Added veteran pw request site, logging in prettying

2025-04-01 20:24:18 +02:00 · 2020-04-08 17:57:56 +02:00 · 2020-04-08 17:57:56 +02:00 · b970b2eb30
commit b970b2eb30
parent 03c54c7bd4
4 changed files with 181 additions and 28 deletions
--- a/modules/api/api.js
+++ b/modules/api/api.js
@ -45,7 +45,7 @@ const dataEditsLog = 'stats/dataEdits'
 const dailyDataCountFile = 'stats/dailyDataCount'
 const usersDbBackupPath = 'data/dbs/backup'
-const maxVeteranPwGetCount = 5
+const maxVeteranPwGetCount = 10
 const addPWPerDay = 3 // every x day a user can give a pw
 const maxPWCount = 2 // maximum pw give opportunities a user can have at once
 const daysAfterUserGetsPWs = 2 // days after user gets pw-s
@ -151,7 +151,6 @@ function GetApp () {
  app.post('/getveteranpw', function (req, res) {
    logger.LogReq(req)
    const ip = req.headers['cf-connecting-ip'] || req.connection.remoteAddress
    const tries = dbtools.Select(userDB, 'veteranPWRequests', {
      ip: ip
    })[0]
@ -160,7 +159,7 @@ function GetApp () {
      if (tries.count > maxVeteranPwGetCount) {
        res.json({
          result: 'error',
-          msg: 'Too many tries'
+          msg: 'Too many tries from this IP'
        })
        logger.Log(`Too many veteran PW requests from ${ip}!`, logger.GetColor('cyan'))
        return
@ -180,10 +179,11 @@ function GetApp () {
    }
    const oldUserID = req.body.cid
    if (!oldUserID) {
      res.json({
        result: 'error',
-        msg: 'No CID recieved'
+        msg: 'No Client ID recieved'
      })
      logger.Log(`No client ID recieved`, logger.GetColor('cyan'))
      return
@ -210,14 +210,14 @@ function GetApp () {
        logger.Log(`Veteran user #${user.id} already requested password`, logger.GetColor('cyan'))
        res.json({
          result: 'error',
-          msg: 'Password already requested once'
+          msg: 'Password already requested'
        })
      }
    } else {
      logger.Log(`Invalid password request with CID: ${oldUserID}`, logger.GetColor('cyan'))
      res.json({
        result: 'error',
-        msg: 'no such CID'
+        msg: 'No such Client ID'
      })
    }
  })
@ -225,7 +225,6 @@ function GetApp () {
  app.post('/login', (req, res) => {
    logger.LogReq(req)
    const pw = req.body.pw
    const redirectTo = req.body.redirect
    const ip = req.headers['cf-connecting-ip'] || req.connection.remoteAddress
    const user = dbtools.Select(userDB, 'users', {
      pw: pw
@ -269,25 +268,18 @@ function GetApp () {
        sameSite: 'none'
      })
      if (redirectTo) {
        res.redirect(redirectTo)
      } else {
      res.json({
        result: 'success',
        msg: 'you are now logged in'
      })
      }
      logger.Log(`Successfull login with user ID: #${user.id}`, logger.GetColor('cyan'))
    } else {
      logger.Log(`Login attempt with invalid pw: ${pw}`, logger.GetColor('cyan'))
      if (redirectTo) {
        res.redirect(redirectTo) // TODO
      } else {
      res.json({
-          msg: 'invalid pw'
+        result: 'error',
        msg: 'Invalid password'
      })
    }
    }
  })
  app.post('/logout', (req, res) => {
--- a/modules/qmining/qmining.js
+++ b/modules/qmining/qmining.js
@ -53,7 +53,8 @@ function GetApp () {
    userDB: userDB,
    jsonResponse: false,
    exceptions: [
-      '/favicon.ico'
+      '/favicon.ico',
      '/getVeteranPw'
    ]
  }))
  app.use(express.static('modules/qmining/public'))
@ -172,6 +173,13 @@ function GetApp () {
    logger.LogReq(req)
  })
  app.get('/getVeteranPw', function (req, res) {
    res.render('veteranPw', {
      cid: req.query.cid
    })
    logger.LogReq(req)
  })
  app.get('*', function (req, res) {
    res.status(404).render('404')
  })
--- a/modules/qmining/views/veteranPw.ejs
+++ b/modules/qmining/views/veteranPw.ejs
@ -0,0 +1,117 @@
 <html>
  <body bgcolor="#212127">
    <head>
      <title>Frylabs</title>
      <meta charset="UTF-8">
      <meta name="viewport" content="width=device-width, initial-scale=0.6" />
      <style>
        .center {
          width: 440px;
          height: 340px;
          position: absolute;
          left: 0;
          right: 0;
          top: 0;
          bottom: 0;
          margin: auto;
          max-width: 100%;
          max-height: 100%;
          overflow: auto;
          text-align: center;
        }
        .text {
          font-size: 18px;
          color: white;
          margin: 20px;
        }
        .title {
          font-size: 50px;
          font-weight: bold;
          color: white;
        }
        .inputContainer {
          width: 100%;
        }
        .showpwContainer {
          color: white;
          width: 40px;
          cursor: pointer;
        }
        input[type=text], input[type=password] {
          width: 100%;
          padding: 12px 20px;
          margin: 8px 0;
          box-sizing: border-box;
          border: 2px solid #fff;
          text-align: center;
        }
        input[type=text], input[type=password]:focus {
          border: 2px solid #000;
        }
        button {
          width: 100px;
          background-color: #9999ff;
          border: none;
          color: white;
          padding: 16px 32px;
          text-decoration: none;
          margin: 4px 2px;
          cursor: pointer;
        }
      </style>
    </head>
    <div class='center'>
      <div class='title'>
        Frylabs
      </div>
      <div id='text' class='text'>
        Másold be ide régi kliens ID-d, és az alapján jelszót ad. Ezt csak egyszer teheted meg, a
        kapott jelszót tuti helyre írd le!
      </div>
      <div id='form'>
        <div class='inputContainer'>
          <input type='text' id='cid' name='pw' autocomplete="off"/>
        </div>
        <input type='hidden' name='redirect' value='asd' autocomplete="off"/>
        <button id='sendButton' onclick="GetVeteranPW(this)">Submit</button>
      </div>
    </div>
  </body>
  <script>
    function HandleResp (resp) {
      const textNode = document.getElementById('text')
      document.getElementById('sendButton').innerText = 'Submit'
      if (resp.result === 'success') {
        document.getElementById('form').style.display = 'none'
        textNode.innerText = 'Password:'
        const pwDiv = document.createElement('div')
        pwDiv.innerText = resp.pw
        pwDiv.style.fontSize = '20px'
        textNode.appendChild(pwDiv)
      } else {
        textNode.innerText = resp.msg
      }
    }
    async function GetVeteranPW(button) {
      button.innerText = '...'
      const rawResponse = await fetch('http://api.frylabs.net/getveteranpw', {
        method: 'POST',
        credentials: 'include',
        headers: {
          'Accept': 'application/json',
          'Content-Type': 'application/json'
        },
        body: JSON.stringify({
          cid: document.getElementById('cid').value
        })
      })
      rawResponse.json()
        .then((resp) => {
          HandleResp(resp)
        })
    }
  </script>
 </html>
--- a/sharedViews/login.ejs
+++ b/sharedViews/login.ejs
@ -21,6 +21,11 @@
          text-align: center;
        }
        .text {
          font-size: 18px;
          color: white;
          margin: 20px;
        }
        .title {
          font-size: 50px;
          font-weight: bold;
@ -45,7 +50,7 @@
        input[type=text], input[type=password]:focus {
          border: 2px solid #000;
        }
-         input[type=button], input[type=submit], input[type=reset] {
+        button {
          background-color: #9999ff;
          border: none;
          color: white;
@ -60,16 +65,17 @@
      <div class='title'>
        Frylabs
      </div>
-	<form action="http://api.frylabs.net/login" method="POST">
+      <div id='text' class='text'>
      </div>
      <div id='form'>
        <div class='inputContainer'>
          <input type='password' id='pw' name='pw' autocomplete="off"/>
          <!-- <span onclick="ShowHidePW()" class='showpwContainer'>
            👁
          </span> -->
        </div>
-        <input type='hidden' name='redirect' value=<%= redirect %> autocomplete="off"/>
+        <button id='sendButton' onclick="Login(this)">Submit</button>
-        <input type='submit' value='Submit' formmethod='post' />
+      </div>
      </form>
    </div>
  </body>
  <script>
@ -81,5 +87,35 @@
        x.type = "password";
      }
    } 
    function HandleResp (resp) {
      console.log(resp)
      document.getElementById('sendButton').innerText = 'Submit'
      const textNode = document.getElementById('text')
      if (resp.result === 'success') {
        location.reload()
        textNode.innerText = resp.msg
      } else {
        textNode.innerText = resp.msg
      }
    }
    async function Login(button) {
      button.innerText = '...'
      const rawResponse = await fetch('http://api.frylabs.net/login', {
        method: 'POST',
        credentials: 'include',
        headers: {
          'Accept': 'application/json',
          'Content-Type': 'application/json'
        },
        body: JSON.stringify({
          pw: document.getElementById('pw').value
        })
      })
      rawResponse.json()
        .then((resp) => {
          HandleResp(resp)
        })
    }
  </script>
 </html>