2019-09-28 21:43:25 -05:00
|
|
|
import * as express from "express";
|
|
|
|
import * as njk from "nunjucks";
|
|
|
|
import * as bodyparser from "body-parser";
|
2019-10-17 16:01:35 -05:00
|
|
|
import * as socketio from "socket.io";
|
|
|
|
import * as http from "http";
|
2019-12-03 19:51:14 -06:00
|
|
|
import * as cookies from "cookie-parser";
|
2019-10-20 16:09:28 -05:00
|
|
|
import * as dirty from "dirty";
|
2019-12-07 21:23:50 -06:00
|
|
|
import * as socketSpam from "socket-anti-spam";
|
2019-09-28 21:43:25 -05:00
|
|
|
import * as api from "./api";
|
|
|
|
import * as db from "./database";
|
2020-06-27 02:36:45 -05:00
|
|
|
import * as chatInteg from "./chat";
|
2019-12-21 08:59:35 -06:00
|
|
|
import { config } from "./config";
|
2019-12-05 16:19:07 -06:00
|
|
|
import { readdir, readFileSync, writeFileSync } from "fs";
|
2019-12-03 19:51:14 -06:00
|
|
|
import { JWT, JWK } from "jose";
|
|
|
|
import { strict } from "assert";
|
|
|
|
import { parse } from "path";
|
2019-12-04 19:06:56 -06:00
|
|
|
import { isBuffer } from "util";
|
2019-09-28 21:43:25 -05:00
|
|
|
|
2019-10-17 16:01:35 -05:00
|
|
|
const app = express();
|
|
|
|
const server = http.createServer(app);
|
|
|
|
const io = socketio(server);
|
2019-10-20 16:09:28 -05:00
|
|
|
const store = dirty();
|
2019-12-07 21:23:50 -06:00
|
|
|
var banlist;
|
2019-12-03 19:51:14 -06:00
|
|
|
var jwkey;
|
|
|
|
try{
|
|
|
|
jwkey = JWK.asKey(readFileSync('./config/jwt.pem'));
|
2019-12-21 08:59:35 -06:00
|
|
|
console.log('Found key for JWT signing.');
|
2019-12-03 19:51:14 -06:00
|
|
|
} catch (e) {
|
|
|
|
console.log("No key found for JWT signing, generating one now.");
|
|
|
|
jwkey = JWK.generateSync('RSA', 2048, { use: 'sig' });
|
|
|
|
writeFileSync('./config/jwt.pem', jwkey.toPEM(true));
|
|
|
|
}
|
2019-09-28 21:43:25 -05:00
|
|
|
var njkconf;
|
|
|
|
|
2019-12-21 08:59:35 -06:00
|
|
|
async function init(){
|
2019-09-28 21:43:25 -05:00
|
|
|
njk.configure('templates', {
|
2019-12-03 19:51:14 -06:00
|
|
|
autoescape : true,
|
|
|
|
express : app,
|
2019-12-04 17:36:48 -06:00
|
|
|
watch : false
|
2019-09-28 21:43:25 -05:00
|
|
|
});
|
2019-12-21 08:59:35 -06:00
|
|
|
njkconf = {
|
|
|
|
sitename: config['satyr']['name'],
|
|
|
|
domain: config['satyr']['domain'],
|
|
|
|
email: config['satyr']['email'],
|
|
|
|
rootredirect: config['satyr']['rootredirect'],
|
|
|
|
version: config['satyr']['version']
|
2019-09-28 21:43:25 -05:00
|
|
|
};
|
2019-12-03 19:51:14 -06:00
|
|
|
app.use(cookies());
|
2019-09-28 21:43:25 -05:00
|
|
|
app.use(bodyparser.json());
|
|
|
|
app.use(bodyparser.urlencoded({ extended: true }));
|
2019-12-21 08:59:35 -06:00
|
|
|
if(config['http']['hsts']){
|
2019-12-05 16:08:50 -06:00
|
|
|
app.use((req, res, next) => {
|
|
|
|
res.append('Strict-Transport-Security', 'max-age=5184000');
|
|
|
|
next();
|
|
|
|
});
|
|
|
|
}
|
|
|
|
app.disable('x-powered-by');
|
2019-10-05 14:34:57 -05:00
|
|
|
//site handlers
|
2019-12-21 08:59:35 -06:00
|
|
|
await initSite(config['satyr']['registration']);
|
2019-12-03 19:51:14 -06:00
|
|
|
//api handlers
|
|
|
|
await initAPI();
|
|
|
|
//static files if nothing else matches first
|
2019-12-21 08:59:35 -06:00
|
|
|
app.use(express.static(config['http']['directory']));
|
2019-12-03 19:51:14 -06:00
|
|
|
//404 Handler
|
|
|
|
app.use(function (req, res, next) {
|
|
|
|
if(tryDecode(req.cookies.Authorization)) {
|
|
|
|
res.status(404).render('404.njk', Object.assign({auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
|
|
|
|
}
|
|
|
|
else res.status(404).render('404.njk', njkconf);
|
|
|
|
//res.status(404).render('404.njk', njkconf);
|
|
|
|
});
|
2019-12-07 21:23:50 -06:00
|
|
|
banlist = new dirty('./config/bans.db').on('load', () => {initChat()});
|
2019-12-21 08:59:35 -06:00
|
|
|
server.listen(config['http']['port']);
|
2019-12-03 19:51:14 -06:00
|
|
|
}
|
|
|
|
|
2019-12-07 21:23:50 -06:00
|
|
|
async function newNick(socket, skip?: boolean, i?: number) {
|
2019-12-03 19:51:14 -06:00
|
|
|
if(socket.handshake.headers['cookie'] && !skip){
|
|
|
|
let c = await parseCookie(socket.handshake.headers['cookie']);
|
|
|
|
let t = await validToken(c['Authorization']);
|
2019-12-07 21:23:50 -06:00
|
|
|
if(t) {
|
2019-12-21 16:58:40 -06:00
|
|
|
store.set(t['username'], [].concat(store.get(t['username']), socket.id).filter(item => item !== undefined));
|
2019-12-07 21:23:50 -06:00
|
|
|
return t['username'];
|
|
|
|
}
|
2019-12-03 19:51:14 -06:00
|
|
|
}
|
2019-12-07 21:23:50 -06:00
|
|
|
if(!i) i = 10;
|
|
|
|
let n: string = 'Guest'+Math.floor(Math.random() * Math.floor(i));
|
|
|
|
if(store.get(n)) return newNick(socket, true, Math.floor(i * 10));
|
2019-12-03 19:51:14 -06:00
|
|
|
else {
|
|
|
|
store.set(n, socket.id);
|
|
|
|
return n;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-12-04 19:06:56 -06:00
|
|
|
async function chgNick(socket, nick, f?: boolean) {
|
2019-12-03 19:51:14 -06:00
|
|
|
let rooms = Object.keys(socket.rooms);
|
|
|
|
for(let i=1;i<rooms.length;i++){
|
|
|
|
io.to(rooms[i]).emit('ALERT', socket.nick+' is now known as '+nick);
|
|
|
|
}
|
2019-12-21 16:16:50 -06:00
|
|
|
if(store.get(socket.nick)) {
|
|
|
|
if(Array.isArray(store.get(socket.nick))) store.set(socket.nick, store.get(socket.nick).filter(item => item !== socket.id));
|
|
|
|
else store.rm(socket.nick);
|
|
|
|
}
|
2019-12-21 16:58:40 -06:00
|
|
|
if(f) store.set(nick, [].concat(store.get(nick), [socket.id]).filter(item => item !== undefined));
|
|
|
|
else store.set(nick, socket.id);
|
2019-12-03 19:51:14 -06:00
|
|
|
socket.nick = nick;
|
|
|
|
}
|
|
|
|
|
|
|
|
async function genToken(u: string){
|
|
|
|
return await JWT.sign({
|
|
|
|
username: u
|
|
|
|
}, jwkey, {
|
|
|
|
expiresIn: '1 week',
|
|
|
|
iat: true,
|
|
|
|
kid: false
|
|
|
|
});//set jwt
|
|
|
|
}
|
|
|
|
|
|
|
|
async function validToken(t: any){
|
|
|
|
try {
|
|
|
|
let token = JWT.verify(t, jwkey);
|
|
|
|
return token;
|
|
|
|
}
|
|
|
|
catch (err){
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
function tryDecode(t: any){
|
|
|
|
try {
|
|
|
|
return JWT.decode(t);
|
|
|
|
}
|
|
|
|
catch (err){
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
async function parseCookie(c){
|
|
|
|
if(typeof(c) !== 'string' || !c.includes('=')) return {};
|
|
|
|
return Object.assign({[c.split('=')[0].trim()]:c.split('=')[1].split(';')[0].trim()}, await parseCookie(c.split(/;(.+)/)[1]));
|
|
|
|
}
|
|
|
|
|
|
|
|
async function initAPI() {
|
|
|
|
app.get('/api/users/live', (req, res) => {
|
|
|
|
db.query('select username,title from user_meta where live=1 limit 10;').then((result) => {
|
|
|
|
res.send(result);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
app.get('/api/users/live/:num', (req, res) => {
|
|
|
|
if(req.params.num > 50) req.params.num = 50;
|
|
|
|
db.query('select username,title from user_meta where live=1 limit '+req.params.num+';').then((result) => {
|
|
|
|
res.send(result);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
app.post('/api/register', (req, res) => {
|
|
|
|
api.register(req.body.username, req.body.password, req.body.confirm).then( (result) => {
|
|
|
|
if(result[0]) return genToken(req.body.username).then((t) => {
|
2019-12-05 16:08:50 -06:00
|
|
|
res.cookie('Authorization', t, {maxAge: 604800000, httpOnly: true, sameSite: 'Lax'});
|
2019-12-03 19:51:14 -06:00
|
|
|
res.send(result);
|
|
|
|
return;
|
|
|
|
});
|
|
|
|
res.send(result);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
app.post('/api/user/update', (req, res) => {
|
|
|
|
validToken(req.cookies.Authorization).then((t) => {
|
|
|
|
if(t) {
|
2020-06-27 10:21:00 -05:00
|
|
|
if(req.body.record === "true") req.body.record = true;
|
|
|
|
else if(req.body.record === "false") req.body.record = false;
|
2019-12-03 19:51:14 -06:00
|
|
|
return api.update({name: t['username'],
|
|
|
|
title: "title" in req.body ? req.body.title : false,
|
|
|
|
bio: "bio" in req.body ? req.body.bio : false,
|
|
|
|
rec: "record" in req.body ? req.body.record : "NA"
|
|
|
|
}).then((r) => {
|
|
|
|
res.send(r);
|
|
|
|
return;
|
|
|
|
});
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
res.send('{"error":"invalid token"}');
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
});
|
|
|
|
/*api.update(req.body.username, req.body.password, req.body.title, req.body.bio, req.body.record).then((result) => {
|
|
|
|
res.send(result);
|
|
|
|
});*/
|
|
|
|
});
|
2020-06-26 06:07:33 -05:00
|
|
|
app.post('/api/user/update/chat', (req, res) => {
|
|
|
|
validToken(req.cookies.Authorization).then((t) => {
|
|
|
|
if(t) {
|
|
|
|
return api.updateChat({name: t['username'],
|
|
|
|
discord: "discord" in req.body ? req.body.discord : false,
|
|
|
|
xmpp: "xmpp" in req.body ? req.body.xmpp : false,
|
|
|
|
twitch: "twitch" in req.body ? req.body.twitch : false,
|
|
|
|
irc: "irc" in req.body ? req.body.irc : false,
|
|
|
|
}).then((r) => {
|
|
|
|
res.send(r);
|
|
|
|
return;
|
|
|
|
});
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
res.send('{"error":"invalid token"}');
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
});
|
|
|
|
/*api.update(req.body.username, req.body.password, req.body.title, req.body.bio, req.body.record).then((result) => {
|
|
|
|
res.send(result);
|
|
|
|
});*/
|
|
|
|
});
|
2020-06-27 08:34:09 -05:00
|
|
|
app.post('/api/user/vods/delete', (req, res) => {
|
|
|
|
if(req.body.vlist === undefined || req.body.vlist === null || req.body.vlist === []){
|
|
|
|
res.send('{"error":"no vods specified"}');
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
validToken(req.cookies.Authorization).then((t) => {
|
|
|
|
if(t) {
|
|
|
|
//token is valid, process deletion request
|
|
|
|
return api.deleteVODs(req.body.vlist, t['username']).then((r)=> {
|
|
|
|
res.send(r)
|
|
|
|
return;
|
|
|
|
});
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
res.send('{"error":"invalid token"}');
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
});
|
|
|
|
});
|
2019-12-03 19:51:14 -06:00
|
|
|
app.post('/api/user/password', (req, res) => {
|
|
|
|
validToken(req.cookies.Authorization).then((t) => {
|
|
|
|
if(t) {
|
|
|
|
return api.changepwd(t['username'], req.body.password, req.body.newpassword).then((r) => {
|
|
|
|
res.send(r);
|
|
|
|
return;
|
|
|
|
});
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
res.send('{"error":"invalid token"}');
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
});
|
|
|
|
});
|
|
|
|
app.post('/api/user/streamkey', (req, res) => {
|
|
|
|
validToken(req.cookies.Authorization).then((t) => {
|
|
|
|
if(t) {
|
|
|
|
api.changesk(t['username']).then((r) => {
|
|
|
|
res.send(r);
|
|
|
|
});
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
res.send('{"error":"invalid token"}');
|
|
|
|
}
|
|
|
|
});
|
|
|
|
});
|
|
|
|
app.post('/api/login', (req, res) => {
|
|
|
|
if(req.cookies.Authorization) validToken(req.cookies.Authorization).then((t) => {
|
|
|
|
if(t) {
|
|
|
|
if(t['exp'] - 86400 < Math.floor(Date.now() / 1000)){
|
|
|
|
return genToken(t['username']).then((t) => {
|
2019-12-05 16:08:50 -06:00
|
|
|
res.cookie('Authorization', t, {maxAge: 604800000, httpOnly: true, sameSite: 'Lax'});
|
2019-12-03 19:51:14 -06:00
|
|
|
res.send('{"success":""}');
|
|
|
|
return;
|
|
|
|
});
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
res.send('{"success":"already verified"}');
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
res.send('{"error":"invalid token"}');
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
});
|
|
|
|
else {
|
|
|
|
api.login(req.body.username, req.body.password).then((result) => {
|
|
|
|
if(!result){
|
|
|
|
genToken(req.body.username).then((t) => {
|
2019-12-05 16:08:50 -06:00
|
|
|
res.cookie('Authorization', t, {maxAge: 604800000, httpOnly: true, sameSite: 'Lax'});
|
2019-12-03 19:51:14 -06:00
|
|
|
res.send('{"success":""}');
|
|
|
|
})
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
res.send(result);
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
async function initSite(openReg) {
|
2019-09-28 21:43:25 -05:00
|
|
|
app.get('/', (req, res) => {
|
2019-10-05 14:34:57 -05:00
|
|
|
res.redirect(njkconf.rootredirect);
|
2019-09-28 21:43:25 -05:00
|
|
|
});
|
|
|
|
app.get('/about', (req, res) => {
|
2019-12-03 19:51:14 -06:00
|
|
|
if(tryDecode(req.cookies.Authorization)) {
|
|
|
|
res.render('about.njk', Object.assign({auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
|
|
|
|
}
|
|
|
|
else res.render('about.njk',njkconf);
|
2019-09-28 21:43:25 -05:00
|
|
|
});
|
2019-10-05 14:34:57 -05:00
|
|
|
app.get('/users', (req, res) => {
|
|
|
|
db.query('select username from users').then((result) => {
|
2019-12-03 19:51:14 -06:00
|
|
|
if(tryDecode(req.cookies.Authorization)) {
|
|
|
|
res.render('list.njk', Object.assign({list: result}, {auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
|
|
|
|
}
|
|
|
|
else res.render('list.njk', Object.assign({list: result}, njkconf));
|
|
|
|
//res.render('list.njk', Object.assign({list: result}, njkconf));
|
2019-10-05 14:34:57 -05:00
|
|
|
});
|
|
|
|
});
|
|
|
|
app.get('/users/live', (req, res) => {
|
|
|
|
db.query('select username,title from user_meta where live=1;').then((result) => {
|
2019-12-03 19:51:14 -06:00
|
|
|
if(tryDecode(req.cookies.Authorization)) {
|
|
|
|
res.render('live.njk', Object.assign({list: result}, {auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
|
|
|
|
}
|
|
|
|
else res.render('live.njk', Object.assign({list: result}, njkconf));
|
|
|
|
//res.render('live.njk', Object.assign({list: result}, njkconf));
|
2019-10-05 14:34:57 -05:00
|
|
|
});
|
|
|
|
});
|
2019-12-03 19:51:14 -06:00
|
|
|
app.get('/users/:user', (req, res) => {
|
|
|
|
db.query('select username,title,about from user_meta where username='+db.raw.escape(req.params.user)).then((result) => {
|
2019-10-05 14:34:57 -05:00
|
|
|
if(result[0]){
|
2019-12-03 19:51:14 -06:00
|
|
|
if(tryDecode(req.cookies.Authorization)) {
|
|
|
|
res.render('user.njk', Object.assign(result[0], {auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
|
|
|
|
}
|
|
|
|
else res.render('user.njk', Object.assign(result[0], njkconf));
|
|
|
|
//res.render('user.njk', Object.assign(result[0], njkconf));
|
2019-10-05 14:34:57 -05:00
|
|
|
}
|
2019-12-03 19:51:14 -06:00
|
|
|
else if(tryDecode(req.cookies.Authorization)) {
|
|
|
|
res.status(404).render('404.njk', Object.assign({auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
|
|
|
|
}
|
|
|
|
else res.status(404).render('404.njk', njkconf);
|
2019-10-05 14:34:57 -05:00
|
|
|
});
|
2019-09-28 21:43:25 -05:00
|
|
|
});
|
2020-06-27 08:34:09 -05:00
|
|
|
app.get('/vods/:user/manage', (req, res) => {
|
|
|
|
db.query('select username from user_meta where username='+db.raw.escape(req.params.user)).then((result) => {
|
|
|
|
if(result[0]){
|
|
|
|
readdir('./site/live/'+result[0].username, {withFileTypes: true} , (err, files) => {
|
|
|
|
if(tryDecode(req.cookies.Authorization)) {
|
|
|
|
res.render('managevods.njk', Object.assign({user: result[0].username, list: files.filter(fn => fn.name.endsWith('.mp4'))}, {auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
|
|
|
|
}
|
|
|
|
else res.redirect('/login');
|
|
|
|
//res.render('vods.njk', Object.assign({user: result[0].username, list: files.filter(fn => fn.name.endsWith('.mp4'))}, njkconf));
|
|
|
|
});
|
|
|
|
}
|
|
|
|
else if(tryDecode(req.cookies.Authorization)) {
|
|
|
|
res.status(404).render('404.njk', Object.assign({auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
|
|
|
|
}
|
|
|
|
else res.status(404).render('404.njk', njkconf);
|
|
|
|
});
|
|
|
|
});
|
2019-12-03 19:51:14 -06:00
|
|
|
app.get('/vods/:user', (req, res) => {
|
|
|
|
db.query('select username from user_meta where username='+db.raw.escape(req.params.user)).then((result) => {
|
2019-10-05 14:34:57 -05:00
|
|
|
if(result[0]){
|
2019-12-05 16:19:07 -06:00
|
|
|
readdir('./site/live/'+result[0].username, {withFileTypes: true} , (err, files) => {
|
2019-12-03 19:51:14 -06:00
|
|
|
if(tryDecode(req.cookies.Authorization)) {
|
|
|
|
res.render('vods.njk', Object.assign({user: result[0].username, list: files.filter(fn => fn.name.endsWith('.mp4'))}, {auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
|
|
|
|
}
|
|
|
|
else res.render('vods.njk', Object.assign({user: result[0].username, list: files.filter(fn => fn.name.endsWith('.mp4'))}, njkconf));
|
|
|
|
//res.render('vods.njk', Object.assign({user: result[0].username, list: files.filter(fn => fn.name.endsWith('.mp4'))}, njkconf));
|
2019-10-05 14:34:57 -05:00
|
|
|
});
|
|
|
|
}
|
2019-12-03 19:51:14 -06:00
|
|
|
else if(tryDecode(req.cookies.Authorization)) {
|
|
|
|
res.status(404).render('404.njk', Object.assign({auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
|
|
|
|
}
|
|
|
|
else res.status(404).render('404.njk', njkconf);
|
2019-10-05 14:34:57 -05:00
|
|
|
});
|
|
|
|
});
|
2019-12-03 19:51:14 -06:00
|
|
|
app.get('/login', (req, res) => {
|
|
|
|
if(tryDecode(req.cookies.Authorization)) {
|
2019-12-04 17:36:48 -06:00
|
|
|
res.redirect('/profile');
|
2019-12-03 19:51:14 -06:00
|
|
|
}
|
|
|
|
else res.render('login.njk',njkconf);
|
|
|
|
});
|
2019-10-05 14:34:57 -05:00
|
|
|
app.get('/register', (req, res) => {
|
2019-12-03 19:51:14 -06:00
|
|
|
if(tryDecode(req.cookies.Authorization) || !openReg) {
|
|
|
|
res.redirect(njkconf.rootredirect);
|
|
|
|
}
|
|
|
|
else res.render('registration.njk',njkconf);
|
2019-09-28 21:43:25 -05:00
|
|
|
});
|
2019-10-05 14:34:57 -05:00
|
|
|
app.get('/profile', (req, res) => {
|
2019-12-03 19:51:14 -06:00
|
|
|
if(tryDecode(req.cookies.Authorization)) {
|
2020-06-26 05:32:05 -05:00
|
|
|
db.query('select * from user_meta where username='+db.raw.escape(JWT.decode(req.cookies.Authorization)['username'])).then((result) => {
|
2020-06-27 10:21:00 -05:00
|
|
|
db.query('select record_flag from users where username='+db.raw.escape(JWT.decode(req.cookies.Authorization)['username'])).then((r2) => {
|
|
|
|
res.render('profile.njk', Object.assign({rflag: r2[0]}, {meta: result[0]}, {auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
|
|
|
|
});
|
2020-06-26 05:32:05 -05:00
|
|
|
});
|
|
|
|
//res.render('profile.njk', Object.assign({auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
|
|
|
|
}
|
|
|
|
else res.redirect('/login');
|
|
|
|
});
|
|
|
|
app.get('/profile/chat', (req, res) => {
|
|
|
|
if(tryDecode(req.cookies.Authorization)) {
|
|
|
|
db.query('select * from chat_integration where username='+db.raw.escape(JWT.decode(req.cookies.Authorization)['username'])).then((result) => {
|
|
|
|
res.render('chat_integ.njk', Object.assign({integ: result[0]}, {auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
|
|
|
|
});
|
|
|
|
//res.render('chat_integ.njk', Object.assign({auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
|
2019-12-03 19:51:14 -06:00
|
|
|
}
|
2019-12-04 17:36:48 -06:00
|
|
|
else res.redirect('/login');
|
2019-10-05 14:34:57 -05:00
|
|
|
});
|
|
|
|
app.get('/changepwd', (req, res) => {
|
2019-12-03 19:51:14 -06:00
|
|
|
if(tryDecode(req.cookies.Authorization)) {
|
|
|
|
res.render('changepwd.njk', Object.assign({auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
|
|
|
|
}
|
2019-12-04 17:36:48 -06:00
|
|
|
else res.redirect('/login');
|
2019-10-05 14:34:57 -05:00
|
|
|
});
|
2019-10-20 16:09:28 -05:00
|
|
|
app.get('/chat', (req, res) => {
|
|
|
|
res.render('chat.html', njkconf);
|
|
|
|
});
|
2019-11-05 16:30:15 -06:00
|
|
|
app.get('/help', (req, res) => {
|
2019-12-03 19:51:14 -06:00
|
|
|
if(tryDecode(req.cookies.Authorization)) {
|
|
|
|
res.render('help.njk', Object.assign({auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
|
|
|
|
}
|
|
|
|
else res.render('help.njk',njkconf);
|
2019-10-05 14:34:57 -05:00
|
|
|
});
|
2019-12-03 19:51:14 -06:00
|
|
|
}
|
|
|
|
|
2019-12-07 21:23:50 -06:00
|
|
|
async function initChat() {
|
2019-12-21 08:59:35 -06:00
|
|
|
//set a cookie to request same nick
|
|
|
|
|
2019-10-17 16:01:35 -05:00
|
|
|
//socket.io chat logic
|
2019-10-20 16:09:28 -05:00
|
|
|
io.on('connection', async (socket) => {
|
|
|
|
socket.nick = await newNick(socket);
|
|
|
|
socket.on('JOINROOM', async (data) => {
|
|
|
|
let t: any = await db.query('select username from users where username='+db.raw.escape(data));
|
|
|
|
if(t[0]){
|
2019-12-08 17:18:31 -06:00
|
|
|
if(banlist.get(data) && banlist.get(data)[socket['handshake']['address']]){
|
|
|
|
if(Math.floor(banlist.get(data)[socket['handshake']['address']]['time'] + (banlist.get(data)[socket['handshake']['address']]['length'] * 60)) < Math.floor(Date.now() / 1000)){
|
|
|
|
banlist.set(data, Object.assign({}, banlist.get(data), {[socket['handshake']['address']]: null}));
|
2019-12-07 21:23:50 -06:00
|
|
|
}
|
|
|
|
else {
|
|
|
|
socket.emit('ALERT', 'You are banned from that room');
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
2019-10-20 16:09:28 -05:00
|
|
|
socket.join(data);
|
2020-06-26 04:07:37 -05:00
|
|
|
io.to(data).emit('JOINED', {nick: socket.nick, room: data});
|
2019-10-20 16:09:28 -05:00
|
|
|
}
|
|
|
|
else socket.emit('ALERT', 'Room does not exist');
|
|
|
|
});
|
2019-12-04 19:06:56 -06:00
|
|
|
socket.on('LIST', (data) => {
|
|
|
|
let str = "";
|
|
|
|
let client;
|
|
|
|
io.in(data.room).clients((err, clients) => {
|
|
|
|
if(err) throw err;
|
|
|
|
if(clients === []) {
|
|
|
|
socket.emit('LIST', 'The room is empty.');
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
for(let i=0;i<clients.length;i++) {
|
|
|
|
str += io.sockets.connected[clients[i]].nick+', ';
|
|
|
|
}
|
|
|
|
socket.emit('LIST', str.substring(0, str.length - 2));
|
|
|
|
});
|
|
|
|
});
|
2019-10-20 16:09:28 -05:00
|
|
|
socket.on('LEAVEROOM', (data) => {
|
2020-06-26 04:07:37 -05:00
|
|
|
io.to(data).emit('LEFT', {nick: socket.nick, room: data});
|
2019-10-20 16:09:28 -05:00
|
|
|
socket.leave(data);
|
|
|
|
});
|
|
|
|
socket.on('disconnecting', (reason) => {
|
|
|
|
let rooms = Object.keys(socket.rooms);
|
|
|
|
for(let i=1;i<rooms.length;i++){
|
|
|
|
io.to(rooms[i]).emit('ALERT', socket.nick+' disconnected');
|
|
|
|
}
|
2019-12-21 16:16:50 -06:00
|
|
|
if(Array.isArray(store.get(socket.nick))) {
|
|
|
|
store.set(socket.nick, store.get(socket.nick).filter(item => item !== socket.id))
|
|
|
|
if(store.get(socket.nick) !== [])
|
|
|
|
return;
|
|
|
|
}
|
2019-10-20 16:09:28 -05:00
|
|
|
store.rm(socket.nick);
|
|
|
|
});
|
|
|
|
socket.on('NICK', async (data) => {
|
|
|
|
data.nick = data.nick.replace(' ','');
|
|
|
|
let user = await db.query('select username from users where username='+db.raw.escape(data.nick));
|
|
|
|
if(user[0]){
|
|
|
|
if(!data.password){
|
|
|
|
socket.emit('ALERT','Incorrect username or password');
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
if(await db.validatePassword(data.nick, data.password)){
|
2019-12-04 19:06:56 -06:00
|
|
|
chgNick(socket, data.nick, true);
|
2019-10-20 16:09:28 -05:00
|
|
|
}
|
|
|
|
else socket.emit('ALERT','Incorrect username or password');
|
|
|
|
}
|
|
|
|
else {
|
2019-12-07 21:23:50 -06:00
|
|
|
if(store.get(data.nick)){
|
|
|
|
socket.emit('ALERT', 'Nickname is already in use');
|
|
|
|
return false;
|
|
|
|
}
|
2019-10-20 16:09:28 -05:00
|
|
|
chgNick(socket, data.nick);
|
|
|
|
}
|
|
|
|
});
|
2020-06-26 04:07:37 -05:00
|
|
|
socket.on('MSG', (data: object) => {
|
|
|
|
if(data['msg'] === "" || !data['msg'].replace(/\s/g, '').length) return;
|
|
|
|
if(socket.rooms[data['room']]) io.to(data['room']).emit('MSG', {nick: socket.nick, msg: data['msg'], room: data['room']});
|
2020-06-27 02:36:45 -05:00
|
|
|
chatInteg.sendAll(data['room'], [socket.nick, data['msg']], "web");
|
2019-10-20 16:09:28 -05:00
|
|
|
});
|
|
|
|
socket.on('KICK', (data) => {
|
|
|
|
if(socket.nick === data.room){
|
|
|
|
//find client with data.nick
|
|
|
|
let id: string = store.get(data.nick);
|
|
|
|
if(id){
|
2019-12-21 16:16:50 -06:00
|
|
|
if(Array.isArray(id)) {
|
2019-12-21 16:58:40 -06:00
|
|
|
for(let i=0;i<id.length;i++){
|
|
|
|
io.sockets.connected[id[i]].leave(data.room);
|
|
|
|
}
|
|
|
|
io.in(data.room).emit('ALERT', data.nick+' has been kicked.');
|
2019-12-21 16:16:50 -06:00
|
|
|
return;
|
|
|
|
}
|
2019-10-20 16:09:28 -05:00
|
|
|
let target = io.sockets.connected[id];
|
|
|
|
io.in(data.room).emit('ALERT', data.nick+' has been kicked.');
|
2019-12-21 16:58:40 -06:00
|
|
|
target.leave(data.room);
|
2019-10-20 16:09:28 -05:00
|
|
|
}
|
|
|
|
else socket.emit('ALERT', 'No such user found.');
|
|
|
|
}
|
|
|
|
else socket.emit('ALERT', 'Not authorized to do that.');
|
|
|
|
});
|
2019-12-07 21:23:50 -06:00
|
|
|
socket.on('BAN', (data: Object) => {
|
|
|
|
if(socket.nick === data['room']){
|
|
|
|
let id: string = store.get(data['nick']);
|
|
|
|
if(id){
|
2019-12-21 16:16:50 -06:00
|
|
|
if(Array.isArray(id)) {
|
2019-12-21 16:58:40 -06:00
|
|
|
for(let i=0;i<id.length;i++){
|
2019-12-21 16:16:50 -06:00
|
|
|
let target = io.sockets.connected[id[i]];
|
|
|
|
if(typeof(data['time']) === 'number' && (data['time'] !== 0 && data['time'] !== NaN)) banlist.set(data['room'], Object.assign({}, banlist.get(data['room']), {[target.ip]: {time: Math.floor(Date.now() / 1000), length: data['time']}}));
|
|
|
|
else banlist.set(data['room'], Object.assign({}, banlist.get(data['room']), {[target.ip]: {time: Math.floor(Date.now() / 1000), length: 30}}));
|
|
|
|
target.leave(data['room']);
|
|
|
|
}
|
|
|
|
io.to(data['room']).emit('ALERT', data['nick']+' was banned.');
|
|
|
|
return;
|
|
|
|
}
|
2019-12-07 21:23:50 -06:00
|
|
|
let target = io.sockets.connected[id];
|
2019-12-21 16:16:50 -06:00
|
|
|
if(typeof(data['time']) === 'number' && (data['time'] !== 0 && data['time'] !== NaN)) banlist.set(data['room'], Object.assign({}, banlist.get(data['room']), {[target.ip]: {time: Math.floor(Date.now() / 1000), length: data['time']}}));
|
2019-12-08 17:18:31 -06:00
|
|
|
else banlist.set(data['room'], Object.assign({}, banlist.get(data['room']), {[target.ip]: {time: Math.floor(Date.now() / 1000), length: 30}}));
|
2019-12-21 16:16:50 -06:00
|
|
|
target.leave(data['room']);
|
2019-12-07 21:23:50 -06:00
|
|
|
io.to(data['room']).emit('ALERT', target.nick+' was banned.');
|
|
|
|
}
|
|
|
|
else socket.emit('ALERT', 'No such user found.');
|
|
|
|
}
|
|
|
|
else socket.emit('ALERT', 'Not authorized to do that.');
|
|
|
|
});
|
|
|
|
socket.on('UNBAN', (data: Object) => {
|
|
|
|
if(socket.nick === data['room']){
|
|
|
|
if(banlist.get(data['room']) && banlist.get(data['room'])[data['ip']]){
|
2019-12-08 17:18:31 -06:00
|
|
|
banlist.set(data['room'], Object.assign({}, banlist.get(data['room']), {[data['ip']]: null}));
|
2019-12-07 21:23:50 -06:00
|
|
|
socket.emit('ALERT', data['ip']+' was unbanned.');
|
|
|
|
}
|
|
|
|
else
|
|
|
|
socket.emit('ALERT', 'That IP is not banned.');
|
|
|
|
}
|
|
|
|
else socket.emit('ALERT', 'Not authorized to do that.');
|
|
|
|
});
|
|
|
|
socket.on('LISTBAN', (data: Object) => {
|
|
|
|
if(socket.nick === data['room']){
|
|
|
|
if(banlist.get(data['room'])) {
|
|
|
|
let bans = Object.keys(banlist.get(data['room']));
|
|
|
|
let str = '';
|
|
|
|
for(let i=0;i<bans.length;i++){
|
|
|
|
str += bans[i]+', ';
|
|
|
|
}
|
|
|
|
socket.emit('ALERT', 'Banned IP adresses: '+str.substring(0, str.length - 2));
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
socket.emit('ALERT', 'No one is banned from this room');
|
|
|
|
}
|
|
|
|
else socket.emit('ALERT', 'Not authorized to do that.');
|
|
|
|
});
|
|
|
|
});
|
|
|
|
//socketio spam
|
|
|
|
const socketAS = new socketSpam({
|
|
|
|
banTime: 20,
|
|
|
|
kickThreshold: 10,
|
|
|
|
kickTimesBeforeBan: 3,
|
|
|
|
banning: true,
|
|
|
|
io: io
|
|
|
|
});
|
|
|
|
socketAS.event.on('ban', (socket) => {
|
|
|
|
let rooms = Object.keys(socket.rooms);
|
|
|
|
for(let i=1;i<rooms.length;i++){
|
|
|
|
io.to(rooms[i]).emit('ALERT', socket.nick+' was banned.');
|
|
|
|
}
|
|
|
|
store.rm(socket.nick);
|
2019-10-17 16:01:35 -05:00
|
|
|
});
|
2019-10-20 16:09:28 -05:00
|
|
|
}
|
|
|
|
|
2020-06-27 02:36:45 -05:00
|
|
|
export { init, io };
|