/* ----------------------------------------------------------------------------
Question Server
GitLab: <https://gitlab.com/MrFry/mrfrys-node-server>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
------------------------------------------------------------------------- */
const express = require('express')
const bodyParser = require('body-parser')
const busboy = require('connect-busboy')
const cookieParser = require('cookie-parser')
const uuidv4 = require('uuid/v4') // TODO: deprecated, but imports are not supported
const fs = require('fs')
const app = express()
// const http = require('http')
// const https = require('https')
const logger = require('../../utils/logger.js')
const utils = require('../../utils/utils.js')
const actions = require('../../utils/actions.js')
const dbtools = require('../../utils/dbtools.js')
const auth = require('../../middlewares/auth.middleware.js')
const recivedFiles = 'public/recivedfiles'
const uloadFiles = 'public/f'
const dataFile = 'public/data.json'
const msgFile = 'stats/msgs'
const motdFile = 'public/motd'
const versionFile = 'public/version'
const passwordFile = 'data/dataEditorPasswords.json'
const dataEditsLog = 'stats/dataEdits'
const dailyDataCountFile = 'stats/dailyDataCount'
const usersDBPath = 'data/dbs/users.db'
if (!utils.FileExists(usersDBPath)) {
throw new Error('No user DB exists yet! please run utils/dbSetup.js first!')
}
const authDB = dbtools.GetDB(usersDBPath)
const cookieSecret = uuidv4()
app.use(cookieParser(cookieSecret))
app.use(bodyParser.urlencoded({
limit: '10mb',
extended: true
}))
app.use(bodyParser.json({
limit: '10mb'
}))
app.set('view engine', 'ejs')
app.set('views', [
'./modules/api/views',
'./sharedViews'
])
app.use(auth({
authDB: authDB,
jsonResponse: true
}))
app.use(express.static('public'))
app.use(busboy({
limits: {
fileSize: 50000 * 1024 * 1024
}
}))
var data = actions.LoadJSON(dataFile)
var version = ''
var motd = ''
function LoadVersion () {
version = utils.ReadFile(versionFile)
}
function LoadMOTD () {
motd = utils.ReadFile(motdFile)
}
function Load () {
utils.WatchFile(motdFile, (newData) => {
logger.Log(`Motd changed: ${newData.replace(/\/n/g, '')}`)
LoadMOTD()
})
utils.WatchFile(versionFile, (newData) => {
logger.Log(`Version changed: ${newData.replace(/\/n/g, '')}`)
LoadVersion()
})
LoadVersion()
LoadMOTD()
}
Load()
// -------------------------------------------------------------
app.post('/login', (req, res) => {
logger.LogReq(req)
const pw = req.body.pw
const ip = req.headers['cf-connecting-ip'] || req.connection.remoteAddress
const user = dbtools.Select(authDB, 'users', {
pw: pw
})[0]
if (user) {
const sessionID = uuidv4()
// FIXME: Users now can only log in in one session, this might be too strict.
const existingSessions = dbtools.Select(authDB, 'sessions', {
userID: user.id
})
if (existingSessions.length > 0) {
logger.Log(`Multiple sessions ( ${existingSessions.length} ) for #${user.id}, deleting olds`, logger.GetColor('cyan'))
existingSessions.forEach((sess) => {
dbtools.Delete(authDB, 'sessions', {
id: sess.id
})
})
}
dbtools.Update(authDB, 'users', {
loginCount: user.loginCount + 1,
lastIP: ip,
lastLogin: new Date().toString()
}, {
id: user.id
})
dbtools.Insert(authDB, 'sessions', {
id: sessionID,
ip: ip,
userID: user.id,
createDate: new Date().toString()
})
// TODO: cookie age
res.cookie('sessionID', sessionID)
res.json({
result: 'success',
sessionID: sessionID
})
logger.Log(`Successfull login with user ID: #${user.id}`, logger.GetColor('cyan'))
} else {
logger.Log(`Login attempt with invalid pw: ${pw}`, logger.GetColor('cyan'))
res.json({
msg: 'invalid pw'
})
}
})
app.post('/logout', (req, res) => {
logger.LogReq(req)
const sessionID = req.cookies.sessionID
// removing session from db
dbtools.Delete(authDB, 'sessions', {
id: sessionID
})
// TODO: remove old sessions every once in a while
res.clearCookie('sessionID').json({
result: 'success'
})
})
// --------------------------------------------------------------
app.get('/', function (req, res) {
logger.LogReq(req)
res.redirect('https://www.youtube.com/watch?v=ieqGJgqiXFk')
})
app.post('/postfeedbackfile', function (req, res) {
UploadFile(req, res, uloadFiles, (fn) => {
res.json({ success: true })
})
logger.LogReq(req)
logger.Log('New feedback file', logger.GetColor('bluebg'), true)
})
app.post('/postfeedback', function (req, res) {
logger.LogReq(req)
logger.Log('New feedback message', logger.GetColor('bluebg'), true)
utils.AppendToFile(logger.GetDateString() + ':\n' + JSON.stringify(req.body), msgFile)
res.json({ success: true })
})
function UploadFile (req, res, path, next) {
try {
var fstream
req.pipe(req.busboy)
req.busboy.on('file', function (fieldname, file, filename) {
logger.Log('Uploading: ' + filename, logger.GetColor('blue'))
utils.CreatePath(path, true)
let d = new Date()
let fn = d.getHours() + '' + d.getMinutes() + '' + d.getSeconds() + '_' + filename
fstream = fs.createWriteStream(path + '/' + fn)
file.pipe(fstream)
fstream.on('close', function () {
logger.Log('Upload Finished of ' + path + '/' + fn, logger.GetColor('blue'))
next(fn)
})
fstream.on('error', function (err) {
console.log(err)
res.end('something bad happened :s')
})
})
} catch (e) {
logger.Log(`Unable to upload file!`, logger.GetColor('redbg'))
console.log(e)
}
}
app.route('/fosuploader').post(function (req, res, next) {
UploadFile(req, res, uloadFiles, (fn) => {
res.redirect('/f/' + fn)
})
})
app.route('/badtestsender').post(function (req, res, next) {
UploadFile(req, res, recivedFiles, (fn) => {
res.redirect('back')
})
logger.LogReq(req)
})
app.get('/allqr.txt', function (req, res) {
res.set('Content-Type', 'text/plain')
res.send(data.toString())
res.end()
logger.LogReq(req)
})
// -------------------------------------------------------------------------------------------
// API
app.post('/uploaddata', (req, res) => {
// body: JSON.stringify({
// newData: data,
// count: getCount(data),
// initialCount: initialCount,
// password: password,
// editedQuestions: editedQuestions
// })
const { count, initialCount, editedQuestions, password, newData } = req.body
const respStatuses = {
invalidPass: 'invalidPass',
ok: 'ok',
error: 'error'
}
logger.LogReq(req)
try {
// finding user
const pwds = JSON.parse(utils.ReadFile(passwordFile))
let user = Object.keys(pwds).find((key) => {
const u = pwds[key]
return u.password === password
})
user = pwds[user]
// logging and stuff
logger.Log(`Data upload`, logger.GetColor('bluebg'))
logger.Log(`PWD: ${password}`, logger.GetColor('bluebg'))
// returning if user password is not ok
if (!user) {
logger.Log(`Data upload: invalid password ${password}`, logger.GetColor('red'))
utils.AppendToFile(logger.GetDateString() + '\n' + password + '(FAILED PASSWORD)\n' + JSON.stringify(editedQuestions) + '\n\n', dataEditsLog)
res.json({ status: respStatuses.invalidPass })
return
}
logger.Log(`Password accepted for ${user.name}`, logger.GetColor('bluebg'))
logger.Log(`Old Subjects/Questions: ${initialCount.subjectCount} / ${initialCount.questionCount} | New: ${count.subjectCount} / ${count.questionCount} | Edited question count: ${Object.keys(editedQuestions).length}`, logger.GetColor('bluebg'))
// saving detailed editedCount
utils.AppendToFile(logger.GetDateString() + '\n' + JSON.stringify(user) + '\n' + JSON.stringify(editedQuestions) + '\n\n', dataEditsLog)
// making backup
utils.CopyFile('./' + dataFile, `./public/backs/data_before_${user.name}_${new Date().toString().replace(/ /g, '_')}`)
logger.Log('Backup made')
// writing data
utils.WriteFile(JSON.stringify(newData), dataFile)
logger.Log('New data file written')
// reloading data file
data = actions.LoadJSON(dataFile)
// data = newData
logger.Log('Data set to newData')
res.json({
status: respStatuses.ok,
user: user.name
})
logger.Log('Data updating done!', logger.GetColor('bluebg'))
} catch (e) {
logger.Log(`Data upload error! `, logger.GetColor('redbg'))
console.error(e)
res.json({ status: respStatuses.error, msg: e.message })
}
})
app.post('/isAdding', function (req, res) {
logger.LogReq(req)
// automatically saves to dataFile every n write
// FIXME: req.body.datatoadd is for backwards compatibility, remove this sometime in the future
let result = actions.ProcessIncomingRequest(
req.body.datatoadd || req.body,
data,
{ motd, version }
)
res.json({
success: result !== -1,
newQuestions: result
})
})
app.get('/ask', function (req, res) {
if (Object.keys(req.query).length === 0) {
logger.DebugLog(`No query params`, 'ask', 1)
res.json({
message: `ask something! ?q=[question]&subj=[subject]&data=[question data]. 'subj' is optimal for faster result`,
result: [],
recievedData: JSON.stringify(req.query),
success: false
})
} else {
if (req.query.q && req.query.data) {
let subj = req.query.subj || ''
let question = req.query.q
let recData = {}
try {
recData = JSON.parse(req.query.data)
} catch (e) {
logger.Log(`Unable to parse recieved question data! '${req.query.data}'`, logger.GetColor('redbg'))
}
let r = data.Search(question, subj, recData)
res.json({
result: r,
success: true
})
logger.DebugLog(`Question result length: ${r.length}`, 'ask', 1)
logger.DebugLog(r, 'ask', 2)
} else {
logger.DebugLog(`Invalid question`, 'ask', 1)
res.json({
message: `Invalid question :(`,
result: [],
recievedData: JSON.stringify(req.query),
success: false
})
}
}
})
function getSimplreRes () {
return {
subjects: data.length,
questions: data.Subjects.reduce((acc, subj) => {
return acc + subj.length
}, 0)
}
}
function getDetailedRes () {
return data.Subjects.map((subj) => {
return {
name: subj.Name,
count: subj.length
}
})
}
app.get('/datacount', function (req, res) {
logger.LogReq(req)
if (req.query.detailed === 'all') {
res.json({
detailed: getDetailedRes(),
simple: getSimplreRes()
})
} else if (req.query.detailed) {
res.json(getDetailedRes())
} else {
res.json(getSimplreRes())
}
})
app.get('/infos', function (req, res) {
let result = {
result: 'success'
}
if (req.query.subjinfo) {
result.subjinfo = getSimplreRes()
}
if (req.query.version) {
result.version = version
}
if (req.query.motd) {
result.motd = motd
}
res.json(result)
})
// -------------------------------------------------------------------------------------------
app.get('*', function (req, res) {
res.status(404).render('404')
})
app.post('*', function (req, res) {
res.status(404).render('404')
})
exports.app = app
exports.dailyAction = () => {
utils.AppendToFile(JSON.stringify({
date: new Date(),
subjectCount: data.Subjects.length,
questionCOunt: data.Subjects.reduce((acc, subj) => {
return acc + subj.Questions.length
}, 0)
}), dailyDataCountFile)
}
logger.Log('API module started', logger.GetColor('yellow'))