From 143b63f16d835ee7164d79c558041f0b7f3d0a38 Mon Sep 17 00:00:00 2001 From: jusax23 Date: Tue, 7 Mar 2023 16:47:26 +0100 Subject: [PATCH] fix tempToken --- src/api/acts/login.ts | 6 +++--- src/api/post.ts | 34 +++++++++++++++++----------------- src/api/ws.ts | 17 +++++++++-------- src/main.ts | 16 ++++++++-------- 4 files changed, 37 insertions(+), 36 deletions(-) diff --git a/src/api/acts/login.ts b/src/api/acts/login.ts index b03e7d7..9983093 100644 --- a/src/api/acts/login.ts +++ b/src/api/acts/login.ts @@ -10,12 +10,12 @@ import { addTempToken, postClient } from "../post.js"; import { Act, Client, STATE } from "../user.js"; export const requestTempToken: Act = { - state: STATE.no, + state: STATE.no | STATE.remote | STATE.remoteP | STATE.client, right: 0, data: {}, func: async (client: Client, data: any, aws: (code: string, data: any) => void): Promise => { - if (!(client instanceof postClient)) return void aws("error", "mode"); - let token = addTempToken(client); + let c = new postClient(client.ip, client); + let token = addTempToken(c); aws("ok", { token }); diff --git a/src/api/post.ts b/src/api/post.ts index 27356d8..b5885ae 100644 --- a/src/api/post.ts +++ b/src/api/post.ts @@ -38,7 +38,7 @@ export const addPostMethods = (server: express.Express) => { try { let auth = authorization.parse(req.headers["authorization"] ?? ""); if (auth.scheme == "outbagServer") { - + throw new Error("not implemented"); } else if (auth.token != null && typeof auth.token == "string") { if (tempTokens[auth.token] != null) { client = tempTokens[auth.token]; @@ -49,13 +49,13 @@ export const addPostMethods = (server: express.Express) => { } } else if (auth?.params?.name != null && auth?.params?.accountKey != null && typeof auth?.params?.name == "string" && typeof auth?.params?.accountKey == "string") { client = new postClient(req.ip); - client.name = auth?.params?.name; - client.server = localhostTag; + client.client.name = auth?.params?.name; + client.client.server = localhostTag; let accountKey = auth?.params?.accountKey; let query = await select([accounts.accID, accounts.accountKey, accounts.accountKeySalt], accounts) .where(and( - eq(accounts.name, client.name), + eq(accounts.name, client.client.name), eq(accounts.deleted, 0) )) .query(db); @@ -65,8 +65,8 @@ export const addPostMethods = (server: express.Express) => { aws("error", "auth"); return; } - client.accID = query[0][accounts.accID]; - client.state = STATE.client; + client.client.accID = query[0][accounts.accID]; + client.client.state = STATE.client; } } catch (error) { @@ -83,19 +83,20 @@ export const addPostMethods = (server: express.Express) => { } } -export class postClient extends Client { +export class postClient { lastReq = uts(); - constructor(ip: string) { - super(ip); + client: Client; + constructor(ip: string, client = new Client(ip)) { + this.client = client; } async runAct(act: Act, json: any, aws: (state: string, data: any) => void) { this.lastReq = uts(); try { let { state, data, right, func } = act; - if (!(state & this.state)) { + if (!(state & this.client.state)) { aws("error", "wrongstate"); debug("POST", "send:", "error", "wrongstate"); - this.suspect(); + this.client.suspect(); return; } if (json.data === null) { @@ -113,15 +114,15 @@ export class postClient extends Client { } } } - if (right && !(await this.checkRight(right))) { + if (right && !(await this.client.checkRight(right))) { aws("error", "right"); debug("POST", "send:", "error", "right"); - this.suspect(); + this.client.suspect(); return; } var send = false; try { - await func(this, json.data, (state, data = "") => { + await func(this.client, json.data, (state, data = "") => { debug("POST", "send:", state, data); aws(state, data); send = true; @@ -141,8 +142,7 @@ export class postClient extends Client { } } -export const addTempToken = (client: Client) => { - if (!(client instanceof postClient)) return false; +export const addTempToken = (client: postClient) => { let token = get64(128); if (tempTokens[token] != null) token = get64(128); if (tempTokens[token] != null) token = get64(128); @@ -155,7 +155,7 @@ addShutdownTask(() => { let keys = Object.keys(tempTokens); for (let i = 0; i < keys.length; i++) { const c = tempTokens[keys[i]]; - if (c.lastReq + 60 * 60 * 3 < uts()) { + if (c.lastReq + 60 * 60 * 1 < uts()) { delete tempTokens[keys[i]]; } } diff --git a/src/api/ws.ts b/src/api/ws.ts index d5200da..61fd9d7 100644 --- a/src/api/ws.ts +++ b/src/api/ws.ts @@ -8,7 +8,7 @@ import * as importActs from "./acts.js" let acts = importActs as { [key: string]: Act }; let activeWS = false; -export const activatePost = () => { activeWS = true; }; +export const activateWS = () => { activeWS = true; }; export const wsOnConnection = (socket: ws.WebSocket, req: http.IncomingMessage) => { let ip = req.socket.remoteAddress; @@ -18,12 +18,13 @@ export const wsOnConnection = (socket: ws.WebSocket, req: http.IncomingMessage) let clients: wsClient[] = []; -export class wsClient extends Client { +export class wsClient { socket: ws.WebSocket; open = true; activeRequests = 0; + client: Client; constructor(socket: ws.WebSocket, req: http.IncomingMessage) { - super(req.socket.remoteAddress ?? ""); + this.client = new Client(req.socket.remoteAddress ?? ""); this.socket = socket; socket.on("message", async (msg: any) => { @@ -54,14 +55,14 @@ export class wsClient extends Client { return; } let { state, data, right, func } = acts[json.act]; - if (!(state & this.state)) { + if (!(state & this.client.state)) { socket.send(JSON.stringify({ id: json.id, state: "error", data: "wrongstate" })); debug("WebSocket", "send:", "error", "wrongstate"); - this.suspect(); + this.client.suspect(); return; } if (json.data === null) { @@ -87,19 +88,19 @@ export class wsClient extends Client { } } } - if (right && !(await this.checkRight(right))) { + if (right && !(await this.client.checkRight(right))) { socket.send(JSON.stringify({ id: json.id, state: "error", data: "right" })); debug("WebSocket", "send:", "error", "right"); - this.suspect(); + this.client.suspect(); return; } var send = false; try { - await func(this, json.data, (state, data = "") => { + await func(this.client, json.data, (state, data = "") => { debug("WebSocket", "send:", state, data); socket.send(JSON.stringify({ id: json.id, state, data })); send = true; diff --git a/src/main.ts b/src/main.ts index 4905b89..7a57dbb 100644 --- a/src/main.ts +++ b/src/main.ts @@ -14,8 +14,8 @@ import { connectToDB } from "./sys/db.js"; import bruteforce from "./sys/bruteforce.js"; import { fullSetup, partiellSetup } from "./setup/config.js"; import { addGetMethods } from "./api/get.js"; -import { addPostMethods } from "./api/post.js"; -import { wsOnConnection } from "./api/ws.js"; +import { activatePost, addPostMethods } from "./api/post.js"; +import { activateWS, wsOnConnection } from "./api/ws.js"; import { startUpdateCert } from "./server/serverCerts.js"; @@ -64,8 +64,8 @@ async function startServer() { await connectToDB(); const server = express(); - server.use(express.json({ limit: '100mb' })); - server.use(express.urlencoded({ limit: '100mb', extended: false })); + server.use(express.json({ limit: '1000mb' })); + server.use(express.urlencoded({ limit: '1000mb', extended: false })); server.use(cors()); server.use(bruteforce); addGetMethods(server); @@ -78,7 +78,6 @@ async function startServer() { const wssServer = new WebSocketServer({ server: HTTPserver }); wssServer.on('connection', wsOnConnection); serverclose = HTTPserver.listen(oConf.get("System", "PORT"), () => { - log("Server", 'Listening...'); complete_loaded(); }); }).catch(err => { @@ -91,7 +90,6 @@ async function startServer() { const wssServer = new WebSocketServer({ server: HTTPserver }); wssServer.on('connection', wsOnConnection); serverclose = HTTPserver.listen(oConf.get("System", "PORT"), () => { - log("Server", 'Listening...'); complete_loaded(); }); } @@ -101,6 +99,8 @@ async function startServer() { async function complete_loaded() { startUpdateCert(); let succ = await generateTag(); - if(!succ) error("System", "Could not resolve own Server Tag. Remote-Auth will not work! Check if the Server is reachable and the config ist correct!"); - + if(!succ) error("Outbag", "Could not resolve own Server Tag. Remote-Auth will not work! Check if the Server is reachable and the config ist correct!"); + activatePost(); + activateWS(); + log("Server", 'Listening...'); } \ No newline at end of file