bde-liste/index.js

730 lines
24 KiB
JavaScript
Raw Normal View History

2022-12-11 14:28:43 +00:00
const fastify = require('fastify')({ logger: true })
const fs = require('fs');
const path = require('path')
var LdapAuth = require('ldapauth-fork');
2022-12-11 15:08:47 +00:00
var prankPath = "prankdata.txt";
2022-12-15 09:22:14 +00:00
var activityPath = "activitydata.txt";
2022-12-15 15:23:33 +00:00
var treasurePath = "treasuredata.txt";
var goldenUsersPath = "goldenusers.txt";
2022-12-15 15:27:01 +00:00
initFs();
2022-12-15 15:23:33 +00:00
2022-12-11 17:59:41 +00:00
let PrankData = JSON.parse(fs.readFileSync(prankPath));
2022-12-15 09:22:14 +00:00
let ActivityData = JSON.parse(fs.readFileSync(activityPath));
2022-12-15 15:23:33 +00:00
let TreasureData = JSON.parse(fs.readFileSync(treasurePath));
let GoldenUsers = JSON.parse(fs.readFileSync(goldenUsersPath));
2022-12-14 11:52:59 +00:00
let AdminUsersUid = ["asyncnomi", "johan", "enthalpine", "fas", "arina", "billy", "remi", "pierre", "matmaz", "", "", ""];
2022-12-11 14:28:43 +00:00
let UsersToken = {};
let TokenDurationSecond = 3600;
2022-12-15 09:22:14 +00:00
let MaxAmountCrepe = 10;
let Supplements = ["nature", "sucre", "nutella", "confiture"];
2022-12-11 14:28:43 +00:00
2022-12-11 17:59:41 +00:00
var ldapConf = JSON.parse(fs.readFileSync("ldap-conf.json"));
var LDAP = new LdapAuth({
url: 'ldap://10.5.0.44',
bindDN: 'cn='+ ldapConf.bindUser +',ou=service-users,dc=ldap,dc=rezo-rm,dc=fr',
bindCredentials: ldapConf.bindPassword,
searchBase: 'dc=ldap,dc=rezo-rm,dc=fr',
searchFilter: '(uid={{username}})',
reconnect: true,
});
LDAP.on('error', function (err) {
console.error('LdapAuth: ', err);
});
2022-12-11 18:41:42 +00:00
ldapConf = null;
2022-12-11 14:28:43 +00:00
fastify.addContentTypeParser('application/json', {
parseAs: 'string'
}, function(req, body, done) {
try {
var json = JSON.parse(body)
done(null, json)
} catch (err) {
err.statusCode = 400
done(err, undefined)
}
})
fastify.register(require('@fastify/static'), {
root: path.join(__dirname, 'static'),
decorateReply: false
})
2022-12-11 15:53:20 +00:00
fastify.get('/', async (request, reply) => {
2022-12-11 15:55:44 +00:00
reply.redirect('/index.html')
2022-12-11 15:53:20 +00:00
})
2022-12-11 14:28:43 +00:00
fastify.post('/login', async (request, reply) => {
let content = request.body;
if (content.hasOwnProperty("user")
&& content.hasOwnProperty("password")) {
let res = await authenticate(content.user, content.password);
if (res.authState) {
let now = new Date();
UsersToken[res.authUser.uid] = {
token: makeid(64),
expire: now.setSeconds(now.getSeconds() + TokenDurationSecond)
}
return {
success: true,
user: {
uid: res.authUser.uid,
2022-12-21 22:37:53 +00:00
givenName: res.authUser.givenName,
2023-01-01 18:27:49 +00:00
isAdmin: AdminUsersUid.includes(res.authUser.uid)
2022-12-11 14:28:43 +00:00
},
token: UsersToken[res.authUser.uid].token
}
} else {
return {
success: false,
why: "Wrong username or password"
}
}
} else {
return {
success: false,
why: "The username or password is missing"
}
}
})
fastify.post('/addPrank', async (request, reply) => {
let content = request.body;
let auth = checkAuthetification(content);
if (auth.success) {
if ("type" in content) {
2022-12-15 09:22:14 +00:00
let prankUid = makeid(16);
if ("prankUid" in content) {
2022-12-15 15:23:33 +00:00
let prankExists = check(content, "prankUid", PrankData)
2022-12-15 09:22:14 +00:00
if (prankExists.success) {
if (PrankData[prankUid].state != "Pending") {
return {
success: false,
why: "You cannot edit already accepted prank request"
}
} else {
prankUid = content.prankUid;
}
} else {
return prankExists;
}
}
2022-12-11 14:28:43 +00:00
let note = ("note" in content) ? content.note : "N/A";
switch (content.type) {
case "crêpe":
if ("where" in content
2022-12-15 09:22:14 +00:00
&& "amount" in content
&& "supplement" in content) {
let amount = parseInt(content.amount)
2022-12-15 09:53:10 +00:00
if (!isNaN(amount)) {
2023-01-03 22:25:48 +00:00
if (Supplements.includes(content.supplement)) {
2022-12-15 09:53:10 +00:00
if (amount < MaxAmountCrepe) {
let prankUid = makeid(16);
PrankData[prankUid] = {
2023-01-01 20:40:58 +00:00
date: new Date(),
2022-12-15 09:53:10 +00:00
creator: content.uid,
type: content.type,
where: content.where,
amount: amount,
supplement: content.supplement,
note: content.note,
state: "Pending",
manageBy: null
}
saveData(prankPath, PrankData);
return {
2023-01-03 19:32:14 +00:00
success: true,
2022-12-15 09:53:10 +00:00
uid: prankUid,
prank: PrankData[prankUid]
}
} else {
return {
success: false,
why: "Too much"
}
}
} else {
return {
success: false,
why: "This supplement isn't available"
}
2022-12-15 09:22:14 +00:00
}
} else {
return {
success: false,
2022-12-15 09:53:10 +00:00
why: "Unable to parse the amount as integer"
2022-12-15 09:22:14 +00:00
}
2022-12-11 14:28:43 +00:00
}
} else {
return {
success: false,
2022-12-15 09:22:14 +00:00
why: "Missing amount, where or supplement"
2022-12-11 14:28:43 +00:00
}
}
break;
case "kidnap":
if ("targetUid" in content
&& "when" in content) {
let prankUid = makeid(16);
PrankData[prankUid] = {
creator: content.uid,
type: content.type,
targetUid: content.targetUid,
when: content.when,
note: content.note,
state: "Pending",
manageBy: null
}
2022-12-15 09:22:14 +00:00
saveData(prankPath, PrankData);
2022-12-11 14:28:43 +00:00
return {
2023-01-03 19:32:14 +00:00
success: true,
2022-12-11 14:28:43 +00:00
uid: prankUid,
2022-12-15 09:22:14 +00:00
prank: PrankData[prankUid]
2022-12-11 14:28:43 +00:00
}
} else {
return {
success: false,
why: "Missing amount or where"
}
}
break;
default:
return {
success: false,
why: "Unknow type"
}
}
} else {
return {
success: false,
why: "Missing type"
}
}
} else {
return auth
}
})
fastify.post('/delPrank', async (request, reply) => {
let content = request.body;
let auth = checkAuthetification(content);
if (auth.success) {
2022-12-15 15:23:33 +00:00
let prankExists = check(content, "prankUid", PrankData)
2022-12-11 14:28:43 +00:00
if (prankExists.success) {
2022-12-15 15:23:33 +00:00
if (PrankData[content.prankUid].creator === content.uid
&& PrankData[content.prankUid].state === "Pending") {
2022-12-11 14:28:43 +00:00
delete PrankData[content.prankUid];
2022-12-15 15:23:33 +00:00
saveData(prankPath, PrankData);
2022-12-11 14:28:43 +00:00
return {
success: true,
}
} else {
return {
success: false,
2022-12-15 15:23:33 +00:00
why: "You can't delete prank that aren't yours or those already Accepted or Refused"
2022-12-11 14:28:43 +00:00
}
}
} else {
return prankExists
}
} else {
return auth
}
})
fastify.post('/acceptPrank', async (request, reply) => {
let content = request.body;
2022-12-15 15:23:33 +00:00
let prankExists = checkManage(content, "prankUid", PrankData)
2022-12-11 14:28:43 +00:00
if (prankExists.success) {
PrankData[content.prankUid].state = "Accepted";
PrankData[content.prankUid].manageBy = content.uid;
2022-12-15 15:23:33 +00:00
saveData(prankPath, PrankData);
2022-12-11 14:28:43 +00:00
return {
success: true,
}
} else {
return prankExists
}
})
fastify.post('/donePrank', async (request, reply) => {
let content = request.body;
2022-12-15 15:23:33 +00:00
let prankExists = checkManage(content, "prankUid", PrankData)
2022-12-11 14:28:43 +00:00
if (prankExists.success) {
if (PrankData[content.prankUid].manageBy == content.uid) {
PrankData[content.prankUid].state = "Done";
2022-12-15 15:23:33 +00:00
saveData(prankPath, PrankData);
2022-12-11 14:28:43 +00:00
return {
success: true,
}
} else {
return {
success: false,
why: "Not allowed"
}
}
} else {
return prankExists
}
})
fastify.post('/refusePrank', async (request, reply) => {
let content = request.body;
2022-12-15 15:23:33 +00:00
let prankExists = checkManage(content, "prankUid", PrankData)
2022-12-11 14:28:43 +00:00
if (prankExists.success) {
PrankData[content.prankUid].state = "Refused";
PrankData[content.prankUid].manageBy = content.uid;
2022-12-15 15:23:33 +00:00
saveData(prankPath, PrankData);
2022-12-11 14:28:43 +00:00
return {
success: true,
}
} else {
return prankExists
}
})
2022-12-15 09:22:14 +00:00
fastify.post('/get', async (request, reply) => {
2022-12-11 14:28:43 +00:00
let content = request.body;
let auth = checkAuthetification(content);
if (auth.success) {
2022-12-15 09:22:14 +00:00
if ("type" in content) {
switch (content.type) {
case "prank":
if (AdminUsersUid.includes(content.uid)) {
return {
2023-01-03 19:32:14 +00:00
success: true,
2022-12-15 09:22:14 +00:00
prankData: PrankData
}
} else {
2022-12-15 15:23:33 +00:00
let prankData = {};
for (prank in PrankData) {
if (PrankData[prank].creator == content.uid) {
prankData[prank] = PrankData[prank];
}
}
2022-12-15 09:22:14 +00:00
return {
2022-12-15 15:23:33 +00:00
success: true,
prankData: prankData
2022-12-15 09:22:14 +00:00
}
}
break;
case "activity":
return {
2023-01-03 19:32:14 +00:00
success: true,
2022-12-15 13:34:25 +00:00
activityData: ActivityData
2022-12-15 09:22:14 +00:00
}
break;
2022-12-15 15:23:33 +00:00
case "treasure":
2023-01-02 22:33:43 +00:00
let treasureData = JSON.parse(JSON.stringify(TreasureData));
for (treasure in treasureData) {
treasureData[treasure].activity = ActivityData[treasureData[treasure].activity];
}
2022-12-15 15:23:33 +00:00
if (AdminUsersUid.includes(content.uid)) {
return {
2023-01-03 19:32:14 +00:00
success: true,
2023-01-02 22:33:43 +00:00
treasureData: treasureData
2022-12-15 15:23:33 +00:00
}
} else {
2023-01-02 22:33:43 +00:00
let treasureDataUser = {};
for (treasure in treasureData) {
if (treasureData[treasure].creator == content.uid) {
treasureDataUser[treasure] = treasureData[treasure];
2022-12-15 15:23:33 +00:00
}
}
return {
success: true,
2023-01-02 22:33:43 +00:00
treasureData: treasureDataUser
2022-12-15 15:23:33 +00:00
}
}
break;
2022-12-15 09:22:14 +00:00
default:
return {
success: false,
why: "Unknown type"
}
}
} else {
2022-12-11 14:28:43 +00:00
return {
2022-12-15 09:22:14 +00:00
success: false,
why: "Missing type"
}
}
} else {
return auth
}
})
fastify.post('/addActivity', async (request, reply) => {
let content = request.body;
let auth = checkAuthetification(content);
if (auth.success) {
if (AdminUsersUid.includes(content.uid)) {
2022-12-15 13:34:25 +00:00
if ("type" in content
&& "title" in content
2022-12-15 09:22:14 +00:00
&& "desc" in content
&& "start" in content
&& "where" in content) {
2022-12-15 15:23:33 +00:00
let activityUid = makeid(16);
2022-12-15 15:56:49 +00:00
if ("activityUid" in content) {
let activityExists = check(content, "activityUid", ActivityData)
if (activityExists.success) {
activityUid = content.activityUid;
} else {
return activityExists;
}
}
switch (content.type) {
case "event":
if ("end" in content) {
ActivityData[activityUid] = {
type: content.type,
title: content.title,
desc: content.desc,
start: content.start,
end: content.end,
where: content.where,
}
saveData(activityPath, ActivityData);
return {
2023-01-03 19:32:14 +00:00
success: true,
2022-12-15 15:56:49 +00:00
uid: activityUid,
activity: ActivityData[activityUid]
}
2022-12-15 13:34:25 +00:00
} else {
2022-12-15 15:56:49 +00:00
return {
success: false,
why: "Missing end"
}
}
break;
case "treasure":
ActivityData[activityUid] = {
type: content.type,
title: content.title,
desc: content.desc,
start: content.start,
where: content.where,
treasureState: "Pending"
}
saveData(activityPath, ActivityData);
return {
2023-01-03 19:32:14 +00:00
success: true,
2022-12-15 15:56:49 +00:00
uid: activityUid,
activity: ActivityData[activityUid]
}
break;
default:
return {
success: false,
why: "Unkonw type"
2022-12-15 13:34:25 +00:00
}
2022-12-15 09:22:14 +00:00
}
} else {
return {
success: false,
2022-12-15 13:34:25 +00:00
why: "Missing type, title, desc, start, end or where"
2022-12-15 09:22:14 +00:00
}
2022-12-11 14:28:43 +00:00
}
} else {
return {
success: false,
why: "Not Allowed"
}
}
2022-12-15 09:22:14 +00:00
}
})
fastify.post('/delActivity', async (request, reply) => {
2022-12-15 15:23:33 +00:00
let content = request.body;
let activityExists = checkManage(content, "activityUid", ActivityData)
if (activityExists.success) {
delete ActivityData[content.activityUid]
saveData(activityPath, ActivityData);
return {
success: true,
}
} else {
return activityExists
}
})
fastify.post('/sendTreasure', async (request, reply) => {
2022-12-15 09:22:14 +00:00
let content = request.body;
let auth = checkAuthetification(content);
if (auth.success) {
2022-12-15 15:23:33 +00:00
let activityExists = check(content, "activityUid", ActivityData)
if (activityExists.success) {
if ("image" in content
&& "desc" in content
&& "activityUid" in content) {
let treasureUid = makeid(16);
if ("treasureUid" in content) {
let treasureExists = check(content, "activityUid", ActivityData)
if (treasureExists.success) {
if (treasureData[treasureUid].state != "Pending"
&& treasureData[treasureUid].creator == content.uid) {
return {
success: false,
why: "You cannot edit already accepted or refused treasure request, or request form other people"
}
} else {
treasureUid = content.prankUid;
}
} else {
return treasureExists;
}
}
let activityExists = check(content, "activityUid", ActivityData)
if (activityExists.success) {
if (ActivityData[content.activityUid].type == "treasure") {
let imageUid = makeid(128);
fs.writeFileSync("static/images/"+imageUid, content.image);
TreasureData[treasureUid] = {
2023-01-02 22:33:43 +00:00
date: new Date(),
2022-12-15 15:23:33 +00:00
creator: content.uid,
image: imageUid,
desc: content.desc,
activity: content.activityUid,
state: "Pending"
}
saveData(treasurePath, TreasureData);
} else {
return {
success: false,
why: "The given activityUid refers to an event and not a treasure quest"
}
}
} else {
return activityExists
}
2022-12-15 09:22:14 +00:00
} else {
2022-12-15 15:23:33 +00:00
return {
success: false,
why: "Missing image, desc or activityUid"
}
2022-12-15 09:22:14 +00:00
}
} else {
2022-12-15 15:23:33 +00:00
return activityExists
2022-12-15 09:22:14 +00:00
}
2022-12-11 14:28:43 +00:00
} else {
return auth
}
})
2022-12-15 15:23:33 +00:00
fastify.post('/delTreasure', async (request, reply) => {
2022-12-15 13:34:25 +00:00
let content = request.body;
let auth = checkAuthetification(content);
if (auth.success) {
2022-12-15 15:23:33 +00:00
let treasureExists = check(content, "treasureUid", TreasureData)
if (treasureExists.success) {
if (TreasureData[content.treasureUid].creator === content.uid
&& TreasureData[content.treasureUid].state == "Pending") {
delete TreasureData[content.treasureUid];
saveData(treasurePath, TreasureData);
return {
success: true,
}
} else {
return {
success: false,
why: "You can't delete treasure that aren't yours or those already Accepted or Refused"
}
}
2022-12-15 13:34:25 +00:00
} else {
2022-12-15 15:23:33 +00:00
return treasureExists
2022-12-15 13:34:25 +00:00
}
} else {
return auth
}
})
2022-12-15 15:23:33 +00:00
fastify.post('/acceptTreasure', async (request, reply) => {
let content = request.body;
let treasureExists = checkManage(content, "treasureUid", TreasureData);
if (treasureExists.success) {
TreasureData[content.treasureUid].state = "Accepted";
saveData(treasurePath, TreasureData);
2022-12-15 15:56:49 +00:00
ActivityData[GoldenUsers[activityUid].activityUid].treasureState = "Accepted";
saveData(activityPath, ActivityData);
2022-12-15 15:23:33 +00:00
GoldenUsers[TreasureData[content.treasureUid].activityUid] = {
userUid: TreasureData[content.treasureUid].creator,
activityUid: TreasureData[content.treasureUid].activityUid
}
saveData(goldenUsersPath, GoldenUsers);
return {
success: true,
}
} else {
return treasureExists
}
})
fastify.post('/refuseTreasure', async (request, reply) => {
let content = request.body;
let treasureExists = checkManage(content, "treasureUid", TreasureData);
if (treasureExists.success) {
TreasureData[content.treasureUid].state = "Refused";
saveData(treasurePath, TreasureData);
return {
success: true,
}
} else {
return treasureExists
}
})
fastify.post('/isGolden', async (request, reply) => {
let content = request.body;
let auth = checkAuthetification(content);
if (auth.success) {
for (activityUid in GoldenUsers) {
if (GoldenUsers[activityUid].userUid === content.uid) {
return {
success: true,
userUid: content.uid,
activity: ActivityData[GoldenUsers[activityUid].activityUid]
}
}
}
return {
2023-01-03 19:32:14 +00:00
success: false
2022-12-15 15:23:33 +00:00
}
} else {
return auth
}
})
2022-12-11 14:28:43 +00:00
2022-12-15 09:22:14 +00:00
function saveData(path, data) {
fs.writeFileSync(path, JSON.stringify(data));
2022-12-11 14:28:43 +00:00
}
function authenticate(user, pwd) {
return new Promise((resolve, reject) => {
LDAP.authenticate(user, pwd, function(err, user) {
if (user && err == null) {
resolve({
authState: true,
authUser: user
});
} else {
resolve({
authState: false,
authUser: null
});
}
});
})
}
function checkAuthetification(content) {
if (content.hasOwnProperty("uid")
&& content.hasOwnProperty("token")) {
if (UsersToken.hasOwnProperty(content.uid)
&& UsersToken[content.uid].token === content.token) {
if (UsersToken[content.uid].expire > new Date()) {
return {
success: true
}
} else {
delete UsersToken[content.uid];
return {
success: false,
why: "Token expired"
}
}
} else {
return {
success: false,
2022-12-15 13:34:25 +00:00
why: "Not authentificated"
2022-12-11 14:28:43 +00:00
}
}
} else {
return {
success: false,
2022-12-15 15:23:33 +00:00
why: "Missing uid or token"
2022-12-11 14:28:43 +00:00
}
}
}
2022-12-15 15:23:33 +00:00
function check(content, input, data) {
2022-12-15 15:28:26 +00:00
if (input in content) {
2022-12-15 15:23:33 +00:00
if (content[input] in data) {
2022-12-15 09:22:14 +00:00
return {
success: true,
}
} else {
return {
success: false,
2022-12-15 15:23:33 +00:00
why: "Unknow "+input
2022-12-15 09:22:14 +00:00
}
}
} else {
return {
success: false,
2022-12-15 15:23:33 +00:00
why: "Missing "+input
2022-12-15 09:22:14 +00:00
}
}
}
2022-12-15 15:23:33 +00:00
function checkManage(content, input, data) {
2022-12-11 14:28:43 +00:00
let auth = checkAuthetification(content);
if (auth.success) {
if (AdminUsersUid.includes(content.uid)) {
2022-12-15 15:23:33 +00:00
let exists = check(content, input, data)
if (exists.success) {
2022-12-11 14:28:43 +00:00
return {
success: true
}
} else {
2022-12-15 15:23:33 +00:00
return exists
2022-12-11 14:28:43 +00:00
}
} else {
return {
success: false,
why: "Not Allowed"
}
}
} else {
return auth
}
}
2022-12-15 15:27:01 +00:00
function initFs() {
if (!fs.existsSync(prankPath)) {
fs.writeFileSync(prankPath, "{}");
}
if (!fs.existsSync(activityPath)) {
fs.writeFileSync(activityPath, "{}");
}
if (!fs.existsSync(treasurePath)) {
fs.writeFileSync(treasurePath, "{}");
}
if (!fs.existsSync(goldenUsersPath)) {
fs.writeFileSync(goldenUsersPath, "{}");
}
}
2022-12-11 14:28:43 +00:00
function makeid(length) {
var result = '';
var characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
var charactersLength = characters.length;
2022-12-15 13:34:25 +00:00
for (var i = 0; i < length; i++) {
2022-12-11 14:28:43 +00:00
result += characters.charAt(Math.floor(Math.random() * charactersLength));
}
return result;
}
const start = async () => {
try {
2022-12-11 16:01:37 +00:00
await fastify.listen({ port: 3000 , host: '127.0.0.1',})
2022-12-11 14:28:43 +00:00
} catch (err) {
fastify.log.error(err)
LDAP.close(function(err) {
console.log(err);
})
process.exit(1)
}
}
start()