bruuhuhuh
This commit is contained in:
parent
69e7960233
commit
3c6e2e3780
3 changed files with 208 additions and 47 deletions
179
index.js
179
index.js
|
@ -1,8 +1,10 @@
|
|||
const fastify = require('fastify')({ logger: true })
|
||||
const fs = require('fs');
|
||||
const path = require('path')
|
||||
var LdapAuth = require('ldapauth-fork');
|
||||
const CryptoJS = require("crypto-js");
|
||||
// var LdapAuth = require('ldapauth-fork');
|
||||
|
||||
var usersBdd = "usersBdd.txt";
|
||||
var prankPath = "prankdata.txt";
|
||||
var activityPath = "activitydata.txt";
|
||||
var treasurePath = "treasuredata.txt";
|
||||
|
@ -10,6 +12,8 @@ var goldenUsersPath = "goldenusers.txt";
|
|||
|
||||
initFs();
|
||||
|
||||
let UsersBDD = JSON.parse(fs.readFileSync(usersBdd));
|
||||
|
||||
let PrankData = JSON.parse(fs.readFileSync(prankPath));
|
||||
let ActivityData = JSON.parse(fs.readFileSync(activityPath));
|
||||
let TreasureData = JSON.parse(fs.readFileSync(treasurePath));
|
||||
|
@ -20,19 +24,19 @@ let TokenDurationSecond = 3600;
|
|||
let MaxAmountCrepe = 10;
|
||||
let Supplements = ["nature", "sucre", "nutella", "confiture"];
|
||||
|
||||
var ldapConf = JSON.parse(fs.readFileSync("ldap-conf.json"));
|
||||
var LDAP = new LdapAuth({
|
||||
url: 'ldap://10.5.0.44',
|
||||
bindDN: 'cn='+ ldapConf.bindUser +',ou=service-users,dc=ldap,dc=rezo-rm,dc=fr',
|
||||
bindCredentials: ldapConf.bindPassword,
|
||||
searchBase: 'dc=ldap,dc=rezo-rm,dc=fr',
|
||||
searchFilter: '(uid={{username}})',
|
||||
reconnect: true,
|
||||
});
|
||||
LDAP.on('error', function (err) {
|
||||
console.error('LdapAuth: ', err);
|
||||
});
|
||||
ldapConf = null;
|
||||
// var ldapConf = JSON.parse(fs.readFileSync("ldap-conf.json"));
|
||||
// var LDAP = new LdapAuth({
|
||||
// url: 'ldap://10.5.0.44',
|
||||
// bindDN: 'cn='+ ldapConf.bindUser +',ou=service-users,dc=ldap,dc=rezo-rm,dc=fr',
|
||||
// bindCredentials: ldapConf.bindPassword,
|
||||
// searchBase: 'dc=ldap,dc=rezo-rm,dc=fr',
|
||||
// searchFilter: '(uid={{username}})',
|
||||
// reconnect: true,
|
||||
// });
|
||||
// LDAP.on('error', function (err) {
|
||||
// console.error('LdapAuth: ', err);
|
||||
// });
|
||||
// ldapConf = null;
|
||||
|
||||
fastify.addContentTypeParser('application/json', {
|
||||
parseAs: 'string'
|
||||
|
@ -55,31 +59,119 @@ fastify.get('/', async (request, reply) => {
|
|||
reply.redirect('/index.html')
|
||||
})
|
||||
|
||||
// fastify.post('/login', async (request, reply) => {
|
||||
// let content = request.body;
|
||||
// if (content.hasOwnProperty("user")
|
||||
// && content.hasOwnProperty("password")) {
|
||||
// let res = await authenticate(content.user, content.password);
|
||||
// if (res.authState) {
|
||||
// let now = new Date();
|
||||
// UsersToken[res.authUser.uid] = {
|
||||
// token: makeid(64),
|
||||
// expire: now.setSeconds(now.getSeconds() + TokenDurationSecond)
|
||||
// }
|
||||
// return {
|
||||
// success: true,
|
||||
// user: {
|
||||
// uid: res.authUser.uid,
|
||||
// givenName: res.authUser.givenName,
|
||||
// isAdmin: AdminUsersUid.includes(res.authUser.uid)
|
||||
// },
|
||||
// token: UsersToken[res.authUser.uid].token
|
||||
// }
|
||||
// } else {
|
||||
// return {
|
||||
// success: false,
|
||||
// why: "Wrong username or password"
|
||||
// }
|
||||
// }
|
||||
// } else {
|
||||
// return {
|
||||
// success: false,
|
||||
// why: "The username or password is missing"
|
||||
// }
|
||||
// }
|
||||
// })
|
||||
|
||||
fastify.post('/login', async (request, reply) => {
|
||||
let content = request.body;
|
||||
if (content.hasOwnProperty("user")
|
||||
&& content.hasOwnProperty("password")) {
|
||||
let res = await authenticate(content.user, content.password);
|
||||
if (res.authState) {
|
||||
if (UsersBDD.hasOwnProperty(content.user) {
|
||||
var hash;
|
||||
try {
|
||||
hash = CryptoJS.SHA512(content.password).toString();
|
||||
} catch {
|
||||
return {
|
||||
success: false,
|
||||
why: "Wrong username or password"
|
||||
}
|
||||
}
|
||||
if (hash === UsersBDD[content.user].password) {
|
||||
let now = new Date();
|
||||
UsersToken[content.user] = {
|
||||
token: makeid(64),
|
||||
expire: now.setSeconds(now.getSeconds() + TokenDurationSecond)
|
||||
}
|
||||
return {
|
||||
success: true,
|
||||
user: {
|
||||
uid: content.user,
|
||||
isAdmin: AdminUsersUid.includes(content.user)
|
||||
},
|
||||
token: UsersToken[res.authUser.uid].token
|
||||
}
|
||||
} else {
|
||||
return {
|
||||
success: false,
|
||||
why: "Wrong username or password"
|
||||
}
|
||||
}
|
||||
}
|
||||
} else {
|
||||
return {
|
||||
success: false,
|
||||
why: "The username or password is missing"
|
||||
}
|
||||
}
|
||||
})
|
||||
|
||||
fastify.post('/register', async (request, reply) => {
|
||||
let content = request.body;
|
||||
if (content.hasOwnProperty("user")
|
||||
&& content.hasOwnProperty("password")) {
|
||||
if (UsersBDD.hasOwnProperty(content.user) {
|
||||
return {
|
||||
success: false,
|
||||
why: "This user already exists"
|
||||
}
|
||||
} else {
|
||||
var hash;
|
||||
try {
|
||||
hash = CryptoJS.SHA512(content.password).toString();
|
||||
} catch {
|
||||
return {
|
||||
success: false,
|
||||
why: "What are you doing bruh ??"
|
||||
}
|
||||
}
|
||||
UsersBDD[content.user] = {
|
||||
password: hash
|
||||
}
|
||||
saveData(usersBdd, UsersBDD);
|
||||
let now = new Date();
|
||||
UsersToken[res.authUser.uid] = {
|
||||
UsersToken[content.user] = {
|
||||
token: makeid(64),
|
||||
expire: now.setSeconds(now.getSeconds() + TokenDurationSecond)
|
||||
}
|
||||
return {
|
||||
success: true,
|
||||
user: {
|
||||
uid: res.authUser.uid,
|
||||
givenName: res.authUser.givenName,
|
||||
isAdmin: AdminUsersUid.includes(res.authUser.uid)
|
||||
uid: content.user,
|
||||
isAdmin: AdminUsersUid.includes(content.user)
|
||||
},
|
||||
token: UsersToken[res.authUser.uid].token
|
||||
}
|
||||
} else {
|
||||
return {
|
||||
success: false,
|
||||
why: "Wrong username or password"
|
||||
}
|
||||
}
|
||||
} else {
|
||||
return {
|
||||
|
@ -624,23 +716,23 @@ function saveData(path, data) {
|
|||
fs.writeFileSync(path, JSON.stringify(data));
|
||||
}
|
||||
|
||||
function authenticate(user, pwd) {
|
||||
return new Promise((resolve, reject) => {
|
||||
LDAP.authenticate(user, pwd, function(err, user) {
|
||||
if (user && err == null) {
|
||||
resolve({
|
||||
authState: true,
|
||||
authUser: user
|
||||
});
|
||||
} else {
|
||||
resolve({
|
||||
authState: false,
|
||||
authUser: null
|
||||
});
|
||||
}
|
||||
});
|
||||
})
|
||||
}
|
||||
// function authenticate(user, pwd) {
|
||||
// return new Promise((resolve, reject) => {
|
||||
// LDAP.authenticate(user, pwd, function(err, user) {
|
||||
// if (user && err == null) {
|
||||
// resolve({
|
||||
// authState: true,
|
||||
// authUser: user
|
||||
// });
|
||||
// } else {
|
||||
// resolve({
|
||||
// authState: false,
|
||||
// authUser: null
|
||||
// });
|
||||
// }
|
||||
// });
|
||||
// })
|
||||
// }
|
||||
|
||||
function checkAuthetification(content) {
|
||||
if (content.hasOwnProperty("uid")
|
||||
|
@ -716,6 +808,9 @@ function checkManage(content, input, data) {
|
|||
}
|
||||
|
||||
function initFs() {
|
||||
if (!fs.existsSync(usersBdd)) {
|
||||
fs.writeFileSync(usersBdd, "{}");
|
||||
}
|
||||
if (!fs.existsSync(prankPath)) {
|
||||
fs.writeFileSync(prankPath, "{}");
|
||||
}
|
||||
|
|
|
@ -93,6 +93,7 @@
|
|||
</div> <!-- end admin page -->
|
||||
|
||||
<div class="container" id="login-page" style="display: none;">
|
||||
<p>Connection</p>
|
||||
<div class="column-section">
|
||||
<div id="login-form">
|
||||
<div class="form-group">
|
||||
|
@ -109,6 +110,23 @@
|
|||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<p>Inscription</p>
|
||||
<div class="column-section">
|
||||
<div id="register-form">
|
||||
<div class="form-group">
|
||||
<input type="text" class="form-control" placeholder="Nom d'espion" name="login" id="register-user"/>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<input type="password" class="form-control" placeholder="Mot de passe secret" name="password" id="register-password" />
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<button type="submit" class="btn btn-primary" id="register-button">S'inscrire</button>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<p id="error-message-register"></p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<hr/>
|
||||
<div class="row banner">
|
||||
<h2>Notice pour l'espion</h2>
|
||||
|
|
|
@ -15,12 +15,12 @@ function show_page(id, historyPush) {
|
|||
for(i in page) {
|
||||
$(page[i]).hide().removeClass("away");
|
||||
}
|
||||
|
||||
|
||||
$hs = $(history.state).show();
|
||||
if(!historyPush)
|
||||
$hs.addClass('away');
|
||||
$id = $(id).show();
|
||||
|
||||
|
||||
|
||||
if(!historyPush) {
|
||||
history.pushState(id, "", "")
|
||||
|
@ -77,6 +77,54 @@ $("#login-button").click(function (e) {
|
|||
|
||||
});
|
||||
|
||||
$("#register-button").click(function (e) {
|
||||
var data = JSON.stringify({
|
||||
user: $("#register-user").val(),
|
||||
password: $("#register-password").val()
|
||||
});
|
||||
$("#register-password").val('');
|
||||
$.ajax({
|
||||
type: "POST",
|
||||
url: base_url + "register",
|
||||
data: data,
|
||||
contentType: "application/json; charset=utf-8",
|
||||
dataType: "json",
|
||||
|
||||
success: function (data) {
|
||||
if(data.success) {
|
||||
localStorage.setItem("token", data.token);
|
||||
localStorage.setItem("user", data.user.uid);
|
||||
localStorage.setItem("isAdmin", data.user.isAdmin);
|
||||
if (data.user.isAdmin) {
|
||||
show_page('#admin-page');
|
||||
get_admin("prank");
|
||||
} else {
|
||||
show_page('#demande-page');
|
||||
}
|
||||
} else {
|
||||
$('#error-message-register').empty();
|
||||
t = new TypeIt('#error-message-register', {
|
||||
speed: 110,
|
||||
lifeLike: true
|
||||
})
|
||||
.type(data.why)
|
||||
.go();
|
||||
}
|
||||
|
||||
},
|
||||
error: function(e, status, i) {
|
||||
$('#error-message-register').empty();
|
||||
t = new TypeIt('#error-message-register', {
|
||||
speed: 110,
|
||||
lifeLike: true
|
||||
})
|
||||
.type(status)
|
||||
.go();
|
||||
}
|
||||
});
|
||||
|
||||
});
|
||||
|
||||
$("#prank-button").click(function () {
|
||||
if (localStorage.getItem('token')) {
|
||||
show_page('#demande-page');
|
||||
|
@ -563,7 +611,7 @@ function updateDemandes() {
|
|||
contentType: "application/json; charset=utf-8",
|
||||
dataType: "json",
|
||||
|
||||
success: function (data) {
|
||||
success: function (data) {
|
||||
if(data.success) {
|
||||
$('#demande-list').html('');
|
||||
let pd = data.prankData;
|
||||
|
@ -593,7 +641,7 @@ function updateDemandes() {
|
|||
uid: localStorage.getItem('user'),
|
||||
token: localStorage.getItem('token'),
|
||||
prankUid: pd_uid
|
||||
|
||||
|
||||
}),
|
||||
contentType: "application/json; charset=utf-8",
|
||||
dataType: "json",
|
||||
|
@ -690,7 +738,7 @@ $(window).on("load", function() {
|
|||
var time = b[1];
|
||||
var days = b[0];
|
||||
var t = time.split(":").map(t => parseInt(t));
|
||||
|
||||
|
||||
t[2] -= 1;
|
||||
if (t[2] < 0) {
|
||||
t[2] = 59;
|
||||
|
|
Loading…
Reference in a new issue