mirror of
https://gitlab.com/MrFry/mrfrys-node-server
synced 2025-04-01 20:24:18 +02:00
Exit cleanup functions, authentication polish, db polish
This commit is contained in:
MrFry
parent
fb8e12f8d2
commit
c764c4f402
10 changed files with 314 additions and 229 deletions
|
|
@ -46,6 +46,8 @@ const dataEditsLog = 'stats/dataEdits'
|
|||
const dailyDataCountFile = 'stats/dailyDataCount'
|
||||
const usersDBPath = 'data/dbs/users.db'
|
||||
|
||||
const maxVeteranPwGetCount = 5
|
||||
|
||||
if (!utils.FileExists(usersDBPath)) {
|
||||
throw new Error('No user DB exists yet! please run utils/dbSetup.js first!')
|
||||
}
|
||||
|
|
@ -67,7 +69,12 @@ app.set('views', [
|
|||
])
|
||||
app.use(auth({
|
||||
authDB: authDB,
|
||||
jsonResponse: true
|
||||
jsonResponse: true,
|
||||
exceptions: [
|
||||
'favicon',
|
||||
'/login',
|
||||
'/getveteranpw'
|
||||
]
|
||||
}))
|
||||
app.use(express.static('public'))
|
||||
app.use(busboy({
|
||||
|
|
@ -106,6 +113,118 @@ Load()
|
|||
|
||||
// -------------------------------------------------------------
|
||||
|
||||
app.post('/getpw', function (req, res) {
|
||||
logger.LogReq(req)
|
||||
|
||||
const requestingUser = req.session.user
|
||||
|
||||
if (requestingUser.avaiblePWRequests <= 0) {
|
||||
res.json({
|
||||
result: 'error',
|
||||
msg: 'Too many passwords requested or cant request password yet, try later'
|
||||
})
|
||||
logger.Log(`User #${requestingUser.id} requested too much passwords`, logger.GetColor('cyan'))
|
||||
return
|
||||
}
|
||||
|
||||
dbtools.Update(authDB, 'users', {
|
||||
avaiblePWRequests: requestingUser.avaiblePWRequests - 1,
|
||||
pwRequestCount: requestingUser.pwRequestCount + 1
|
||||
}, {
|
||||
id: requestingUser.id
|
||||
})
|
||||
|
||||
const pw = uuidv4()
|
||||
const insertRes = dbtools.Insert(authDB, 'users', {
|
||||
pw: pw,
|
||||
created: new Date().toString()
|
||||
})
|
||||
|
||||
logger.Log(`User #${requestingUser.id} creted new user #${insertRes.lastInsertRowid}`, logger.GetColor('cyan'))
|
||||
|
||||
console.log(requestingUser)
|
||||
|
||||
res.json({
|
||||
result: 'success',
|
||||
pw: pw,
|
||||
remaining: requestingUser.avaiblePWRequests - 1
|
||||
})
|
||||
})
|
||||
|
||||
app.post('/getveteranpw', function (req, res) {
|
||||
logger.LogReq(req)
|
||||
const ip = req.headers['cf-connecting-ip'] || req.connection.remoteAddress
|
||||
|
||||
const tries = dbtools.Select(authDB, 'veteranPWRequests', {
|
||||
ip: ip
|
||||
})[0]
|
||||
|
||||
if (tries) {
|
||||
if (tries.count > maxVeteranPwGetCount) {
|
||||
res.json({
|
||||
result: 'error',
|
||||
msg: 'Too many tries'
|
||||
})
|
||||
logger.Log(`Too many veteran PW requests from ${ip}!`, logger.GetColor('cyan'))
|
||||
return
|
||||
} else {
|
||||
dbtools.Update(authDB, 'veteranPWRequests', {
|
||||
count: tries.count + 1,
|
||||
lastDate: new Date().toString()
|
||||
}, {
|
||||
id: tries.id
|
||||
})
|
||||
}
|
||||
} else {
|
||||
dbtools.Insert(authDB, 'veteranPWRequests', {
|
||||
ip: ip,
|
||||
lastDate: new Date().toString()
|
||||
})
|
||||
}
|
||||
|
||||
const oldUserID = req.body.cid
|
||||
if (!oldUserID) {
|
||||
res.json({
|
||||
result: 'error',
|
||||
msg: 'No CID recieved'
|
||||
})
|
||||
logger.Log(`No client ID recieved`, logger.GetColor('cyan'))
|
||||
return
|
||||
}
|
||||
|
||||
const user = dbtools.Select(authDB, 'users', {
|
||||
oldCID: oldUserID
|
||||
})[0]
|
||||
|
||||
if (user) {
|
||||
if (user.pwGotFromCID === 0) {
|
||||
logger.Log(`Sent password to veteran user #${user.id}`, logger.GetColor('cyan'))
|
||||
dbtools.Update(authDB, 'users', {
|
||||
pwGotFromCID: 1
|
||||
}, {
|
||||
id: user.id
|
||||
})
|
||||
|
||||
res.json({
|
||||
result: 'success',
|
||||
pw: user.pw
|
||||
})
|
||||
} else {
|
||||
logger.Log(`Veteran user #${user.id} already requested password`, logger.GetColor('cyan'))
|
||||
res.json({
|
||||
result: 'error',
|
||||
msg: 'Password already requested once'
|
||||
})
|
||||
}
|
||||
} else {
|
||||
logger.Log(`Invalid password request with CID: ${oldUserID}`, logger.GetColor('cyan'))
|
||||
res.json({
|
||||
result: 'error',
|
||||
msg: 'no such CID'
|
||||
})
|
||||
}
|
||||
})
|
||||
|
||||
app.post('/login', (req, res) => {
|
||||
logger.LogReq(req)
|
||||
const pw = req.body.pw
|
||||
|
|
@ -430,15 +549,26 @@ app.post('*', function (req, res) {
|
|||
res.status(404).render('404')
|
||||
})
|
||||
|
||||
exports.app = app
|
||||
exports.dailyAction = () => {
|
||||
function ExportDailyDataCount () {
|
||||
utils.AppendToFile(JSON.stringify({
|
||||
date: new Date(),
|
||||
subjectCount: data.Subjects.length,
|
||||
questionCOunt: data.Subjects.reduce((acc, subj) => {
|
||||
return acc + subj.Questions.length
|
||||
}, 0)
|
||||
}, 0),
|
||||
userCount: dbtools.TableInfo(authDB, 'users').dataCount
|
||||
}), dailyDataCountFile)
|
||||
}
|
||||
|
||||
exports.app = app
|
||||
exports.cleanup = () => {
|
||||
logger.Log('Closing Auth DB')
|
||||
authDB.close()
|
||||
}
|
||||
exports.dailyAction = () => {
|
||||
ExportDailyDataCount()
|
||||
|
||||
// TODO: selectAll from users, check if date is more than x, and increment every y
|
||||
}
|
||||
|
||||
logger.Log('API module started', logger.GetColor('yellow'))
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue