,46 +0,0 @@
-/* ----------------------------------------------------------------------------
-
- Question Server
- GitLab: <https://gitlab.com/MrFry/mrfrys-node-server>
-
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation, either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <https://www.gnu.org/licenses/>.
-
- ------------------------------------------------------------------------- */
-
-let url = ''
-const express = require('express')
-const app = express()
-
-const logger = require('../../utils/logger.js')
-
-// --------------------------------------------------------------
-
-app.get('/', function (req, res) {
-  res.redirect(url + req.url)
-})
-
-app.get('*', function (req, res) {
-  res.redirect(url + req.url)
-})
-
-app.post('*', function (req, res) {
-  res.redirect(url + req.url)
-})
-
-exports.app = app
-exports.setup = (x) => {
-  url = x.url
-}
-
-logger.Log('Old module started', logger.GetColor('yellow'))
--- a/modules/qmining/qmining.js
+++ b/modules/qmining/qmining.js
@ -23,154 +23,170 @@ const bodyParser = require('body-parser')
 const busboy = require('connect-busboy')
 const app = express()

-const reqlogger = require('../../middlewares/reqlogger.middleware.js')
 const utils = require('../../utils/utils.js')
 const logger = require('../../utils/logger.js')
+const auth = require('../../middlewares/auth.middleware.js')

 let donateURL = ''
+let userDB
+
 try {
  donateURL = utils.ReadFile('./data/donateURL')
 } catch (e) {
  logger.Log('Couldnt read donate URL file!', logger.GetColor('red'))
 }

-app.use(bodyParser.urlencoded({
-  limit: '5mb',
-  extended: true
-}))
-app.use(bodyParser.json({
-  limit: '5mb'
-}))
-app.set('view engine', 'ejs')
-app.set('views', [
-  './modules/qmining/views',
-  './sharedViews'
-])
-app.use(reqlogger())
-app.use(express.static('modules/qmining/public'))
-app.use(express.static('public'))
-app.use(busboy({
-  limits: {
-    fileSize: 10000 * 1024 * 1024
-  }
-}))
-
-// --------------------------------------------------------------
-// REDIRECTS
-// --------------------------------------------------------------
-
-// to be backwards compatible
-app.get('/ask', function (req, res) {
-  logger.DebugLog(`Qmining module ask redirect`, 'ask', 1)
-  res.redirect(`http://api.frylabs.net/ask?q=${req.query.q}&subj=${req.query.subj}&data=${req.query.data}`)
-})
-
-const simpleRedirects = [
-  {
-    from: '/dataeditor',
-    to: 'https://dataeditor.frylabs.net'
-  },
-  {
-    from: '/install',
-    to: 'https://greasyfork.org/en/scripts/38999-moodle-elearning-kmooc-test-help'
-  },
-  {
-    from: '/servergit',
-    to: 'https://gitlab.com/MrFry/mrfrys-node-server'
-  },
-  {
-    from: '/scriptgit',
-    to: 'https://gitlab.com/MrFry/moodle-test-userscript'
-  },
-  {
-    from: '/qminingSite',
-    to: 'https://gitlab.com/MrFry/qmining-page'
-  },
-  {
-    from: '/classesgit',
-    to: 'https://gitlab.com/MrFry/question-classes'
-  },
-  {
-    from: '/menuClick',
-    to: '/'
-  },
-  {
-    from: '/lred',
-    to: '/allQuestions.html'
-  },
-  {
-    from: '/donate',
-    to: donateURL
-  },
-  { // to be backwards compatible
-    from: '/legacy',
-    to: '/allQuestions.html'
-  },
-  {
-    from: '/allqr',
-    to: 'http://api.frylabs.net/allqr.txt'
-  },
-  {
-    from: '/allqr.txt',
-    to: 'http://api.frylabs.net/allqr.txt'
-  },
-  {
-    from: '/infos',
-    to: 'http://api.frylabs.net/infos?version=true&motd=true&subjinfo=true',
-    nolog: true
-  },
-  {
-    from: '/irc',
-    to: 'https://kiwiirc.com/nextclient/irc.sub.fm/#qmining'
-  }
-]
-
-simpleRedirects.forEach((redirect) => {
-  app.get(redirect.from, function (req, res) {
-    if (!redirect.nolog) {
-      logger.LogReq(req)
+function GetApp () {
+  app.use(bodyParser.urlencoded({
+    limit: '5mb',
+    extended: true
+  }))
+  app.use(bodyParser.json({
+    limit: '5mb'
+  }))
+  app.set('view engine', 'ejs')
+  app.set('views', [
+    './modules/qmining/views',
+    './sharedViews'
+  ])
+  app.use(auth({
+    userDB: userDB,
+    jsonResponse: false,
+    exceptions: [
+      '/favicon.ico'
+    ]
+  }))
+  app.use(express.static('modules/qmining/public'))
+  app.use(express.static('public'))
+  app.use(busboy({
+    limits: {
+      fileSize: 10000 * 1024 * 1024
    }
-    logger.DebugLog(`Qmining module ${redirect.from} redirect`, 'infos', 1)
-    res.redirect(`${redirect.to}`)
+  }))
+
+  // --------------------------------------------------------------
+  // REDIRECTS
+  // --------------------------------------------------------------
+
+  // to be backwards compatible
+  app.get('/ask', function (req, res) {
+    logger.DebugLog(`Qmining module ask redirect`, 'ask', 1)
+    res.redirect(`http://api.frylabs.net/ask?q=${req.query.q}&subj=${req.query.subj}&data=${req.query.data}`)
  })
-})

-// --------------------------------------------------------------
-
-function AddHtmlRoutes (files) {
-  const routes = files.reduce((acc, f) => {
-    if (f.includes('html')) {
-      acc.push(f.split('.')[0])
-      return acc
+  const simpleRedirects = [
+    {
+      from: '/dataeditor',
+      to: 'https://dataeditor.frylabs.net'
+    },
+    {
+      from: '/install',
+      to: 'https://greasyfork.org/en/scripts/38999-moodle-elearning-kmooc-test-help'
+    },
+    {
+      from: '/servergit',
+      to: 'https://gitlab.com/MrFry/mrfrys-node-server'
+    },
+    {
+      from: '/scriptgit',
+      to: 'https://gitlab.com/MrFry/moodle-test-userscript'
+    },
+    {
+      from: '/qminingSite',
+      to: 'https://gitlab.com/MrFry/qmining-page'
+    },
+    {
+      from: '/classesgit',
+      to: 'https://gitlab.com/MrFry/question-classes'
+    },
+    {
+      from: '/menuClick',
+      to: '/'
+    },
+    {
+      from: '/lred',
+      to: '/allQuestions.html'
+    },
+    {
+      from: '/donate',
+      to: donateURL
+    },
+    { // to be backwards compatible
+      from: '/legacy',
+      to: '/allQuestions.html'
+    },
+    {
+      from: '/allqr',
+      to: 'http://api.frylabs.net/allqr.txt'
+    },
+    {
+      from: '/allqr.txt',
+      to: 'http://api.frylabs.net/allqr.txt'
+    },
+    {
+      from: '/infos',
+      to: 'http://api.frylabs.net/infos?version=true&motd=true&subjinfo=true',
+      nolog: true
+    },
+    {
+      from: '/irc',
+      to: 'https://kiwiirc.com/nextclient/irc.sub.fm/#qmining'
    }
-    return acc
-  }, [])
+  ]

-  routes.forEach((route) => {
-    logger.DebugLog(`Added route /${route}`, 'Qmining routes', 1)
-    app.get(`/${route}`, function (req, res) {
-      logger.LogReq(req)
-      res.redirect(`${route}.html`)
+  simpleRedirects.forEach((redirect) => {
+    app.get(redirect.from, function (req, res) {
+      if (!redirect.nolog) {
+        logger.LogReq(req)
+      }
+      logger.DebugLog(`Qmining module ${redirect.from} redirect`, 'infos', 1)
+      res.redirect(`${redirect.to}`)
    })
  })
+
+  // --------------------------------------------------------------
+
+  function AddHtmlRoutes (files) {
+    const routes = files.reduce((acc, f) => {
+      if (f.includes('html')) {
+        acc.push(f.split('.')[0])
+        return acc
+      }
+      return acc
+    }, [])
+
+    routes.forEach((route) => {
+      logger.DebugLog(`Added route /${route}`, 'Qmining routes', 1)
+      app.get(`/${route}`, function (req, res) {
+        logger.LogReq(req)
+        res.redirect(`${route}.html`)
+      })
+    })
+  }
+  AddHtmlRoutes(utils.ReadDir('modules/qmining/public'))
+
+  // --------------------------------------------------------------
+
+  app.get('/', function (req, res) {
+    res.end('hai')
+    logger.LogReq(req)
+  })
+
+  app.get('*', function (req, res) {
+    res.status(404).render('404')
+  })
+
+  app.post('*', function (req, res) {
+    res.status(404).render('404')
+  })
+
+  return {
+    app: app
+  }
 }
-AddHtmlRoutes(utils.ReadDir('modules/qmining/public'))

-// --------------------------------------------------------------
-
-app.get('/', function (req, res) {
-  res.end('hai')
-  logger.LogReq(req)
-})
-
-app.get('*', function (req, res) {
-  res.status(404).render('404')
-})
-
-app.post('*', function (req, res) {
-  res.status(404).render('404')
-})
-
-exports.app = app
-
-logger.Log('Qmining module started', logger.GetColor('yellow'))
+exports.name = 'Qmining'
+exports.getApp = GetApp
+exports.setup = (data) => {
+  userDB = data.userDB
+}
--- a/modules/sio/sio.js
+++ b/modules/sio/sio.js
@ -31,69 +31,74 @@ const utils = require('../../utils/utils.js')

 const uloadFiles = './public/f'

-app.set('view engine', 'ejs')
-app.set('views', [
-  './modules/sio/views',
-  './sharedViews'
-])
-app.use(express.static('public'))
-app.use(busboy({
-  limits: {
-    fileSize: 10000 * 1024 * 1024
-  }
-}))
-app.use(bodyParser.json())
-app.use(bodyParser.urlencoded({
-  limit: '5mb',
-  extended: true
-}))
-app.use(bodyParser.json({
-  limit: '5mb'
-}))
+function GetApp () {
+  app.set('view engine', 'ejs')
+  app.set('views', [
+    './modules/sio/views',
+    './sharedViews'
+  ])
+  app.use(express.static('public'))
+  app.use(busboy({
+    limits: {
+      fileSize: 10000 * 1024 * 1024
+    }
+  }))
+  app.use(bodyParser.json())
+  app.use(bodyParser.urlencoded({
+    limit: '5mb',
+    extended: true
+  }))
+  app.use(bodyParser.json({
+    limit: '5mb'
+  }))

-// --------------------------------------------------------------
+  // --------------------------------------------------------------

-app.get('/', function (req, res) {
-  res.render('uload')
-  res.end()
-})
+  app.get('/', function (req, res) {
+    res.render('uload')
+    res.end()
+  })

-function UploadFile (req, res, path, next) {
-  var fstream
-  req.pipe(req.busboy)
-  req.busboy.on('file', function (fieldname, file, filename) {
-    logger.Log('Uploading: ' + filename, logger.GetColor('blue'))
+  function UploadFile (req, res, path, next) {
+    var fstream
+    req.pipe(req.busboy)
+    req.busboy.on('file', function (fieldname, file, filename) {
+      logger.Log('Uploading: ' + filename, logger.GetColor('blue'))

-    utils.CreatePath(path, true)
-    let d = new Date()
-    let fn = d.getHours() + '' + d.getMinutes() + '' + d.getSeconds() + '_' + filename
+      utils.CreatePath(path, true)
+      let d = new Date()
+      let fn = d.getHours() + '' + d.getMinutes() + '' + d.getSeconds() + '_' + filename

-    fstream = fs.createWriteStream(path + '/' + fn)
-    file.pipe(fstream)
-    fstream.on('close', function () {
-      logger.Log('Upload Finished of ' + path + '/' + fn, logger.GetColor('blue'))
-      next(fn)
+      fstream = fs.createWriteStream(path + '/' + fn)
+      file.pipe(fstream)
+      fstream.on('close', function () {
+        logger.Log('Upload Finished of ' + path + '/' + fn, logger.GetColor('blue'))
+        next(fn)
+      })
+      fstream.on('error', function (err) {
+        console.log(err)
+        res.end('something bad happened :s')
+      })
    })
-    fstream.on('error', function (err) {
-      console.log(err)
-      res.end('something bad happened :s')
+  }
+
+  app.route('/fosuploader').post(function (req, res, next) {
+    UploadFile(req, res, uloadFiles, (fn) => {
+      res.redirect('/f/' + fn)
    })
  })
+  app.get('*', function (req, res) {
+    res.status(404).render('404')
+  })
+
+  app.post('*', function (req, res) {
+    res.status(404).render('404')
+  })
+
+  return {
+    app: app
+  }
 }

-app.route('/fosuploader').post(function (req, res, next) {
-  UploadFile(req, res, uloadFiles, (fn) => {
-    res.redirect('/f/' + fn)
-  })
-})
-app.get('*', function (req, res) {
-  res.status(404).render('404')
-})
-
-app.post('*', function (req, res) {
-  res.status(404).render('404')
-})
-
-exports.app = app
-
-logger.Log('Sio module started', logger.GetColor('yellow'))
+exports.name = 'Sio'
+exports.getApp = GetApp
--- a/modules/stuff/stuff.js
+++ b/modules/stuff/stuff.js
@ -31,183 +31,188 @@ const logger = require('../../utils/logger.js')

 const listedFiles = './public/files'

-app.set('view engine', 'ejs')
-app.set('views', [
-  './modules/stuff/views',
-  './sharedViews'
-])
-app.use(express.static('public'))
-app.use(busboy({
-  limits: {
-    fileSize: 10000 * 1024 * 1024
-  }
-}))
-app.use(bodyParser.json())
-app.use(bodyParser.urlencoded({
-  limit: '5mb',
-  extended: true
-}))
-app.use(bodyParser.json({
-  limit: '5mb'
-}))
-
-// --------------------------------------------------------------
-
-// app, '/*.mp4', 'video/mp4', 'stuff/video'
-function appGetFileType (app, wildcard, contentType, pageToRender) {
-  app.get(wildcard, function (req, res) {
-    let p = decodeURI(req.url)
-    let fp = p
-    if (p.includes('?')) {
-      fp = p.split('?')
-      fp.pop()
-      fp = fp.join('/')
+function GetApp () {
+  app.set('view engine', 'ejs')
+  app.set('views', [
+    './modules/stuff/views',
+    './sharedViews'
+  ])
+  app.use(express.static('public'))
+  app.use(busboy({
+    limits: {
+      fileSize: 10000 * 1024 * 1024
    }
-    const fpath = './public/files' + fp
-    if (!fs.existsSync(fpath)) {
-      res.render('nofile', {
-        missingFile: fpath,
-        url
-      })
-      return
-    }
-    if (req.query.stream || !pageToRender) {
-      const stat = fs.statSync(fpath)
-      const fileSize = stat.size
-      const range = req.headers.range
-      if (range) {
-        const parts = range.replace(/bytes=/, '').split('-')
-        const start = parseInt(parts[0], 10)
-        const end = parts[1]
-          ? parseInt(parts[1], 10)
-          : fileSize - 1
-        const chunksize = (end - start) + 1
-        const file = fs.createReadStream(fpath, { start, end })
-        const head = {
-          'Content-Range': `bytes ${start}-${end}/${fileSize}`,
-          'Accept-Ranges': 'bytes',
-          'Content-Length': chunksize,
-          'Content-Type': contentType
-        }
-        res.writeHead(206, head)
-        file.pipe(res)
-      } else {
-        const head = {
-          'Content-Length': fileSize,
-          'Content-Type': contentType
-        }
-        res.writeHead(200, head)
-        fs.createReadStream(fpath).pipe(res)
+  }))
+  app.use(bodyParser.json())
+  app.use(bodyParser.urlencoded({
+    limit: '5mb',
+    extended: true
+  }))
+  app.use(bodyParser.json({
+    limit: '5mb'
+  }))
+
+  // --------------------------------------------------------------
+
+  // app, '/*.mp4', 'video/mp4', 'stuff/video'
+  function appGetFileType (app, wildcard, contentType, pageToRender) {
+    app.get(wildcard, function (req, res) {
+      let p = decodeURI(req.url)
+      let fp = p
+      if (p.includes('?')) {
+        fp = p.split('?')
+        fp.pop()
+        fp = fp.join('/')
      }
-    } else {
-      logger.LogReq(req)
-      let fname = fpath.split('/')
-      fname = fname.pop()
-      res.render(pageToRender, {
-        path: fp,
-        fname,
-        url,
-        contentType,
-        albumArt: GetAlbumArt(p)
+      const fpath = './public/files' + fp
+      if (!fs.existsSync(fpath)) {
+        res.render('nofile', {
+          missingFile: fpath,
+          url
+        })
+        return
+      }
+      if (req.query.stream || !pageToRender) {
+        const stat = fs.statSync(fpath)
+        const fileSize = stat.size
+        const range = req.headers.range
+        if (range) {
+          const parts = range.replace(/bytes=/, '').split('-')
+          const start = parseInt(parts[0], 10)
+          const end = parts[1]
+            ? parseInt(parts[1], 10)
+            : fileSize - 1
+          const chunksize = (end - start) + 1
+          const file = fs.createReadStream(fpath, { start, end })
+          const head = {
+            'Content-Range': `bytes ${start}-${end}/${fileSize}`,
+            'Accept-Ranges': 'bytes',
+            'Content-Length': chunksize,
+            'Content-Type': contentType
+          }
+          res.writeHead(206, head)
+          file.pipe(res)
+        } else {
+          const head = {
+            'Content-Length': fileSize,
+            'Content-Type': contentType
+          }
+          res.writeHead(200, head)
+          fs.createReadStream(fpath).pipe(res)
+        }
+      } else {
+        logger.LogReq(req)
+        let fname = fpath.split('/')
+        fname = fname.pop()
+        res.render(pageToRender, {
+          path: fp,
+          fname,
+          url,
+          contentType,
+          albumArt: GetAlbumArt(p)
+        })
+      }
+    })
+  }
+
+  const fileTypes = [
+    ['/*.mp4', 'video/mp4', 'video'],
+    ['/*.mkv', 'audio/x-matroska', 'video'],
+    ['/*.mp3', 'audio/mpeg', 'audio'],
+    ['/*.pdf', 'application/pdf'],
+    ['/*.zip', 'application/zip']
+  ]
+
+  function GetAlbumArt (path) {
+    let tmp = path.split('.')
+    tmp.pop()
+    tmp = tmp.join('.').split('/')
+    let last = tmp.pop()
+
+    return tmp.join('/') + '/.' + last + '.png'
+  }
+
+  fileTypes.forEach((t) => {
+    appGetFileType(app, t[0], t[1], t[2])
+  })
+
+  app.get('/*', function (req, res) {
+    let parsedUrl = decodeURI(req.url)
+    let curr = listedFiles + '/' + parsedUrl.substring('/'.length, parsedUrl.length).split('?')[0]
+    let relPath = curr.substring('./public/files'.length, curr.length)
+
+    if (relPath[relPath.length - 1] !== '/') { relPath += '/' }
+
+    let t = relPath.split('/')
+    let prevDir = ''
+    for (let i = 0; i < t.length - 2; i++) { prevDir += t[i] + '/' }
+
+    // curr = curr.replace(/\//g, "/");
+    // relPath = relPath.replace(/\//g, "/");
+
+    logger.LogReq(req)
+
+    try {
+      const stat = fs.lstatSync(curr)
+      if (stat.isDirectory() || stat.isSymbolicLink()) {
+        if (curr[curr.length - 1] !== '/') { curr += '/' }
+
+        let f = []
+
+        fs.readdirSync(curr).forEach((item) => {
+          if (item[0] !== '.') {
+            let res = { name: item }
+            let stat = fs.statSync(curr + '/' + item)
+
+            let fileSizeInBytes = stat['size']
+            res.size = Math.round(fileSizeInBytes / 1000000)
+
+            res.path = relPath
+            if (res.path[res.path.length - 1] !== '/') { res.path += '/' }
+            res.path += item
+
+            res.mtime = stat['mtime'].toLocaleString()
+            res.isDir = stat.isDirectory()
+
+            f.push(res)
+          }
+        })
+
+        res.render('folders', {
+          folders: f,
+          dirname: relPath,
+          prevDir,
+          url
+        })
+      } else {
+        let fileStream = fs.createReadStream(curr)
+        fileStream.pipe(res)
+      }
+    } catch (e) {
+      res.render('nofile', {
+        missingFile: curr,
+        url
      })
    }
  })
-}

-const fileTypes = [
-  ['/*.mp4', 'video/mp4', 'video'],
-  ['/*.mkv', 'audio/x-matroska', 'video'],
-  ['/*.mp3', 'audio/mpeg', 'audio'],
-  ['/*.pdf', 'application/pdf'],
-  ['/*.zip', 'application/zip']
-]
+  // -----------------------------------------------------------------------------------------------

-function GetAlbumArt (path) {
-  let tmp = path.split('.')
-  tmp.pop()
-  tmp = tmp.join('.').split('/')
-  let last = tmp.pop()
+  app.get('*', function (req, res) {
+    res.status(404).render('404')
+  })

-  return tmp.join('/') + '/.' + last + '.png'
-}
+  app.post('*', function (req, res) {
+    res.status(404).render('404')
+  })

-fileTypes.forEach((t) => {
-  appGetFileType(app, t[0], t[1], t[2])
-})
-
-app.get('/*', function (req, res) {
-  let parsedUrl = decodeURI(req.url)
-  let curr = listedFiles + '/' + parsedUrl.substring('/'.length, parsedUrl.length).split('?')[0]
-  let relPath = curr.substring('./public/files'.length, curr.length)
-
-  if (relPath[relPath.length - 1] !== '/') { relPath += '/' }
-
-  let t = relPath.split('/')
-  let prevDir = ''
-  for (let i = 0; i < t.length - 2; i++) { prevDir += t[i] + '/' }
-
-  // curr = curr.replace(/\//g, "/");
-  // relPath = relPath.replace(/\//g, "/");
-
-  logger.LogReq(req)
-
-  try {
-    const stat = fs.lstatSync(curr)
-    if (stat.isDirectory() || stat.isSymbolicLink()) {
-      if (curr[curr.length - 1] !== '/') { curr += '/' }
-
-      let f = []
-
-      fs.readdirSync(curr).forEach((item) => {
-        if (item[0] !== '.') {
-          let res = { name: item }
-          let stat = fs.statSync(curr + '/' + item)
-
-          let fileSizeInBytes = stat['size']
-          res.size = Math.round(fileSizeInBytes / 1000000)
-
-          res.path = relPath
-          if (res.path[res.path.length - 1] !== '/') { res.path += '/' }
-          res.path += item
-
-          res.mtime = stat['mtime'].toLocaleString()
-          res.isDir = stat.isDirectory()
-
-          f.push(res)
-        }
-      })
-
-      res.render('folders', {
-        folders: f,
-        dirname: relPath,
-        prevDir,
-        url
-      })
-    } else {
-      let fileStream = fs.createReadStream(curr)
-      fileStream.pipe(res)
-    }
-  } catch (e) {
-    res.render('nofile', {
-      missingFile: curr,
-      url
-    })
+  return {
+    app: app
  }
-})
+}

-// -----------------------------------------------------------------------------------------------
-
-app.get('*', function (req, res) {
-  res.status(404).render('404')
-})
-
-app.post('*', function (req, res) {
-  res.status(404).render('404')
-})
-
-exports.app = app
+exports.name = 'Stuff'
+exports.getApp = GetApp
 exports.setup = (x) => {
  url = x.url
 }
-
-logger.Log('Stuff module started', logger.GetColor('yellow'))
--- a/server.js
+++ b/server.js
@ -20,7 +20,7 @@
 console.clear()

 const startHTTPS = true
-const port = 8080
+const port = 80
 const httpsport = 5001

 const express = require('express')
@ -30,10 +30,19 @@ const utils = require('./utils/utils.js')
 const http = require('http')
 const https = require('https')
 const cors = require('cors')
+const cookieParser = require('cookie-parser')
+const uuidv4 = require('uuid/v4') // TODO: deprecated, but imports are not supported

+const dbtools = require('./utils/dbtools.js')
 const reqlogger = require('./middlewares/reqlogger.middleware.js')
 const extraModulesFile = './extraModules.json'
 const modulesFile = './modules.json'
+const usersDBPath = 'data/dbs/users.db'
+
+if (!utils.FileExists(usersDBPath)) {
+  throw new Error('No user DB exists yet! please run utils/dbSetup.js first!')
+}
+const userDB = dbtools.GetDB(usersDBPath)

 let modules = JSON.parse(utils.ReadFile(modulesFile))

@ -70,15 +79,25 @@ function exit (reason) {
        x.cleanup()
      } catch (e) {
        logger.Log(`Error in ${k} cleanup! Details in STDERR`, logger.GetColor('redbg'))
-        console.err(e)
+        console.error(e)
      }
    }
  })
+
+  logger.Log('Closing Auth DB')
+  userDB.close()
+
  process.exit()
 }

 const app = express()
-app.use(cors())
+app.use(cors({
+  credentials: true,
+  origin: true
+  // origin: [ /\.frylabs\.net$/ ]
+}))
+const cookieSecret = uuidv4()
+app.use(cookieParser(cookieSecret))
 app.use(reqlogger({
  loggableKeywords: [
    'stable.user.js'
@ -92,14 +111,19 @@ Object.keys(modules).forEach(function (k, i) {
  let x = modules[k]
  try {
    let mod = require(x.path)
+    logger.Log(`Loading ${mod.name} module`, logger.GetColor('yellow'))
    if (mod.setup) {
      mod.setup({
-        url: 'https://' + x.urls[0]
+        url: 'https://' + x.urls[0],
+        userDB: userDB
      })
    }
-    x.app = mod.app
-    x.dailyAction = mod.dailyAction
-    x.cleanup = mod.cleanup
+
+    const modApp = mod.getApp()
+    x.app = modApp.app
+    x.dailyAction = modApp.DailyAction
+    x.cleanup = modApp.cleanup
+
    x.urls.forEach((url) => {
      app.use(vhost(url, x.app))
    })
--- a/sharedViews/login.ejs
+++ b/sharedViews/login.ejs
@ -0,0 +1,34 @@
+<html>
+  <body bgcolor="#212127">
+    <head>
+      <title>login</title>
+      <meta charset="UTF-8">
+      <meta name="viewport" content="width=device-width, initial-scale=0.6" />
+      <style>
+        .text {
+          color: white;
+        }
+        .title {
+          font: normal 28px Verdana;
+          font-weight: bold;
+          color: white;
+        }
+
+      </style>
+    </head>
+    <center>
+      <h2 class='title'>
+        Frylabs Login
+      </h2>
+      <div class='text'>
+        Jelszó:
+      </div>
+	<form action="http://api.frylabs.net/login" method="POST">
+        <input type='text' id='pw' name='pw' />
+        <input type='submit' value='Submit' formmethod='post' />
+      </form>
+    </center>
+  </body>
+  <script>
+  </script>
+</html>
--- a/utils/dbtools.js
+++ b/utils/dbtools.js
@ -216,6 +216,9 @@ function CloseDB (db) {
 // -------------------------------------------------------------------------

 function PrepareStatement (db, s) {
+  if (!db) {
+    throw new Error('DB is undefined in prepare statement! DB action called with undefined db')
+  }
  DebugLog(s)
  return db.prepare(s)
 }