grey/elevatormapRewritten
1
0
Fork 0
mirror of https://github.com/TheGreyDiamond/elevatormapRewritten.git synced 2025-12-16 23:10:45 +01:00
Code Issues Projects Releases Wiki Activity

Cleanup

Browse Source
This commit is contained in:
TheGreyDiamond
2021-07-06 14:13:14 +02:00
parent bc2a66236e
commit 0dfd47e258
10 changed files with 2671 additions and 1158 deletions
Download Patch File Download Diff File Expand all files Collapse all files

312
routes/api.route.ts Normal file
View File

@@ -0,0 +1,312 @@
module.exports = function (app, con, mysqlIsUpAndOkay, logger) {
const multer = require("multer");
const upload = multer({ dest: "static/uploads/" });
const fs = require("fs");
const path = require("path");
app.get("/api/getElevatorById", function (req, res) {
console.log(req.query);
if (req.query.id != undefined) {
// All parameters are there
res.setHeader("Content-Type", "application/json");
try {
const id = parseFloat(req.query.id);
} catch (error) {
res.send(
JSON.stringify({ state: "Failed", message: "Invalid arguments" })
);
res.status(400);
return;
}
const id = parseFloat(req.query.id);
con.query(
"SELECT * FROM elevators WHERE id=" + id,
function (err, result) {
if (err) {
res.status(500);
res.send(
JSON.stringify({
state: "Failed",
message: "A server side error occured.",
results: [],
})
);
logger.error("The server failed to execute a request");
console.log(err);
mysqlIsUpAndOkay = false;
} else {
console.log(result[0]);
res.status(200);
res.send(
JSON.stringify({
state: "Ok",
message: "Successful.",
results: result,
})
);
}
}
);
} else {
// Welp something is missing
res.status(400);
res.setHeader("Content-Type", "application/json");
res.send(JSON.stringify({ state: "Failed", message: "Missing arguments" }));
}
});
app.get("/api/resolveNameById", function (req, res) {
if (req.query.id != undefined && req.query.id != "") {
const sql = "SELECT username FROM users WHERE id=?";
con.query(sql, [req.query.id], function (err, result) {
if (err) {
res.status(500);
res.send(
JSON.stringify({
state: "Failed",
message: "A server side error occured.",
results: [],
})
);
logger.error("The server failed to execute a request");
mysqlIsUpAndOkay = false;
} else {
console.log(result[0]);
res.status(200);
res.setHeader("Content-Type", "application/json");
res.send(
JSON.stringify({ state: "Ok", message: "", results: result })
);
}
}
);
} else {
res.status(400);
res.setHeader("Content-Type", "application/json");
res.send(JSON.stringify({ state: "Failed", message: "Missing argument: id" }));
}
});
app.get("/api/getElevatorLocation", function (req, res) {
if (
req.query.lan != undefined &&
req.query.lat != undefined &&
req.query.radius != undefined
) {
// All parameters are there
res.setHeader("Content-Type", "application/json");
try {
const lan = parseFloat(req.query.lan);
const lat = parseFloat(req.query.lat);
const radius = parseFloat(req.query.radius);
} catch (error) {
res.send(
JSON.stringify({ state: "Failed", message: "Invalid arguments" })
);
res.status(400);
return;
}
const lan = parseFloat(req.query.lan);
const lat = parseFloat(req.query.lat);
const radius = parseFloat(req.query.radius);
// TODO: Return just the elevators in the viewers area
con.query(
"SELECT id, lat, lng FROM elevators",
function (err, result, fields) {
if (err) {
res.status(500);
res.send(
JSON.stringify({
state: "Failed",
message: "A server side error occured.",
results: [],
})
);
logger.error("The server failed to execute a request");
mysqlIsUpAndOkay = false;
} else {
console.log(result[0]);
res.status(200);
res.send(
JSON.stringify({ state: "Ok", message: "", results: result })
);
}
}
);
} else {
// Welp something is missing
res.status(400);
res.setHeader("Content-Type", "application/json");
res.send(JSON.stringify({ state: "Failed", message: "Missing arguments" }));
}
});
// returns an object with the cookies' name as keys
const getAppCookies = (req) => {
// We extract the raw cookies from the request headers
const rawCookies = req.headers.cookie.split("; ");
// rawCookies = ['myapp=secretcookie, 'analytics_cookie=beacon;']
const parsedCookies = {};
rawCookies.forEach((rawCookie) => {
const parsedCookie = rawCookie.split("=");
// parsedCookie = ['myapp', 'secretcookie'], ['analytics_cookie', 'beacon']
parsedCookies[parsedCookie[0]] = parsedCookie[1];
});
return parsedCookies;
};
app.post("/api/saveNewElevatorMeta", function (req, res) {
const sess = req.session;
const tempJs = JSON.parse(decodeURIComponent(getAppCookies(req)["tempStore"]));
const sql =
"INSERT INTO elevators (lat, lng, manufacturer, modell, info, visitabilty, technology, amountOfFloors, maxPassangers, maxWeight, images, creator) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, '{ \"images\": []}', ?)";
con.query(
sql,
[
tempJs.lat,
tempJs.lng,
tempJs.manuf,
tempJs.model,
tempJs.description,
tempJs.visit,
tempJs.type,
tempJs.flor,
tempJs.pepl,
tempJs.weig,
sess.uid
],
function (err, result) {
if (err) throw err;
console.log("1 record inserted with id " + result.insertId);
res.setHeader("Content-Type", "application/json");
res.send(
JSON.stringify({ state: "Okay", message: "Ok. No fault!", id: result.insertId })
);
res.status(200);
}
);
});
app.post("/api/uploadImage", upload.any(), function (req, res) {
console.log(req.query.id)
let i = 0;
const sql = 'SELECT id, images FROM elevators WHERE id=?';
const allImages = []
while (i < req.files.length) {
const fObj = req.files[i];
const currentPath = path.join(fObj["path"]);
const destinationPath =
currentPath +
"." +
fObj["originalname"].split(".")[
fObj["originalname"].split(".").length - 1
]; // Add the file end
fs.rename(currentPath, destinationPath, function (err) {
if (err) {
throw err;
} else {
console.log("Successfully moved the file!");
}
});
allImages.push({ "path": destinationPath, "alt": "No alt was provided." })
i++;
}
con.query(
sql, [req.query.id],
function (err, result, fields) {
if (err) {
res.status(500);
res.send(
JSON.stringify({
state: "Failed",
message: "A server side error occured.",
results: [],
})
);
logger.error("The server failed to execute a request");
mysqlIsUpAndOkay = false;
} else {
const jData = JSON.parse(result[0].images)
console.log(jData)
jData.images.push.spread(jData.images, allImages)
console.log(jData);
console.log(result);
const sql = "UPDATE elevators SET images = ? WHERE id = ?";
con.query(sql, [JSON.stringify(jData), req.query.id], function (err) {
if (err) {
console.log("Update failure")
} else {
console.log("Okay")
}
})
}
}
);
// Save Image End
});
app.get("/api/getElevators", function (req, res) {
console.log(req.query);
if (
req.query.lan != undefined &&
req.query.lat != undefined &&
req.query.radius != undefined
) {
// All parameters are there
res.setHeader("Content-Type", "application/json");
try {
const lan = parseFloat(req.query.lan);
const lat = parseFloat(req.query.lat);
const radius = parseFloat(req.query.radius);
} catch (error) {
res.send(
JSON.stringify({ state: "Failed", message: "Invalid arguments" })
);
res.status(400);
return;
}
const lan = parseFloat(req.query.lan);
const lat = parseFloat(req.query.lat);
const radius = parseFloat(req.query.radius);
// TODO: Return just the elevators in the viewers area
con.query("SELECT * FROM elevators", function (err, result) {
if (err) {
res.status(500);
res.send(
JSON.stringify({
state: "Failed",
message: "A server side error occured.",
results: [],
})
);
logger.error("The server failed to execute a request");
mysqlIsUpAndOkay = false;
} else {
console.log(result[0]);
res.status(200);
res.send(JSON.stringify({ state: "Ok", message: "", results: result }));
}
});
} else {
// Welp something is missing
res.status(400);
res.setHeader("Content-Type", "application/json");
res.send(JSON.stringify({ state: "Failed", message: "Missing arguments" }));
}
});
}

443
routes/auth.route.ts Normal file
View File

@@ -0,0 +1,443 @@
module.exports = function (app, con, logger, metainfo, jsonConfig) {
const greetingTime = require("greeting-time");
const fs = require("fs");
const Eta = require("eta");
const { verify } = require("hcaptcha");
const bcrypt = require("bcrypt");
const cryptoF = require("crypto");
const saltRounds = 10;
const mailRegex =
/(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])/;
app.get("/logout", function (req, res) {
req.session.destroy();
const data = fs.readFileSync("templates/redirect.html", "utf8");
res.send(
Eta.render(data, {
author: metainfo.author,
desc: metainfo.desc,
siteTitel: metainfo.sitePrefix + "Logout",
fontawesomeKey: jsonConfig.fontAwesome,
url: "/",
})
);
});
app.get("/verify*", function (req, res) {
console.log(req.url.split("/")[2]);
const stmt = "SELECT * FROM mailverification WHERE token = ?;";
con.query(stmt, [req.url.split("/")[2]], function (err, result) {
if (err) {
res.status(404);
res.send(
JSON.stringify({ state: "Failed", message: "Database error occured" })
);
logger.error(err);
} else {
if (result.length == 0) {
res.status(404);
res.send(
JSON.stringify({ state: "Failed", message: "Link already done" })
);
} else {
console.log(result);
res.status(200);
const stmt2 = "DELETE FROM mailverification WHERE id=?";
console.log(result[0].id);
con.query(stmt2, [result[0].id], function (err, result, fields) {
// TODO handling of this
//logger.debug(err)
//console.log(result)
});
const stmt3 = "UPDATE users SET verificationState=1 WHERE email=?";
con.query(
stmt3,
[result[0].targetMail],
function (err, result, fields) {
// TODO handling of this
//logger.debug(err)
//console.log(result)
}
);
res.send(JSON.stringify({ state: "OK", message: "Done!" }));
}
}
});
});
app.post("/register", function (req, res) {
const sess = req.session;
let resu;
verify(jsonConfig.hCaptcha.secret, req.body["g-recaptcha-response"]).then(
(data) => (resu = data)
);
/*.catch(setTimeout(() => {
//if(resu.success == false){
console.log("HERE");
const data = fs.readFileSync("templates/genericError.html", "utf8");
resu = "-1";
con
res.send(
Eta.render(data, {
author: metainfo.author,
desc: metainfo.desc,
siteTitel: metainfo.sitePrefix + "Error",
fontawesomeKey: jsonConfig.fontAwesome,
displayText: "There was an issue with the Captcha",
})
);
//}
}, 0)
);*/
if (req.body.pass == req.body.pass2) {
if (mailRegex.test(req.body.email)) {
setTimeout(() => {
console.log(resu);
if (resu.success == true) {
bcrypt.hash(req.body.pass, saltRounds, (err, hash) => {
const data = fs.readFileSync(
"templates/genericError.html",
"utf8"
);
// SQL INSERT
const stmt =
"INSERT INTO users(email, username, passwordHash) VALUES(?, ?, ?)";
const stmt2 =
"INSERT INTO mailverification(targetMail, userID, token) VALUES(?, ?, ?)";
cryptoF.randomBytes(48, function (err, buffer) {
const token = buffer.toString("hex");
con.query(
stmt,
[req.body.email, req.body.username, hash],
(err, results1) => {
if (err) {
res.send(
Eta.render(data, {
author: metainfo.author,
desc: metainfo.desc,
siteTitel: metainfo.sitePrefix + "Error",
fontawesomeKey: jsonConfig.fontAwesome,
displayText:
"An error occured while creating your account.",
})
);
return console.error(err.message);
} else {
// Create mail verification
con.query(
stmt2,
[req.body.email, results1.insertId, token],
(err, results) => {
if (err) {
res.send(
Eta.render(data, {
author: metainfo.author,
desc: metainfo.desc,
siteTitel: metainfo.sitePrefix + "Error",
fontawesomeKey: jsonConfig.fontAwesome,
displayText:
"An error occured while creating your account.",
})
);
return console.error(err.message);
} else {
sess.username = req.body.username;
sess.uid = String(results1.insertId);
sess.mail = req.body.email;
// get inserted id
logger.info("Inserted Id:" + results.insertId);
res.send(
Eta.render(data, {
author: metainfo.author,
desc: metainfo.desc,
siteTitel: metainfo.sitePrefix + "Error",
fontawesomeKey: jsonConfig.fontAwesome,
displayText: "OK " + hash,
})
);
sendVerificationMail(results.insertId);
}
}
);
}
}
);
});
});
} else {
const data = fs.readFileSync("templates/register.html", "utf8");
res.send(
Eta.render(data, {
author: metainfo.author,
desc: metainfo.desc,
siteTitel: metainfo.sitePrefix + "Register",
fontawesomeKey: jsonConfig.fontAwesome,
sitekey: jsonConfig.hCaptcha.sitekey,
error: true,
errorMessage: "You failed the captcha, please try again.",
})
);
}
}, 200);
} else {
// Passwords don't match up
const data = fs.readFileSync("templates/register.html", "utf8");
res.send(
Eta.render(data, {
author: metainfo.author,
desc: metainfo.desc,
siteTitel: metainfo.sitePrefix + "Register",
fontawesomeKey: jsonConfig.fontAwesome,
sitekey: jsonConfig.hCaptcha.sitekey,
error: true,
errorMessage: "The E-Mail given is not valid",
})
);
}
} else {
// Passwords don't match up
const data = fs.readFileSync("templates/register.html", "utf8");
res.send(
Eta.render(data, {
author: metainfo.author,
desc: metainfo.desc,
siteTitel: metainfo.sitePrefix + "Register",
fontawesomeKey: jsonConfig.fontAwesome,
sitekey: jsonConfig.hCaptcha.sitekey,
error: true,
errorMessage: "The password have to match up.",
})
);
}
});
app.get("/register", function (req, res) {
const data = fs.readFileSync("templates/register.html", "utf8");
res.send(
Eta.render(data, {
author: metainfo.author,
desc: metainfo.desc,
siteTitel: metainfo.sitePrefix + "Register",
fontawesomeKey: jsonConfig.fontAwesome,
sitekey: jsonConfig.hCaptcha.sitekey,
})
);
});
app.get("/profile", function (req, res) {
if (req.session.username != undefined) {
let greeting = greetingTime(new Date());
greeting += req.session.username;
const hash = cryptoF
.createHash("md5")
.update(req.session.mail.replace(" ", "").toLowerCase())
.digest("hex");
const gravatarURL = "https://www.gravatar.com/avatar/" + hash;
const data = fs.readFileSync("templates/profile.html", "utf8");
res.send(
Eta.render(data, {
author: metainfo.author,
desc: metainfo.desc,
siteTitel: metainfo.sitePrefix + "Profile",
fontawesomeKey: jsonConfig.fontAwesome,
greeting: greeting,
gravatarURL: gravatarURL,
})
);
} else {
const data = fs.readFileSync("templates/redirect.html", "utf8");
res.send(
Eta.render(data, {
author: metainfo.author,
desc: metainfo.desc,
siteTitel: metainfo.sitePrefix + "Profile",
fontawesomeKey: jsonConfig.fontAwesome,
url: "/login",
})
);
}
});
app.get("/login", function (req, res) {
const data = fs.readFileSync("templates/login.html", "utf8");
res.send(
Eta.render(data, {
author: metainfo.author,
desc: metainfo.desc,
siteTitel: metainfo.sitePrefix + "Login",
fontawesomeKey: jsonConfig.fontAwesome,
})
);
});
app.post("/login", function (req, res) {
const password = req.body.pass;
const mail = req.body.email;
const sess = req.session;
console.log(req.body.pass);
// Check if okay
if (
mail != undefined &&
mail != "" &&
password != undefined &&
password != ""
) {
if (mailRegex.test(mail)) {
const stmt = "SELECT * FROM users WHERE email='?';";
con.query(stmt, [mail], function (err, result) {
if (err) throw err; // TODO proper error page
if (result.length == 0) {
const data = fs.readFileSync("templates/login.html", "utf8");
res.send(
Eta.render(data, {
author: metainfo.author,
desc: metainfo.desc,
siteTitel: metainfo.sitePrefix + "Ok",
fontawesomeKey: jsonConfig.fontAwesome,
error: true,
errorMessage: "This user does not exist!",
})
);
} else {
bcrypt.compare(
password,
result[0].passwordHash,
function (error, response) {
if (response) {
// Login okay
sess.username = result[0].username;
sess.uid = String(result[0].id);
sess.mail = result[0].email;
const data = fs.readFileSync("templates/redirect.html", "utf8");
if (req.query.r != undefined && req.query.r != "") {
res.send(
Eta.render(data, {
author: metainfo.author,
desc: metainfo.desc,
siteTitel: metainfo.sitePrefix + "Ok",
fontawesomeKey: jsonConfig.fontAwesome,
url: req.query.r,
})
);
} else {
res.send(
Eta.render(data, {
author: metainfo.author,
desc: metainfo.desc,
siteTitel: metainfo.sitePrefix + "Ok",
fontawesomeKey: jsonConfig.fontAwesome,
url: "/profile",
})
);
}
} else {
// Password falsch
const data = fs.readFileSync("templates/login.html", "utf8");
res.send(
Eta.render(data, {
author: metainfo.author,
desc: metainfo.desc,
siteTitel: metainfo.sitePrefix + "Ok",
fontawesomeKey: jsonConfig.fontAwesome,
error: true,
errorMessage: "The given password is wrong.",
})
);
}
}
);
}
});
} else {
const data = fs.readFileSync("templates/login.html", "utf8");
res.send(
Eta.render(data, {
author: metainfo.author,
desc: metainfo.desc,
siteTitel: metainfo.sitePrefix + "Ok",
fontawesomeKey: jsonConfig.fontAwesome,
error: true,
errorMessage: "The given E-Mail is invalid.",
})
);
}
} else {
logger.warn(
"The login form did not sent all data. Dump: \n Password: " +
password +
" \n E-Mail: " +
mail
);
const data = fs.readFileSync("templates/genericError.html", "utf8");
const displayText = "The form did not sent all the information needed.";
res.send(
Eta.render(data, {
author: metainfo.author,
desc: metainfo.desc,
siteTitel: metainfo.sitePrefix + "Error",
fontawesomeKey: jsonConfig.fontAwesome,
displayText: displayText,
})
);
}
});
// sendVerificationMail(2);
function sendVerificationMail(userId) {
// Query for the mail
const stmt = "SELECT * FROM mailverification WHERE id=?";// + userId;
con.query(stmt, [userId], function (err, result, fields) {
if (err) throw err; // TODO proper error handling
if (result.length == 0) {
logger.warn(
"sendVerificationMail failed because ID " + userId + " doesnt exist!"
);
} else {
const emailContent =
"Hi! \n You have created an account for the open elevator map. To finalize the process please verify your E-Mail adress. Use this link: http://" +
serverAdress +
"/verify/" +
result[0].token;
transport.sendMail({
from: '"Elevator map " <' + mailConf.username + ">", // sender address
to: result[0].targetMail, // list of receivers
subject: "[Elevator map] Please verify your Mailadress", // Subject line
text: emailContent, // plain text body
html: emailContent.replace("\n", "<br>"), // html body
});
}
console.log(result);
});
/*
let info = await transporter.sendMail({
from: '"Elevator map " <' + mysqlData.username + '>', // sender address
to: "bar@example.com, baz@example.com", // list of receivers
subject: "Hello ✔", // Subject line
text: "Hello world?", // plain text body
html: "<b>Hello world?</b>", // html body
});*/
}
}

6
routes/debug.route.ts Normal file
View File

@@ -0,0 +1,6 @@
module.exports = function (app) {
app.get("/debug/showSessionInfo", function (req, res) {
res.send(JSON.stringify(req.session));
});
}