This commit is contained in:
BurnyLlama 2022-01-15 19:27:18 +01:00
parent 29fa7a6590
commit 48ad801027
8 changed files with 116 additions and 95 deletions

6
.gitignore vendored
View File

@ -131,4 +131,8 @@ dist
captcha.png captcha.png
package-lock.json package-lock.json
pnpm-lock.yaml
auth.db

104
index.js
View File

@ -1,102 +1,22 @@
import Database from 'better-sqlite3'
import express from 'express'
import crypto from 'crypto'
import dotenv from 'dotenv' import dotenv from 'dotenv'
import express from 'express'
import { exec } from 'child_process' import ROUTES from './routes/routes.js'
import { dbInit } from './libs/database.js'
dotenv.config() dotenv.config()
const app = express() const APP = express()
const port = process.env.PORT const PORT = process.env.PORT ?? 12345
let valid = {}
let glauth = undefined
console.log(process.env)
dbInit() dbInit()
app.use(express.urlencoded({ APP.use(express.urlencoded({ extended: true }))
extended: true APP.use('/static', express.static('static'))
}))
app.use(express.static('public')) APP.use('/', ROUTES)
app.post('/register', (req, res) => { APP.listen(
// Was input sent? PORT,
if(!req.body.username) () => console.log('Server started at http://localhost:' + PORT)
return(res.send("No username entered!")) )
if(!req.body.password)
return(res.send("No password entered!"))
if(!req.body.password)
return(res.send("No captcha entered!"))
// does the username match the requirements
if(!(/^(?=[a-zA-Z0-9]{2,20}$).*$/.test(req.body.username)))
return(res.send("Username does not match the requirements"))
// is captcha valid
if(!valid[req.body.captcha])
return(res.send("Invalid captcha!"))
const captchaAge = Math.abs((valid[req.body.captcha].getTime() - new Date().getTime())/1000)
if(captchaAge > 600)
return(res.send("Invalid captcha!"))
// expire the captcha
delete valid[req.body.captcha]
// Does user already exist?
if(glauth.prepare(`SELECT * FROM users WHERE name = ?`).get(req.body.username))
return(res.send("User already exists"))
// Create the user!
glauth.prepare(`
INSERT INTO users(
name, primarygroup, passsha256
) VALUES(?, 0, ?)
`).run(req.body.username, crypto.createHash('sha256').update(req.body.password).digest('hex'))
console.log(`>>> User: ${req.body.username} was succesfully created!`)
res.send("Account registered!")
res.end()
})
app.get('/captcha', async (req, res) => {
const captcha = crypto.randomBytes(3).toString('hex')
await execawait(`./captcha.sh ${captcha} > captcha.png`)
// Make it valid for 10 minutes
valid[captcha] = new Date()
// Send the captcha image
res.contentType('image/png');
res.sendFile('captcha.png', {
root: './'
});
})
app.listen(port);
console.log('Server started at http://localhost:' + port);
function execawait(cmd) {
return new Promise((resolve, reject) => {
exec(cmd, (error, stdout, stderr) => {
if (error) {
console.warn(error);
}
resolve(stdout ? stdout : stderr);
});
});7
}
function dbInit() {
glauth = new Database(process.env.GLAUTH_DB, {})
console.log(`Loaded in GLAuth - users.db`)
}

9
libs/database.js Normal file
View File

@ -0,0 +1,9 @@
import SQLDatabase from 'better-sqlite3'
export let glauth = undefined
export function dbInit() {
glauth = new SQLDatabase(process.env.GLAUTH_DB, {})
console.log(`Loaded in GLAuth - users.db`)
}

12
libs/execawait.js Normal file
View File

@ -0,0 +1,12 @@
import { exec } from 'child_process'
export default function execawait(cmd) {
return new Promise((resolve, reject) => {
exec(cmd, (error, stdout, stderr) => {
if (error) {
console.warn(error);
}
resolve(stdout ? stdout : stderr);
});
});
}

View File

@ -12,7 +12,6 @@
"dependencies": { "dependencies": {
"better-sqlite3": "^7.4.6", "better-sqlite3": "^7.4.6",
"dotenv": "^12.0.3", "dotenv": "^12.0.3",
"express": "^4.17.2", "express": "^4.17.2"
"expresss": "^0.0.0"
} }
} }

68
routes/auth.js Normal file
View File

@ -0,0 +1,68 @@
import crypto from 'crypto'
import { Router } from 'express'
import execawait from '../libs/execawait.js'
const AUTH = Router()
let valid = {}
AUTH.post('/register', (req, res) => {
// Was input sent?
if(!req.body.username)
return(res.send("No username entered!"))
if(!req.body.password)
return(res.send("No password entered!"))
if(!req.body.password)
return(res.send("No captcha entered!"))
// does the username match the requirements
if(!(/^(?=[a-zA-Z0-9]{2,20}$).*$/.test(req.body.username)))
return(res.send("Username does not match the requirements"))
// is captcha valid
if(!valid[req.body.captcha])
return(res.send("Invalid captcha!"))
const captchaAge = Math.abs((valid[req.body.captcha].getTime() - new Date().getTime())/1000)
if(captchaAge > 600)
return(res.send("Invalid captcha!"))
// expire the captcha
delete valid[req.body.captcha]
// Does user already exist?
if(glauth.prepare(`SELECT * FROM users WHERE name = ?`).get(req.body.username))
return(res.send("User already exists"))
// Create the user!
glauth.prepare(`
INSERT INTO users(
name, primarygroup, passsha256
) VALUES(?, 0, ?)
`).run(req.body.username, crypto.createHash('sha256').update(req.body.password).digest('hex'))
console.log(`>>> User: ${req.body.username} was succesfully created!`)
res.send("Account registered!")
res.end()
})
AUTH.get('/captcha', async (req, res) => {
const captcha = crypto.randomBytes(3).toString('hex')
await execawait(`./captcha.sh ${captcha} > captcha.png`)
// Make it valid for 10 minutes
valid[captcha] = new Date()
// Send the captcha image
res.contentType('image/png');
res.sendFile('captcha.png', {
root: './'
});
})
export default AUTH

9
routes/routes.js Normal file
View File

@ -0,0 +1,9 @@
import { Router } from 'express'
import AUTH from './auth.js'
const ROUTES = Router()
ROUTES.get('/', (_, res) => res.send("Welcome!"))
ROUTES.use('/auth', AUTH)
export default ROUTES