BDEMetz
/
bde-liste
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

bruuhuhuh

master
asyncnomi 3 years ago
parent
69e7960233
commit
3c6e2e3780
3 changed files with 208 additions and 47 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 179
      index.js
  2. 18
      static/index.html
  3. 58
      static/js/main.js

179
index.js
View File

@ -1,8 +1,10 @@
const fastify = require('fastify')({ logger: true })
const fs = require('fs');
const path = require('path')
var LdapAuth = require('ldapauth-fork');
const CryptoJS = require("crypto-js");
// var LdapAuth = require('ldapauth-fork');
var usersBdd = "usersBdd.txt";
var prankPath = "prankdata.txt";
var activityPath = "activitydata.txt";
var treasurePath = "treasuredata.txt";
@ -10,6 +12,8 @@ var goldenUsersPath = "goldenusers.txt";
initFs();
let UsersBDD = JSON.parse(fs.readFileSync(usersBdd));
let PrankData = JSON.parse(fs.readFileSync(prankPath));
let ActivityData = JSON.parse(fs.readFileSync(activityPath));
let TreasureData = JSON.parse(fs.readFileSync(treasurePath));
@ -20,19 +24,19 @@ let TokenDurationSecond = 3600;
let MaxAmountCrepe = 10;
let Supplements = ["nature", "sucre", "nutella", "confiture"];
var ldapConf = JSON.parse(fs.readFileSync("ldap-conf.json"));
var LDAP = new LdapAuth({
url: 'ldap://10.5.0.44',
bindDN: 'cn='+ ldapConf.bindUser +',ou=service-users,dc=ldap,dc=rezo-rm,dc=fr',
bindCredentials: ldapConf.bindPassword,
searchBase: 'dc=ldap,dc=rezo-rm,dc=fr',
searchFilter: '(uid={{username}})',
reconnect: true,
});
LDAP.on('error', function (err) {
console.error('LdapAuth: ', err);
});
ldapConf = null;
// var ldapConf = JSON.parse(fs.readFileSync("ldap-conf.json"));
// var LDAP = new LdapAuth({
// url: 'ldap://10.5.0.44',
// bindDN: 'cn='+ ldapConf.bindUser +',ou=service-users,dc=ldap,dc=rezo-rm,dc=fr',
// bindCredentials: ldapConf.bindPassword,
// searchBase: 'dc=ldap,dc=rezo-rm,dc=fr',
// searchFilter: '(uid={{username}})',
// reconnect: true,
// });
// LDAP.on('error', function (err) {
// console.error('LdapAuth: ', err);
// });
// ldapConf = null;
fastify.addContentTypeParser('application/json', {
parseAs: 'string'
@ -55,31 +59,119 @@ fastify.get('/', async (request, reply) => {
reply.redirect('/index.html')
})
// fastify.post('/login', async (request, reply) => {
// let content = request.body;
// if (content.hasOwnProperty("user")
// && content.hasOwnProperty("password")) {
// let res = await authenticate(content.user, content.password);
// if (res.authState) {
// let now = new Date();
// UsersToken[res.authUser.uid] = {
// token: makeid(64),
// expire: now.setSeconds(now.getSeconds() + TokenDurationSecond)
// }
// return {
// success: true,
// user: {
// uid: res.authUser.uid,
// givenName: res.authUser.givenName,
// isAdmin: AdminUsersUid.includes(res.authUser.uid)
// },
// token: UsersToken[res.authUser.uid].token
// }
// } else {
// return {
// success: false,
// why: "Wrong username or password"
// }
// }
// } else {
// return {
// success: false,
// why: "The username or password is missing"
// }
// }
// })
fastify.post('/login', async (request, reply) => {
let content = request.body;
if (content.hasOwnProperty("user")
&& content.hasOwnProperty("password")) {
let res = await authenticate(content.user, content.password);
if (res.authState) {
if (UsersBDD.hasOwnProperty(content.user) {
var hash;
try {
hash = CryptoJS.SHA512(content.password).toString();
} catch {
return {
success: false,
why: "Wrong username or password"
}
}
if (hash === UsersBDD[content.user].password) {
let now = new Date();
UsersToken[content.user] = {
token: makeid(64),
expire: now.setSeconds(now.getSeconds() + TokenDurationSecond)
}
return {
success: true,
user: {
uid: content.user,
isAdmin: AdminUsersUid.includes(content.user)
},
token: UsersToken[res.authUser.uid].token
}
} else {
return {
success: false,
why: "Wrong username or password"
}
}
}
} else {
return {
success: false,
why: "The username or password is missing"
}
}
})
fastify.post('/register', async (request, reply) => {
let content = request.body;
if (content.hasOwnProperty("user")
&& content.hasOwnProperty("password")) {
if (UsersBDD.hasOwnProperty(content.user) {
return {
success: false,
why: "This user already exists"
}
} else {
var hash;
try {
hash = CryptoJS.SHA512(content.password).toString();
} catch {
return {
success: false,
why: "What are you doing bruh ??"
}
}
UsersBDD[content.user] = {
password: hash
}
saveData(usersBdd, UsersBDD);
let now = new Date();
UsersToken[res.authUser.uid] = {
UsersToken[content.user] = {
token: makeid(64),
expire: now.setSeconds(now.getSeconds() + TokenDurationSecond)
}
return {
success: true,
user: {
uid: res.authUser.uid,
givenName: res.authUser.givenName,
isAdmin: AdminUsersUid.includes(res.authUser.uid)
uid: content.user,
isAdmin: AdminUsersUid.includes(content.user)
},
token: UsersToken[res.authUser.uid].token
}
} else {
return {
success: false,
why: "Wrong username or password"
}
}
} else {
return {
@ -624,23 +716,23 @@ function saveData(path, data) {
fs.writeFileSync(path, JSON.stringify(data));
}
function authenticate(user, pwd) {
return new Promise((resolve, reject) => {
LDAP.authenticate(user, pwd, function(err, user) {
if (user && err == null) {
resolve({
authState: true,
authUser: user
});
} else {
resolve({
authState: false,
authUser: null
});
}
});
})
}
// function authenticate(user, pwd) {
// return new Promise((resolve, reject) => {
// LDAP.authenticate(user, pwd, function(err, user) {
// if (user && err == null) {
// resolve({
// authState: true,
// authUser: user
// });
// } else {
// resolve({
// authState: false,
// authUser: null
// });
// }
// });
// })
// }
function checkAuthetification(content) {
if (content.hasOwnProperty("uid")
@ -716,6 +808,9 @@ function checkManage(content, input, data) {
}
function initFs() {
if (!fs.existsSync(usersBdd)) {
fs.writeFileSync(usersBdd, "{}");
}
if (!fs.existsSync(prankPath)) {
fs.writeFileSync(prankPath, "{}");
}

18
static/index.html
View File

@ -93,6 +93,7 @@
</div> <!-- end admin page -->
<div class="container" id="login-page" style="display: none;">
<p>Connection</p>
<div class="column-section">
<div id="login-form">
<div class="form-group">
@ -109,6 +110,23 @@
</div>
</div>
</div>
<p>Inscription</p>
<div class="column-section">
<div id="register-form">
<div class="form-group">
<input type="text" class="form-control" placeholder="Nom d'espion" name="login" id="register-user"/>
</div>
<div class="form-group">
<input type="password" class="form-control" placeholder="Mot de passe secret" name="password" id="register-password" />
</div>
<div class="form-group">
<button type="submit" class="btn btn-primary" id="register-button">S'inscrire</button>
</div>
<div class="form-group">
<p id="error-message-register"></p>
</div>
</div>
</div>
<hr/>
<div class="row banner">
<h2>Notice pour l'espion</h2>

58
static/js/main.js
View File

@ -15,12 +15,12 @@ function show_page(id, historyPush) {
for(i in page) {
$(page[i]).hide().removeClass("away");
}
$hs = $(history.state).show();
if(!historyPush)
$hs.addClass('away');
$id = $(id).show();
if(!historyPush) {
history.pushState(id, "", "")
@ -77,6 +77,54 @@ $("#login-button").click(function (e) {
});
$("#register-button").click(function (e) {
var data = JSON.stringify({
user: $("#register-user").val(),
password: $("#register-password").val()
});
$("#register-password").val('');
$.ajax({
type: "POST",
url: base_url + "register",
data: data,
contentType: "application/json; charset=utf-8",
dataType: "json",
success: function (data) {
if(data.success) {
localStorage.setItem("token", data.token);
localStorage.setItem("user", data.user.uid);
localStorage.setItem("isAdmin", data.user.isAdmin);
if (data.user.isAdmin) {
show_page('#admin-page');
get_admin("prank");
} else {
show_page('#demande-page');
}
} else {
$('#error-message-register').empty();
t = new TypeIt('#error-message-register', {
speed: 110,
lifeLike: true
})
.type(data.why)
.go();
}
},
error: function(e, status, i) {
$('#error-message-register').empty();
t = new TypeIt('#error-message-register', {
speed: 110,
lifeLike: true
})
.type(status)
.go();
}
});
});
$("#prank-button").click(function () {
if (localStorage.getItem('token')) {
show_page('#demande-page');
@ -563,7 +611,7 @@ function updateDemandes() {
contentType: "application/json; charset=utf-8",
dataType: "json",
success: function (data) {
success: function (data) {
if(data.success) {
$('#demande-list').html('');
let pd = data.prankData;
@ -593,7 +641,7 @@ function updateDemandes() {
uid: localStorage.getItem('user'),
token: localStorage.getItem('token'),
prankUid: pd_uid
}),
contentType: "application/json; charset=utf-8",
dataType: "json",
@ -690,7 +738,7 @@ $(window).on("load", function() {
var time = b[1];
var days = b[0];
var t = time.split(":").map(t => parseInt(t));
t[2] -= 1;
if (t[2] < 0) {
t[2] = 59;

Write Preview
Loading…
Cancel
Save