BDEMetz
/
bde-liste
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

bruuhuhuh

master
asyncnomi 3 years ago
parent
69e7960233
commit
3c6e2e3780
3 changed files with 208 additions and 47 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 179
      index.js
  2. 18
      static/index.html
  3. 58
      static/js/main.js

179
index.js
View File

@ -1,8 +1,10 @@
const fastify = require('fastify')({ logger: true }) const fastify = require('fastify')({ logger: true })
const fs = require('fs'); const fs = require('fs');
const path = require('path') const path = require('path')
var LdapAuth = require('ldapauth-fork'); const CryptoJS = require("crypto-js");
// var LdapAuth = require('ldapauth-fork');
var usersBdd = "usersBdd.txt";
var prankPath = "prankdata.txt"; var prankPath = "prankdata.txt";
var activityPath = "activitydata.txt"; var activityPath = "activitydata.txt";
var treasurePath = "treasuredata.txt"; var treasurePath = "treasuredata.txt";
@ -10,6 +12,8 @@ var goldenUsersPath = "goldenusers.txt";
initFs(); initFs();
let UsersBDD = JSON.parse(fs.readFileSync(usersBdd));
let PrankData = JSON.parse(fs.readFileSync(prankPath)); let PrankData = JSON.parse(fs.readFileSync(prankPath));
let ActivityData = JSON.parse(fs.readFileSync(activityPath)); let ActivityData = JSON.parse(fs.readFileSync(activityPath));
let TreasureData = JSON.parse(fs.readFileSync(treasurePath)); let TreasureData = JSON.parse(fs.readFileSync(treasurePath));
@ -20,19 +24,19 @@ let TokenDurationSecond = 3600;
let MaxAmountCrepe = 10; let MaxAmountCrepe = 10;
let Supplements = ["nature", "sucre", "nutella", "confiture"]; let Supplements = ["nature", "sucre", "nutella", "confiture"];
var ldapConf = JSON.parse(fs.readFileSync("ldap-conf.json")); // var ldapConf = JSON.parse(fs.readFileSync("ldap-conf.json"));
var LDAP = new LdapAuth({ // var LDAP = new LdapAuth({
url: 'ldap://10.5.0.44', // url: 'ldap://10.5.0.44',
bindDN: 'cn='+ ldapConf.bindUser +',ou=service-users,dc=ldap,dc=rezo-rm,dc=fr', // bindDN: 'cn='+ ldapConf.bindUser +',ou=service-users,dc=ldap,dc=rezo-rm,dc=fr',
bindCredentials: ldapConf.bindPassword, // bindCredentials: ldapConf.bindPassword,
searchBase: 'dc=ldap,dc=rezo-rm,dc=fr', // searchBase: 'dc=ldap,dc=rezo-rm,dc=fr',
searchFilter: '(uid={{username}})', // searchFilter: '(uid={{username}})',
reconnect: true, // reconnect: true,
}); // });
LDAP.on('error', function (err) { // LDAP.on('error', function (err) {
console.error('LdapAuth: ', err); // console.error('LdapAuth: ', err);
}); // });
ldapConf = null; // ldapConf = null;
fastify.addContentTypeParser('application/json', { fastify.addContentTypeParser('application/json', {
parseAs: 'string' parseAs: 'string'
@ -55,31 +59,119 @@ fastify.get('/', async (request, reply) => {
reply.redirect('/index.html') reply.redirect('/index.html')
}) })
// fastify.post('/login', async (request, reply) => {
// let content = request.body;
// if (content.hasOwnProperty("user")
// && content.hasOwnProperty("password")) {
// let res = await authenticate(content.user, content.password);
// if (res.authState) {
// let now = new Date();
// UsersToken[res.authUser.uid] = {
// token: makeid(64),
// expire: now.setSeconds(now.getSeconds() + TokenDurationSecond)
// }
// return {
// success: true,
// user: {
// uid: res.authUser.uid,
// givenName: res.authUser.givenName,
// isAdmin: AdminUsersUid.includes(res.authUser.uid)
// },
// token: UsersToken[res.authUser.uid].token
// }
// } else {
// return {
// success: false,
// why: "Wrong username or password"
// }
// }
// } else {
// return {
// success: false,
// why: "The username or password is missing"
// }
// }
// })
fastify.post('/login', async (request, reply) => { fastify.post('/login', async (request, reply) => {
let content = request.body; let content = request.body;
if (content.hasOwnProperty("user") if (content.hasOwnProperty("user")
&& content.hasOwnProperty("password")) { && content.hasOwnProperty("password")) {
let res = await authenticate(content.user, content.password); if (UsersBDD.hasOwnProperty(content.user) {
if (res.authState) { var hash;
try {
hash = CryptoJS.SHA512(content.password).toString();
} catch {
return {
success: false,
why: "Wrong username or password"
}
}
if (hash === UsersBDD[content.user].password) {
let now = new Date();
UsersToken[content.user] = {
token: makeid(64),
expire: now.setSeconds(now.getSeconds() + TokenDurationSecond)
}
return {
success: true,
user: {
uid: content.user,
isAdmin: AdminUsersUid.includes(content.user)
},
token: UsersToken[res.authUser.uid].token
}
} else {
return {
success: false,
why: "Wrong username or password"
}
}
}
} else {
return {
success: false,
why: "The username or password is missing"
}
}
})
fastify.post('/register', async (request, reply) => {
let content = request.body;
if (content.hasOwnProperty("user")
&& content.hasOwnProperty("password")) {
if (UsersBDD.hasOwnProperty(content.user) {
return {
success: false,
why: "This user already exists"
}
} else {
var hash;
try {
hash = CryptoJS.SHA512(content.password).toString();
} catch {
return {
success: false,
why: "What are you doing bruh ??"
}
}
UsersBDD[content.user] = {
password: hash
}
saveData(usersBdd, UsersBDD);
let now = new Date(); let now = new Date();
UsersToken[res.authUser.uid] = { UsersToken[content.user] = {
token: makeid(64), token: makeid(64),
expire: now.setSeconds(now.getSeconds() + TokenDurationSecond) expire: now.setSeconds(now.getSeconds() + TokenDurationSecond)
} }
return { return {
success: true, success: true,
user: { user: {
uid: res.authUser.uid, uid: content.user,
givenName: res.authUser.givenName, isAdmin: AdminUsersUid.includes(content.user)
isAdmin: AdminUsersUid.includes(res.authUser.uid)
}, },
token: UsersToken[res.authUser.uid].token token: UsersToken[res.authUser.uid].token
} }
} else {
return {
success: false,
why: "Wrong username or password"
}
} }
} else { } else {
return { return {
@ -624,23 +716,23 @@ function saveData(path, data) {
fs.writeFileSync(path, JSON.stringify(data)); fs.writeFileSync(path, JSON.stringify(data));
} }
function authenticate(user, pwd) { // function authenticate(user, pwd) {
return new Promise((resolve, reject) => { // return new Promise((resolve, reject) => {
LDAP.authenticate(user, pwd, function(err, user) { // LDAP.authenticate(user, pwd, function(err, user) {
if (user && err == null) { // if (user && err == null) {
resolve({ // resolve({
authState: true, // authState: true,
authUser: user // authUser: user
}); // });
} else { // } else {
resolve({ // resolve({
authState: false, // authState: false,
authUser: null // authUser: null
}); // });
} // }
}); // });
}) // })
} // }
function checkAuthetification(content) { function checkAuthetification(content) {
if (content.hasOwnProperty("uid") if (content.hasOwnProperty("uid")
@ -716,6 +808,9 @@ function checkManage(content, input, data) {
} }
function initFs() { function initFs() {
if (!fs.existsSync(usersBdd)) {
fs.writeFileSync(usersBdd, "{}");
}
if (!fs.existsSync(prankPath)) { if (!fs.existsSync(prankPath)) {
fs.writeFileSync(prankPath, "{}"); fs.writeFileSync(prankPath, "{}");
} }

18
static/index.html
View File

@ -93,6 +93,7 @@
</div> <!-- end admin page --> </div> <!-- end admin page -->
<div class="container" id="login-page" style="display: none;"> <div class="container" id="login-page" style="display: none;">
<p>Connection</p>
<div class="column-section"> <div class="column-section">
<div id="login-form"> <div id="login-form">
<div class="form-group"> <div class="form-group">
@ -109,6 +110,23 @@
</div> </div>
</div> </div>
</div> </div>
<p>Inscription</p>
<div class="column-section">
<div id="register-form">
<div class="form-group">
<input type="text" class="form-control" placeholder="Nom d'espion" name="login" id="register-user"/>
</div>
<div class="form-group">
<input type="password" class="form-control" placeholder="Mot de passe secret" name="password" id="register-password" />
</div>
<div class="form-group">
<button type="submit" class="btn btn-primary" id="register-button">S'inscrire</button>
</div>
<div class="form-group">
<p id="error-message-register"></p>
</div>
</div>
</div>
<hr/> <hr/>
<div class="row banner"> <div class="row banner">
<h2>Notice pour l'espion</h2> <h2>Notice pour l'espion</h2>

58
static/js/main.js
View File

@ -15,12 +15,12 @@ function show_page(id, historyPush) {
for(i in page) { for(i in page) {
$(page[i]).hide().removeClass("away"); $(page[i]).hide().removeClass("away");
} }
$hs = $(history.state).show(); $hs = $(history.state).show();
if(!historyPush) if(!historyPush)
$hs.addClass('away'); $hs.addClass('away');
$id = $(id).show(); $id = $(id).show();
if(!historyPush) { if(!historyPush) {
history.pushState(id, "", "") history.pushState(id, "", "")
@ -77,6 +77,54 @@ $("#login-button").click(function (e) {
}); });
$("#register-button").click(function (e) {
var data = JSON.stringify({
user: $("#register-user").val(),
password: $("#register-password").val()
});
$("#register-password").val('');
$.ajax({
type: "POST",
url: base_url + "register",
data: data,
contentType: "application/json; charset=utf-8",
dataType: "json",
success: function (data) {
if(data.success) {
localStorage.setItem("token", data.token);
localStorage.setItem("user", data.user.uid);
localStorage.setItem("isAdmin", data.user.isAdmin);
if (data.user.isAdmin) {
show_page('#admin-page');
get_admin("prank");
} else {
show_page('#demande-page');
}
} else {
$('#error-message-register').empty();
t = new TypeIt('#error-message-register', {
speed: 110,
lifeLike: true
})
.type(data.why)
.go();
}
},
error: function(e, status, i) {
$('#error-message-register').empty();
t = new TypeIt('#error-message-register', {
speed: 110,
lifeLike: true
})
.type(status)
.go();
}
});
});
$("#prank-button").click(function () { $("#prank-button").click(function () {
if (localStorage.getItem('token')) { if (localStorage.getItem('token')) {
show_page('#demande-page'); show_page('#demande-page');
@ -563,7 +611,7 @@ function updateDemandes() {
contentType: "application/json; charset=utf-8", contentType: "application/json; charset=utf-8",
dataType: "json", dataType: "json",
success: function (data) { success: function (data) {
if(data.success) { if(data.success) {
$('#demande-list').html(''); $('#demande-list').html('');
let pd = data.prankData; let pd = data.prankData;
@ -593,7 +641,7 @@ function updateDemandes() {
uid: localStorage.getItem('user'), uid: localStorage.getItem('user'),
token: localStorage.getItem('token'), token: localStorage.getItem('token'),
prankUid: pd_uid prankUid: pd_uid
}), }),
contentType: "application/json; charset=utf-8", contentType: "application/json; charset=utf-8",
dataType: "json", dataType: "json",
@ -690,7 +738,7 @@ $(window).on("load", function() {
var time = b[1]; var time = b[1];
var days = b[0]; var days = b[0];
var t = time.split(":").map(t => parseInt(t)); var t = time.split(":").map(t => parseInt(t));
t[2] -= 1; t[2] -= 1;
if (t[2] < 0) { if (t[2] < 0) {
t[2] = 59; t[2] = 59;

Write Preview
Loading…
Cancel
Save