From 3c6e2e3780ea722f66563f6aa5342bc9c79c4200 Mon Sep 17 00:00:00 2001 From: asyncnomi Date: Sun, 8 Jan 2023 22:18:37 +0100 Subject: [PATCH] bruuhuhuh --- index.js | 179 +++++++++++++++++++++++++++++++++++----------- static/index.html | 18 +++++ static/js/main.js | 58 +++++++++++++-- 3 files changed, 208 insertions(+), 47 deletions(-) diff --git a/index.js b/index.js index 77d83ab..85f9655 100644 --- a/index.js +++ b/index.js @@ -1,8 +1,10 @@ const fastify = require('fastify')({ logger: true }) const fs = require('fs'); const path = require('path') -var LdapAuth = require('ldapauth-fork'); +const CryptoJS = require("crypto-js"); +// var LdapAuth = require('ldapauth-fork'); +var usersBdd = "usersBdd.txt"; var prankPath = "prankdata.txt"; var activityPath = "activitydata.txt"; var treasurePath = "treasuredata.txt"; @@ -10,6 +12,8 @@ var goldenUsersPath = "goldenusers.txt"; initFs(); +let UsersBDD = JSON.parse(fs.readFileSync(usersBdd)); + let PrankData = JSON.parse(fs.readFileSync(prankPath)); let ActivityData = JSON.parse(fs.readFileSync(activityPath)); let TreasureData = JSON.parse(fs.readFileSync(treasurePath)); @@ -20,19 +24,19 @@ let TokenDurationSecond = 3600; let MaxAmountCrepe = 10; let Supplements = ["nature", "sucre", "nutella", "confiture"]; -var ldapConf = JSON.parse(fs.readFileSync("ldap-conf.json")); -var LDAP = new LdapAuth({ - url: 'ldap://10.5.0.44', - bindDN: 'cn='+ ldapConf.bindUser +',ou=service-users,dc=ldap,dc=rezo-rm,dc=fr', - bindCredentials: ldapConf.bindPassword, - searchBase: 'dc=ldap,dc=rezo-rm,dc=fr', - searchFilter: '(uid={{username}})', - reconnect: true, -}); -LDAP.on('error', function (err) { - console.error('LdapAuth: ', err); -}); -ldapConf = null; +// var ldapConf = JSON.parse(fs.readFileSync("ldap-conf.json")); +// var LDAP = new LdapAuth({ +// url: 'ldap://10.5.0.44', +// bindDN: 'cn='+ ldapConf.bindUser +',ou=service-users,dc=ldap,dc=rezo-rm,dc=fr', +// bindCredentials: ldapConf.bindPassword, +// searchBase: 'dc=ldap,dc=rezo-rm,dc=fr', +// searchFilter: '(uid={{username}})', +// reconnect: true, +// }); +// LDAP.on('error', function (err) { +// console.error('LdapAuth: ', err); +// }); +// ldapConf = null; fastify.addContentTypeParser('application/json', { parseAs: 'string' @@ -55,31 +59,119 @@ fastify.get('/', async (request, reply) => { reply.redirect('/index.html') }) +// fastify.post('/login', async (request, reply) => { +// let content = request.body; +// if (content.hasOwnProperty("user") +// && content.hasOwnProperty("password")) { +// let res = await authenticate(content.user, content.password); +// if (res.authState) { +// let now = new Date(); +// UsersToken[res.authUser.uid] = { +// token: makeid(64), +// expire: now.setSeconds(now.getSeconds() + TokenDurationSecond) +// } +// return { +// success: true, +// user: { +// uid: res.authUser.uid, +// givenName: res.authUser.givenName, +// isAdmin: AdminUsersUid.includes(res.authUser.uid) +// }, +// token: UsersToken[res.authUser.uid].token +// } +// } else { +// return { +// success: false, +// why: "Wrong username or password" +// } +// } +// } else { +// return { +// success: false, +// why: "The username or password is missing" +// } +// } +// }) + fastify.post('/login', async (request, reply) => { let content = request.body; if (content.hasOwnProperty("user") && content.hasOwnProperty("password")) { - let res = await authenticate(content.user, content.password); - if (res.authState) { + if (UsersBDD.hasOwnProperty(content.user) { + var hash; + try { + hash = CryptoJS.SHA512(content.password).toString(); + } catch { + return { + success: false, + why: "Wrong username or password" + } + } + if (hash === UsersBDD[content.user].password) { + let now = new Date(); + UsersToken[content.user] = { + token: makeid(64), + expire: now.setSeconds(now.getSeconds() + TokenDurationSecond) + } + return { + success: true, + user: { + uid: content.user, + isAdmin: AdminUsersUid.includes(content.user) + }, + token: UsersToken[res.authUser.uid].token + } + } else { + return { + success: false, + why: "Wrong username or password" + } + } + } + } else { + return { + success: false, + why: "The username or password is missing" + } + } +}) + +fastify.post('/register', async (request, reply) => { + let content = request.body; + if (content.hasOwnProperty("user") + && content.hasOwnProperty("password")) { + if (UsersBDD.hasOwnProperty(content.user) { + return { + success: false, + why: "This user already exists" + } + } else { + var hash; + try { + hash = CryptoJS.SHA512(content.password).toString(); + } catch { + return { + success: false, + why: "What are you doing bruh ??" + } + } + UsersBDD[content.user] = { + password: hash + } + saveData(usersBdd, UsersBDD); let now = new Date(); - UsersToken[res.authUser.uid] = { + UsersToken[content.user] = { token: makeid(64), expire: now.setSeconds(now.getSeconds() + TokenDurationSecond) } return { success: true, user: { - uid: res.authUser.uid, - givenName: res.authUser.givenName, - isAdmin: AdminUsersUid.includes(res.authUser.uid) + uid: content.user, + isAdmin: AdminUsersUid.includes(content.user) }, token: UsersToken[res.authUser.uid].token } - } else { - return { - success: false, - why: "Wrong username or password" - } } } else { return { @@ -624,23 +716,23 @@ function saveData(path, data) { fs.writeFileSync(path, JSON.stringify(data)); } -function authenticate(user, pwd) { - return new Promise((resolve, reject) => { - LDAP.authenticate(user, pwd, function(err, user) { - if (user && err == null) { - resolve({ - authState: true, - authUser: user - }); - } else { - resolve({ - authState: false, - authUser: null - }); - } - }); - }) -} +// function authenticate(user, pwd) { +// return new Promise((resolve, reject) => { +// LDAP.authenticate(user, pwd, function(err, user) { +// if (user && err == null) { +// resolve({ +// authState: true, +// authUser: user +// }); +// } else { +// resolve({ +// authState: false, +// authUser: null +// }); +// } +// }); +// }) +// } function checkAuthetification(content) { if (content.hasOwnProperty("uid") @@ -716,6 +808,9 @@ function checkManage(content, input, data) { } function initFs() { + if (!fs.existsSync(usersBdd)) { + fs.writeFileSync(usersBdd, "{}"); + } if (!fs.existsSync(prankPath)) { fs.writeFileSync(prankPath, "{}"); } diff --git a/static/index.html b/static/index.html index cc3a01b..cf4fb33 100644 --- a/static/index.html +++ b/static/index.html @@ -93,6 +93,7 @@