expand/ccashfrontend
1
0
Fork 0
mirror of https://github.com/Expand-sys/ccashfrontend synced 2025-12-17 07:12:12 +11:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #5 from Expand-sys/fastify

Browse source 
Fastify
This commit is contained in:
Expand-sys 2021-06-22 17:44:05 +10:00 committed by GitHub
commit eec0f60000
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 4890 additions and 800 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.dockerignore Normal file
View file

@ -0,0 +1 @@
node_modules

10
config/auth.js
View file

@ -1,10 +0,0 @@
module.exports = {
ensureAuthenticated: function (req, res, next) {
if (req.session.user != undefined) {
return next();
}
req.session.errors = [];
req.session.errors.push({ msg: "please login to view this resource" });
res.redirect("/login");
},
};

469
index.js
View file

@ -1,72 +1,46 @@
const root = process.env.PWD; const root = process.env.PWD;
const express = require("express"); require("pino-pretty");
const fastify = require("fastify")({
//logger: { prettyPrint: true },
});
const fastifyFlash = require("fastify-flash");
const path = require("path"); const path = require("path");
const https = require("https");
const got = require("got"); const got = require("got");
const bodyParser = require("body-parser");
const expressValidator = require("express-validator");
const flash = require("connect-flash");
const session = require("express-session");
const { ensureAuthenticated } = require(`${root}/config/auth.js`);
const app = express();
const MemoryStore = require("memorystore")(session);
const url = require("url"); const url = require("url");
const dotenv = require("dotenv"); const dotenv = require("dotenv");
const fs = require("fs"); const fs = require("fs");
const mongoose = require("mongoose");
const { CCashClient } = require("ccash-client-js"); const { CCashClient } = require("ccash-client-js");
dotenv.config({ path: ".env" }); dotenv.config({ path: ".env" });
const { postUser } = require(`${root}/helpers/functions.js`); fastify.register(require("fastify-formbody"));
fastify.register(require("fastify-static"), {
app.set("views", path.join(__dirname, "views")); root: path.join(__dirname, "public"),
app.set("view engine", "pug"); prefix: "/", // optional: default '/'
app.use(flash());
app.use(require("connect-flash")());
app.use(express.static(path.join(__dirname, "public")));
app.use(express.json());
app.use(
bodyParser.urlencoded({
extended: true,
})
);
app.use(function (req, res, next) {
res.locals.messages = require("express-messages")(req, res);
next();
}); });
app.set("trust proxy", 1); // trust first proxy
const secure = false;
if (process.env.SECURE == true) {
secure = true;
}
app.use(
session({
secret: "fuck shit cunt",
resave: true,
store: new MemoryStore({
checkPeriod: 86400000, // prune expired entries every 24h
}),
saveUninitialized: true,
cookie: { secure: secure, maxAge: 86400000 },
})
);
app.use(
expressValidator({
errorFormatter: function (param, msg, value) {
var namespace = param.split("."),
root = namespace.shift(),
formParam = root;
while (namespace.length) { fastify.register(require("fastify-secure-session"), {
formParam += "[" + namespace.shift() + "]"; // the name of the session cookie, defaults to 'session'
} cookieName: "session",
return { // adapt this to point to the directory where secret-key is located
param: formParam, key: fs.readFileSync(path.join(__dirname, "secret-key")),
msg: msg, cookie: {
value: value, path: "/",
}; // options for setCookie, see https://github.com/fastify/fastify-cookie
}, secure: false,
}) httpOnly: true,
); },
});
fastify.register(fastifyFlash);
fastify.register(require("point-of-view"), {
engine: {
pug: require("pug"),
},
defaultContext: {
random: papy(),
},
root: path.join(__dirname, "views"),
});
function papy() { function papy() {
const rndInt = Math.floor(Math.random() * 1337); const rndInt = Math.floor(Math.random() * 1337);
@ -76,17 +50,23 @@ function papy() {
} }
return random; return random;
} }
function validate(req, res, next) {
app.post("/setup", async function (req, res) { if (!req.session.get("user")) {
res.redirect("/login");
} else {
next();
}
}
fastify.post("/setup", async function (req, res) {
const { url, secure } = req.body; const { url, secure } = req.body;
if (secure) { if (secure) {
process.env.SECURE = true; process.env.SECURE = true;
} }
process.env.BANKAPIURL = url; process.env.BANKAPIURL = url;
console.log(process.env.BANKAPIURL); console.log(process.env.BANKAPIURL);
fs.rmSync(`/app/config/.env`); fs.rmSync(`${root}/.env`);
fs.writeFileSync( fs.writeFileSync(
`/app/config/.env`, `${root}/.env`,
"BANKAPIURL=" + "BANKAPIURL=" +
process.env.BANKAPIURL + process.env.BANKAPIURL +
"\n" + "\n" +
@ -99,9 +79,9 @@ app.post("/setup", async function (req, res) {
res.redirect("/"); res.redirect("/");
}); });
app.get("/", async function (req, res) { fastify.get("/", async function (req, res) {
if (process.env.SETUP == false || !process.env.SETUP) { if (process.env.SETUP == false || !process.env.SETUP) {
res.render("setup"); res.view("setup");
} else { } else {
const client = new CCashClient(process.env.BANKAPIURL); const client = new CCashClient(process.env.BANKAPIURL);
let checkalive; let checkalive;
@ -119,162 +99,176 @@ app.get("/", async function (req, res) {
console.log(err); console.log(err);
} }
res.render("index", { res.view("index", {
user: req.session.user, user: req.session.get("user"),
admin: req.session.admin, admin: req.session.get("admin"),
alive: alive, alive: alive,
url: process.env.BANKAPIURL, url: process.env.BANKAPIURL,
random: papy(),
}); });
} }
}); });
app.get("/BankF", ensureAuthenticated, async function (req, res) { fastify.get(
const client = new CCashClient(process.env.BANKAPIURL); "/BankF",
let successes = req.session.successes; {
let errors = req.session.errors; preValidation: [validate],
req.session.errors = []; },
let admin; async function (req, res) {
try { const client = new CCashClient(process.env.BANKAPIURL);
admin = req.session.admin; let successes = req.session.get("successes");
} catch (err) { req.session.set("successes", "");
console.log(err); let errors = req.session.get("errors");
} req.session.set("errors", "");
let balance = 0; let admin;
balance = await client.balance(req.session.user); try {
let logsent; admin = req.session.get("admin");
console.log("start " + Date.now()); } catch (err) {
try { console.log(err);
const { user, password } = req.session; }
logsent = await client.log(user, password); let balance = 0;
} catch (e) { balance = await client.balance(req.session.get("user"));
console.log(e); console.log(balance);
} let logsent;
console.log(logsent); console.log("start " + Date.now());
let logrec = logsent; try {
let graphlog = logsent; const user = req.session.get("user");
if (graphlog != null) { const password = req.session.get("password");
graphlog = graphlog.reverse(); logsent = await client.log(user, password);
} } catch (e) {
let graphdata = ""; console.log(e);
let currentbal = balance; }
if (graphlog) { console.log(logsent);
for (i = graphlog.length - 1; i > -1; i--) { let logrec = logsent;
if (graphlog[i].from == req.session.user) { let graphlog = logsent;
currentbal = parseInt(currentbal) + parseInt(graphlog[i].amount); if (graphlog != null) {
graphdata = graphdata + ", [" + parseInt(i) + "," + currentbal + "]"; graphlog = graphlog.reverse();
} else { }
currentbal = parseInt(currentbal) - parseInt(graphlog[i].amount); let graphdata = "";
graphdata = graphdata + ", [" + parseInt(i) + "," + currentbal + "]"; let currentbal = balance;
if (graphlog) {
for (i = graphlog.length - 1; i > -1; i--) {
if (graphlog[i].from == req.session.get("user")) {
currentbal = parseInt(currentbal) + parseInt(graphlog[i].amount);
graphdata = graphdata + ", [" + parseInt(i) + "," + currentbal + "]";
} else {
currentbal = parseInt(currentbal) - parseInt(graphlog[i].amount);
graphdata = graphdata + ", [" + parseInt(i) + "," + currentbal + "]";
}
}
} else {
graphlog = undefined;
}
if (graphdata != "") {
graphdata =
", [" + parseInt(graphlog.length) + "," + balance + "]" + graphdata;
graphdata = '["transaction", "balance"]' + graphdata;
}
if (logsent == null) {
logsent = undefined;
} else {
logsent = await logsent.filter(
({ from }) => from === req.session.get("user")
);
}
if (logrec == null) {
logrec = undefined;
} else {
logrec = await logrec.filter(({ to }) => to === req.session.get("user"));
}
if (logsent) {
for (i in logrec) {
logrec[i].time = new Date(logrec[i].time);
} }
} }
} else { if (logrec) {
graphlog = undefined; for (i in logsent) {
logsent[i].time = new Date(logsent[i].time);
}
}
if (logrec != null) {
logrec.reverse();
}
if (logsent != null) {
logsent.reverse();
}
let maxgraph = balance + 1000;
console.log("begin render " + Date.now());
res.view("bankf", {
maxgraph: maxgraph,
graphdata: graphdata,
logrec: logrec,
logsent: logsent,
user: req.session.get("user"),
balance: balance,
admin: req.session.get("admin"),
sucesses: successes,
errors: errors,
});
} }
if (graphdata != "") { );
graphdata =
", [" + parseInt(graphlog.length) + "," + balance + "]" + graphdata; fastify.post(
graphdata = '["transaction", "balance"]' + graphdata; "/sendfunds",
} {
if (logsent == null) { preValidation: [validate],
logsent = undefined; },
} else { async function (req, res) {
logsent = await logsent.filter(({ from }) => from === req.session.user); const client = new CCashClient(process.env.BANKAPIURL);
} let { amount, name, senderpass } = req.body;
if (logrec == null) { req.session.set("errors", "");
logrec = undefined; req.session.set("successes", "");
} else { let a_name = req.session.get("user");
logrec = await logrec.filter(({ to }) => to === req.session.user); let result;
} result = await client.sendFunds(a_name, senderpass, name, amount);
if (logsent) { console.log(result);
for (i in logrec) { if (result == 1) {
logrec[i].time = new Date(logrec[i].time); req.session.set("successes", "Transfer successful");
//post details
res.redirect("/BankF");
} else if (result == -1) {
req.session.set("errors", "Transfer Unsuccessful: User not Found");
res.redirect("/BankF");
} else if (result == -2) {
req.session.set("errors", "Transfer Unsuccessful: Wrong Password");
res.redirect("/BankF");
} }
} }
if (logrec) { );
for (i in logsent) {
logsent[i].time = new Date(logsent[i].time);
}
}
if (logrec != null) {
logrec.reverse();
}
if (logsent != null) {
logsent.reverse();
}
let maxgraph = balance + 1000;
console.log("begin render " + Date.now());
res.render("bankf", {
maxgraph: maxgraph,
graphdata: graphdata,
logrec: logrec,
logsent: logsent,
user: req.session.user,
balance: balance,
user: req.session.user,
admin: req.session.admin,
sucesses: successes,
errors: errors,
random: papy(),
});
});
app.post("/sendfunds", async function (req, res) { fastify.post("/register", async function (req, res) {
const client = new CCashClient(process.env.BANKAPIURL);
let { amount, name, senderpass } = req.body;
req.session.errors = [];
req.session.successes = [];
let a_name = req.session.user;
let result;
result = await client.sendFunds(a_name, senderpass, name, amount);
console.log(result);
if (result == 1) {
req.session.successes.push({ msg: "Transfer successful" });
//post details
res.redirect("/BankF");
} else if (result == -1) {
req.session.errors.push({ msg: "Transfer Unsuccessful: User not Found" });
res.redirect("/Bankf");
} else if (result == -2) {
req.session.errors.push({ msg: "Transfer Unsuccessful: Wrong Password" });
res.redirect("/Bankf");
}
});
app.post("/register", async function (req, res) {
const client = new CCashClient(process.env.BANKAPIURL); const client = new CCashClient(process.env.BANKAPIURL);
var { name, password, password2 } = req.body; var { name, password, password2 } = req.body;
req.session.errors = []; req.session.set("successes", "");
req.session.successes = []; req.session.set("errors", "");
if (!name || !password || !password2) { if (!name || !password || !password2) {
req.session.errors.push({ msg: "please fill in all fields" }); req.session.set("errors", "please fill in all fields");
res.redirect("/register");
} else if (password != password2) { } else if (password != password2) {
req.session.errors.push({ msg: "Passwords don't match" }); req.session.set("errors", "Passwords don't match");
res.redirect("/register");
} else if (password.length < 6) { } else if (password.length < 6) {
req.session.errors.push({ req.session.set("errors", "Password must be at least 6 characters");
msg: "Password must be at least 6 characters", res.redirect("/register");
});
} else { } else {
let checkuser = await postUser(name, password); let checkuser = await client.addUser(name, password);
console.log(checkuser); console.log(await checkuser);
if (checkuser == -4) { if (checkuser == -4) {
req.session.errors.push({ msg: "Error: Name too long" }); req.session.set("errors", "Error: Name too long");
res.redirect("/register"); res.redirect("/register");
} else if (checkuser == -5) { } else if (checkuser == -5) {
req.session.errors.push({ msg: "Error: User Already Exists" }); req.session.set("errors", "Error: User Already Exists");
res.redirect("/register"); res.redirect("/register");
} else { } else {
req.session.successes.push({ msg: "Account Created! please Log in" }); req.session.set("successes", "Account Created! please Log in");
res.redirect("/login"); res.redirect("/login");
} }
} }
}); });
app.post("/login", async function (req, res) { fastify.post("/login", async function (req, res) {
const client = new CCashClient(process.env.BANKAPIURL); const client = new CCashClient(process.env.BANKAPIURL);
if (req.session.user) { if (req.session.get("user")) {
res.redirect("/"); res.redirect("/");
} }
req.session.regenerate(function (err) {});
const { name, password } = req.body; const { name, password } = req.body;
let adminTest; let adminTest;
try { try {
@ -284,70 +278,77 @@ app.post("/login", async function (req, res) {
} }
console.log(adminTest); console.log(adminTest);
if (adminTest != -2) { if (adminTest != -2) {
req.session.admin = adminTest; req.session.set("admin", adminTest);
req.session.adminp = password; req.session.set("adminp", password);
req.session.user = name; req.session.set("user", name);
req.session.password = password; req.session.set("password", password);
res.redirect("/BankF"); res.redirect("/BankF");
} else { } else {
let verified; let verified;
verified = await client.verifyPassword(name, password); verified = await client.verifyPassword(name, password);
console.log(verified); console.log(verified);
if (verified == 1) { if (verified == 1) {
req.session.user = name; req.session.set("user", name);
req.session.password = password; req.session.set("password", password);
res.redirect("/BankF"); res.redirect("/BankF");
} else { } else {
req.session.errors = []; req.session.set("errors", ["Password wrong"]);
req.session.errors.push({ msg: "Password wrong" });
res.redirect("/login"); res.redirect("/login");
} }
} }
}); });
let admin = require("./routes/admin"); fastify.register(require("./routes/admin"), { prefix: "/admin" });
app.use("/admin", admin);
let settings = require("./routes/settings"); fastify.register(require("./routes/settings"), { prefix: "/settings" });
app.use("/settings", settings);
app.get("/logout", function (req, res) { fastify.get("/logout", function (req, res) {
req.session.regenerate(function (err) { let successes = req.session.get("successes");
res.render("login", { let errors = req.session.get("errors");
random: papy(), req.session.delete();
});
});
});
app.get("/login", function (req, res) { req.session.delete();
let successes = req.session.successes; res.view("login", {
let errors = req.session.errors; random: papy(),
req.session.regenerate(function (err) {
res.render("login", {
successes: successes,
errors: errors,
user: req.session.user,
random: papy(),
});
});
});
app.get("/register", function (req, res) {
let successes = req.session.successes;
req.session.successes = [];
let errors = req.session.errors;
req.session.errors = [];
res.render("register", {
errors: errors,
successes: successes, successes: successes,
user: req.session.user, errors: errors,
admin: req.session.admin, });
});
fastify.get("/login", function (req, res) {
let successes = req.session.get("successes");
req.session.set("successes", "");
let errors = req.session.get("errors");
req.session.set("errors", "");
res.view("login", {
successes: successes,
errors: errors,
user: req.session.get("user"),
random: papy(),
});
});
fastify.get("/register", function (req, res) {
let successes = req.session.get("successes");
req.session.set("successes", "");
let errors = req.session.get("errors");
req.session.set("errors", "");
res.view("register", {
successes: successes,
errors: errors,
user: req.session.get("user"),
admin: req.session.get("admin"),
random: papy(), random: papy(),
}); });
}); });
process.on("SIGINT", function () { process.on("SIGINT", function () {
process.exit(); process.exit();
}); });
app.listen(process.env.PORT || 3000, function () {
console.log("Server started on port 3000..."); fastify.listen(process.env.PORT || 3000, function (err, address) {
if (err) {
fastify.log.error(err);
process.exit(1);
}
fastify.log.info(`server listening on ${address}`);
}); });

4640
package-lock.json generated
View file

File diff suppressed because it is too large Load diff

19
package.json
View file

@ -1,17 +1,34 @@
{ {
"dependencies": { "dependencies": {
"ccash-client-js": "^1.6.3", "@mgcrea/fastify-session": "^0.14.1",
"ccash-client-js": "^1.8.1",
"connect-flash": "^0.1.1", "connect-flash": "^0.1.1",
"dotenv": "^8.2.0", "dotenv": "^8.2.0",
"express": "^4.17.1", "express": "^4.17.1",
"express-messages": "^1.0.1", "express-messages": "^1.0.1",
"express-session": "^1.17.1", "express-session": "^1.17.1",
"express-validator": "5.3.1", "express-validator": "5.3.1",
"fastify": "^3.18.0",
"fastify-auth": "^1.1.0",
"fastify-basic-auth": "^2.0.0",
"fastify-cookie": "^5.3.1",
"fastify-flash": "^2.0.2",
"fastify-formbody": "^5.0.0",
"fastify-jwt": "^3.0.0",
"fastify-jwt-webapp": "^0.11.1",
"fastify-plugin": "^3.0.0",
"fastify-secure-session": "^2.3.1",
"fastify-session": "^5.2.1",
"fastify-static": "^4.2.2",
"fastify-tls-keygen": "^1.1.0",
"got": "^11.8.2", "got": "^11.8.2",
"https": "^1.0.0", "https": "^1.0.0",
"memorystore": "*", "memorystore": "*",
"mongoose": "^5.12.5", "mongoose": "^5.12.5",
"path": "^0.12.7", "path": "^0.12.7",
"pem": "^1.14.4",
"pino-pretty": "^5.0.2",
"point-of-view": "^4.15.0",
"pug": "^3.0.2", "pug": "^3.0.2",
"url": "^0.11.0", "url": "^0.11.0",
"validator": "^13.5.2" "validator": "^13.5.2"

355
routes/admin.js
View file

@ -1,184 +1,211 @@
const root = process.env.PWD; const root = process.env.PWD;
const express = require("express");
const router = express.Router();
const path = require("path"); const path = require("path");
const { ensureAuthenticated } = require(`${root}/config/auth.js`);
const { checkAdmin } = require(`${root}/config/admin.js`);
const pug = require("pug"); const pug = require("pug");
const flash = require("connect-flash"); const flash = require("connect-flash");
const expressValidator = require("express-validator"); const expressValidator = require("express-validator");
const session = require("express-session");
const { postUser } = require(`${root}/helpers/functions.js`); const { postUser } = require(`${root}/helpers/functions.js`);
const got = require("got"); const got = require("got");
const MemoryStore = require("memorystore")(session);
const fs = require("fs"); const fs = require("fs");
const mongoose = require("mongoose"); const mongoose = require("mongoose");
const { CCashClient } = require("ccash-client-js"); const { CCashClient } = require("ccash-client-js");
console.log("Sen was here"); console.log("Sen was here");
module.exports = function (fastify, opts, done) {
router.get("/", checkAdmin, function (req, res) { fastify.get(
let successes = req.session.successes; "/",
req.session.successes = []; {
let errors = req.session.errors; preValidation: [validateAdmin],
req.session.errors = []; },
res.render("adminsettings", { function (req, res) {
user: req.session.user, let successes = req.session.get("successes");
admin: req.session.admin, req.session.set("successes", "");
errors: errors, let errors = req.session.get("errors");
successes: successes, req.session.set("errors", "");
marketplace: process.env.MARKETPLACE, res.view("adminsettings", {
random: papy(), user: req.session.get("user"),
}); admin: req.session.get("admin"),
}); errors: errors,
successes: successes,
router.post("/user", checkAdmin, async function (req, res) { random: papy(),
const client = new CCashClient(process.env.BANKAPIURL); });
req.session.errors = []; }
req.session.successes = [];
let { name, init_pass, init_bal, password2 } = req.body;
if (!name || !init_pass || !init_bal || !password2) {
req.session.errors.push({ msg: "please fill in all fields" });
} else if (init_pass !== password2) {
req.session.errors.push({ msg: "Passwords don't match" });
} else if (init_pass.length < 6) {
req.session.errors.push({
msg: "Password must be at least 6 characters",
});
}
let post = await client.adminAddUser(
name,
req.session.adminp,
init_pass,
parseInt(init_bal)
); );
console.log(post);
if (post == -3) {
req.session.errors.push({ msg: "Invalid Request" });
} else if (post == -4) {
req.session.errors.push({ msg: "Name too long" });
} else if (post == -5) {
req.session.errors.push({ msg: "User already exists" });
} else {
req.session.successes.push({ msg: "Account Creation Successful" });
}
res.redirect("/admin");
});
router.post("/baluser", checkAdmin, async function (req, res) { fastify.post(
const client = new CCashClient(process.env.BANKAPIURL); "/user",
let { name } = req.body; {
let balance; preValidation: [validateAdmin],
req.session.successes = []; },
req.session.errors = []; async function (req, res) {
balance = await client.balance(name); const client = new CCashClient(process.env.BANKAPIURL);
console.log(balance.body); let { name, init_pass, init_bal, password2 } = req.body;
balance = parseInt(balance); if (!name || !init_pass || !init_bal || !password2) {
if (balance < 0) { req.session.set("errors", "please fill in all fields");
req.session.errors.push({ msg: "User not found" }); } else if (init_pass !== password2) {
} else { req.session.set("errors", "Passwords don't match");
req.session.successes.push({ } else if (init_pass.length < 6) {
msg: "User: " + name + " has " + balance + " monies", req.session.set("errors", "Password must be at least 6 characters");
}); }
} let post = await client.adminAddUser(
res.redirect("/admin"); name,
}); req.session.get("adminp"),
init_pass,
router.post("/bal", checkAdmin, async function (req, res) { parseInt(init_bal)
const client = new CCashClient(process.env.BANKAPIURL); );
let { name, amount } = req.body; console.log(post);
let patch; if (post == -3) {
req.session.successes = []; req.session.set("errors", "Invalid Request");
req.session.errors = []; } else if (post == -4) {
patch = await client.setBalance(name, req.session.adminp, parseInt(amount)); req.session.set("errors", "Name too long");
console.log(patch); } else if (post == -5) {
if (patch == -1) { req.session.set("errors", "User already exists");
req.session.errors.push({ msg: "User not Found" }); } else {
} else if (patch == 1) { req.session.set("successes", "Account Creation Successful");
req.session.successes.push({ msg: "Change Funds Successful" }); }
}
res.redirect("/admin");
});
router.post("/userdelete", checkAdmin, async function (req, res) {
const client = new CCashClient(process.env.BANKAPIURL);
let { name, attempt } = req.body;
if (attempt != req.session.adminp) {
req.session.errors.push({ msg: "Wrong Admin Password" });
res.redirect("/admin");
} else {
let deleteUser = client.adminDeleteUser(name, attempt);
if (deleteUser == -1) {
req.session.errors.push({ msg: "User Deletion Failed, User Not Found" });
res.redirect("/admin");
} else {
req.session.successes.push({ msg: "User Deletion Successful" });
res.redirect("/admin"); res.redirect("/admin");
} }
}
});
router.post("/destroyallsessions", checkAdmin, async function (req, res) {
const client = new CCashClient(process.env.BANKAPIURL);
let { attempt } = req.body;
let adminTest;
req.session.errors = [];
try {
adminTest = await client.adminVerifyPassword(attempt);
} catch (err) {
console.log(err);
}
if (adminTest) {
req.sessionStore.clear(function (err) {
console.log(err);
res.redirect("/");
});
} else {
req.session.errors.push({ msg: "failed admin password check" });
res.redirect("/admin");
}
});
router.post("/changebackend", checkAdmin, async function (req, res) {
let { url } = req.body;
if (!url.endsWith("/")) {
url = url + "/";
}
process.env.BANKAPIURL = url;
fs.writeFileSync(
`${root}/.env`,
"BANKAPIURL=" +
process.env.BANKAPIURL +
"\n" +
"SECURE=" +
process.env.SECURE +
"\n" +
"MARKETPLACE=" +
process.env.MARKETPLACE +
"\n" +
"MONGO=" +
process.env.MONGO +
"\nSETUP=true"
); );
fs.mkdirSync(`${root}/tmp`);
fs.writeFileSync(`${root}tmp/restart.txt`, "");
res.redirect("../");
});
router.post("/close", checkAdmin, async function (req, res) { fastify.post(
const client = new CCashClient(process.env.BANKAPIURL); "/baluser",
let { attempt } = req.body; {
let close; preValidation: [validateAdmin],
close = client.close(); },
res.redirect("../"); async function (req, res) {
}); const client = new CCashClient(process.env.BANKAPIURL);
function papy() { let { name } = req.body;
const rndInt = Math.floor(Math.random() * 1337); let balance;
let random = false; req.session.set("successes", "");
if (rndInt == 420) { req.session.set("errors", "");
random = true; balance = await client.balance(name);
console.log(balance.body);
balance = parseInt(balance);
if (balance < 0) {
req.session.set("errors", "User not found");
} else {
req.session.set(
"successes",
"User: " + name + " has " + balance + " monies"
);
}
res.redirect("/admin");
}
);
fastify.post(
"/bal",
{
preValidation: [validateAdmin],
},
async function (req, res) {
const client = new CCashClient(process.env.BANKAPIURL);
let { name, amount } = req.body;
let patch;
req.session.successes = [];
req.session.errors = [];
patch = await client.setBalance(
name,
req.session.get("adminp"),
parseInt(amount)
);
console.log(patch);
if (patch == -1) {
req.session.set("errors", "User not Found");
} else if (patch == 1) {
req.session.set("successes", "Change Funds Successful");
}
res.redirect("/admin");
}
);
fastify.post(
"/userdelete",
{
preValidation: [validateAdmin],
},
async function (req, res) {
const client = new CCashClient(process.env.BANKAPIURL);
let { name, attempt } = req.body;
if (attempt != req.session.get("adminp")) {
req.session.set("errors", "Wrong Admin Password");
res.redirect("/admin");
} else {
let deleteUser = client.adminDeleteUser(name, attempt);
if (deleteUser == -1) {
req.session.errors.push({
msg: "User Deletion Failed, User Not Found",
});
res.redirect("/admin");
} else {
req.session.set("successes", "User Deletion Successful");
res.redirect("/admin");
}
}
}
);
fastify.post(
"/changebackend",
{
preValidation: [validateAdmin],
},
async function (req, res) {
let { url } = req.body;
if (!url.endsWith("/")) {
url = url + "/";
}
process.env.BANKAPIURL = url;
fs.writeFileSync(
`${root}/.env`,
"BANKAPIURL=" +
process.env.BANKAPIURL +
"\n" +
"SECURE=" +
process.env.SECURE +
"\n" +
"MARKETPLACE=" +
process.env.MARKETPLACE +
"\n" +
"MONGO=" +
process.env.MONGO +
"\nSETUP=true"
);
fs.mkdirSync(`${root}/tmp`);
fs.writeFileSync(`${root}tmp/restart.txt`, "");
res.redirect("../");
}
);
fastify.post(
"/close",
{
preValidation: [validateAdmin],
},
async function (req, res) {
const client = new CCashClient(process.env.BANKAPIURL);
let { attempt } = req.body;
let close;
close = client.close();
res.redirect("../");
}
);
function validateAdmin(req, res, next) {
if (!req.session.get("admin")) {
res.redirect("/login");
} else {
next();
}
} }
return random; function papy() {
} const rndInt = Math.floor(Math.random() * 1337);
module.exports = router; let random = false;
if (rndInt == 420) {
random = true;
}
return random;
}
done();
};

159
routes/settings.js
View file

@ -1,9 +1,5 @@
const root = process.env.PWD; const root = process.env.PWD;
const express = require("express");
const router = express.Router();
const path = require("path"); const path = require("path");
const { ensureAuthenticated } = require(`${root}/config/auth.js`);
const { checkAdmin } = require(`${root}/config/admin.js`);
var pug = require("pug"); var pug = require("pug");
const flash = require("connect-flash"); const flash = require("connect-flash");
const expressValidator = require("express-validator"); const expressValidator = require("express-validator");
@ -11,60 +7,109 @@ const session = require("express-session");
const { postUser } = require(`${root}/helpers/functions.js`); const { postUser } = require(`${root}/helpers/functions.js`);
const { CCashClient } = require("ccash-client-js"); const { CCashClient } = require("ccash-client-js");
router.get("/", ensureAuthenticated, function (req, res) { function validate(req, res, next) {
let successes = req.session.successes; if (!req.session.get("user")) {
req.session.successes = []; res.redirect("/login");
let errors = req.session.errors;
req.session.errors = [];
res.render("settings", {
errors: errors,
successes: successes,
user: req.session.user,
admin: req.session.admin,
});
});
router.post("/pass", ensureAuthenticated, async function (req, res) {
const client = new CCashClient(process.env.BANKAPIURL);
let { attempt, new_pass, password2 } = req.body;
let patch;
if (attempt == undefined) {
attempt = "";
}
if (!new_pass || !password2) {
req.session.errors.push({ msg: "please fill in all fields" });
}
//check if match
if (new_pass != password2) {
req.session.errors.push({ msg: "Passwords don't match" });
}
//check if password is more than 6 characters
if (new_pass.length < 6) {
req.session.errors.push({ msg: "Password must be at least 6 characters" });
}
if (req.session.errors.length > 0) {
console.log(req.session.errors);
res.redirect("/settings");
} else { } else {
patch = await client.changePassword(req.session.user, attempt, new_pass); next();
console.log(patch); }
if (patch == -2) { }
req.session.errors.push({
msg: "Password Wrong", module.exports = function (fastify, opts, done) {
}); fastify.get(
res.redirect("/settings"); "/",
} else { {
req.session.regenerate(function (err) { preValidation: [validate],
req.session.successes = []; },
req.session.successes.push({ function (req, res) {
msg: "Change Password Successful, Please Login Again", let successes = req.session.get("successes");
}); req.session.set("successes", "");
res.redirect("/login"); let errors = req.session.get("errors");
req.session.set("errors", "");
res.view("settings", {
errors: errors,
successes: successes,
user: req.session.get("user"),
admin: req.session.get("admin"),
}); });
} }
} );
});
module.exports = router; fastify.post(
"/pass",
{
preValidation: [validate],
},
async function (req, res) {
const client = new CCashClient(process.env.BANKAPIURL);
let { attempt, new_pass, password2 } = req.body;
let patch;
if (attempt == undefined) {
attempt = "";
} else if (!new_pass || !password2) {
req.session.set("errors", "please fill in all fields");
res.redirect("/settings");
} else if (new_pass != password2) {
req.session.set("errors", "Passwords don't match");
res.redirect("/settings");
} else if (new_pass.length < 6) {
req.session.set("errors", "Password must be at least 6 characters");
res.redirect("/settings");
} else {
patch = await client.changePassword(
req.session.user,
attempt,
new_pass
);
console.log(patch);
if (patch == -2) {
req.session.set("errors", "Password Wrong");
res.redirect("/settings");
} else {
req.destroySession(function (err) {
req.session.set(
"successes",
"Change Password Successful, Please Login Again"
);
res.redirect("/login");
});
}
}
}
);
fastify.post(
"/delete",
{
preValidation: [validate],
},
async function (req, res) {
const client = new CCashClient(process.env.BANKAPIURL);
let { password, password2 } = req.body;
let del;
if (!password || !password2) {
req.session.set("errors", "please fill in all fields");
res.redirect("/settings");
} else if (password != password2) {
req.session.set("errors", "Passwords don't match");
res.redirect("/settings");
} else {
del = await client.deleteUser(req.session.user, password);
console.log(del);
if (del == -2) {
req.session.set("errors", "Password Wrong");
res.redirect("/settings");
} else {
req.session.delete();
req.session.set(
"successes",
"Account Deleted, pls dont come back to complain"
);
res.redirect("/login");
}
}
}
);
done();
};

1
secret-key Normal file
View file

@ -0,0 +1 @@
Öƒ”Qþ;¶àLÛ±iÚÇôâgoÙþ¦Y;vØ)ßû2”

10
views/adminsettings.pug
View file

@ -68,16 +68,6 @@ block content
br br
input.btn.btn-warning(type='submit',value='Submit') input.btn.btn-warning(type='submit',value='Submit')
br br
.card.shadow-lg
h4 Destroy All Sessions
form(method='POST', action='/admin/destroyallsessions')
#form-group
p WARNING THIS WILL DESTROY ALL LOGIN SESSIONS, EVERYONE WILL HAVE TO LOG IN AGAIN
label Confirm admin password to DESTROY
input.form-control(name='attempt', type='password')
br
input.btn.btn-danger(type='submit',value='Destroy')
br
.card.shadow-lg .card.shadow-lg
h4 Close Server h4 Close Server
form(method='POST', action='/admin/close') form(method='POST', action='/admin/close')

11
views/layout.pug
View file

@ -5,9 +5,9 @@ html
link(rel="stylesheet", href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css", integrity="sha384-JcKb8q3iqJ61gNV9KGb8thSsNjpSL0n8PARn9HuZOnIxN0hoP+VmmDGMN5t9UJ0Z", crossorigin="anonymous") link(rel="stylesheet", href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css", integrity="sha384-JcKb8q3iqJ61gNV9KGb8thSsNjpSL0n8PARn9HuZOnIxN0hoP+VmmDGMN5t9UJ0Z", crossorigin="anonymous")
link(rel="preconnect" href="https://fonts.gstatic.com") link(rel="preconnect" href="https://fonts.gstatic.com")
link(href="https://fonts.googleapis.com/css2?family=Lato&family=Montserrat&display=swap" rel="stylesheet") link(href="https://fonts.googleapis.com/css2?family=Lato&family=Montserrat&display=swap" rel="stylesheet")
if random == true if random
link(rel='stylesheet' href='/css/papy.css') link(rel='stylesheet' href='/css/papy.css')
if random == false || random == null if !random
link(rel='stylesheet' href='/css/style.css') link(rel='stylesheet' href='/css/style.css')
meta(name='viewport', content='width=device-width, initial-scale=1.0') meta(name='viewport', content='width=device-width, initial-scale=1.0')
body body
@ -38,13 +38,10 @@ html
li.nav-item li.nav-item
a.nav-link(href='/admin').text-white Admin a.nav-link(href='/admin').text-white Admin
.container .container
!= messages('message', locals)
if errors if errors
each error, i in errors div(class="alert alert-danger") #{errors}
div(class="alert alert-danger") #{error.msg}
if successes if successes
each success, i in successes div(class="alert alert-success") #{successes}
div(class="alert alert-success") #{success.msg}
br br
br br
block content block content

15
views/settings.pug
View file

@ -4,7 +4,7 @@ extends layout
block content block content
.container .container
h1 Settings, logged in as: #{user} h1 Settings, logged in as: #{user}
.card .card.shadow
h4 Change password h4 Change password
form(method='POST', action='/settings/pass') form(method='POST', action='/settings/pass')
#form-group #form-group
@ -16,3 +16,16 @@ block content
input.form-control(name='password2',type='password') input.form-control(name='password2',type='password')
br br
input.btn.btn-primary(type='submit',value='Submit') input.btn.btn-primary(type='submit',value='Submit')
br
br
.card.shadow
h4 DELETE ACCOUNT
p Dont do this unless you want your account deleted, hate that i have to put warnings on this but there is no undo
form(method='POST', action='/settings/delete')
#form-group
label Current Password:
input.form-control(name='password',type='password')
label Confirm:
input.form-control(name='password2',type='password')
br
input.btn.btn-danger(type='submit',value='DELETE')