fix tempToken

This commit is contained in:
jusax23 2023-03-07 16:47:26 +01:00
parent 60069c86af
commit 143b63f16d
Signed by: jusax23
GPG key ID: 499E2AA870C1CD41
4 changed files with 37 additions and 36 deletions

View file

@ -10,12 +10,12 @@ import { addTempToken, postClient } from "../post.js";
import { Act, Client, STATE } from "../user.js"; import { Act, Client, STATE } from "../user.js";
export const requestTempToken: Act = { export const requestTempToken: Act = {
state: STATE.no, state: STATE.no | STATE.remote | STATE.remoteP | STATE.client,
right: 0, right: 0,
data: {}, data: {},
func: async (client: Client, data: any, aws: (code: string, data: any) => void): Promise<void> => { func: async (client: Client, data: any, aws: (code: string, data: any) => void): Promise<void> => {
if (!(client instanceof postClient)) return void aws("error", "mode"); let c = new postClient(client.ip, client);
let token = addTempToken(client); let token = addTempToken(c);
aws("ok", { aws("ok", {
token token
}); });

View file

@ -38,7 +38,7 @@ export const addPostMethods = (server: express.Express) => {
try { try {
let auth = authorization.parse(req.headers["authorization"] ?? ""); let auth = authorization.parse(req.headers["authorization"] ?? "");
if (auth.scheme == "outbagServer") { if (auth.scheme == "outbagServer") {
throw new Error("not implemented");
} else if (auth.token != null && typeof auth.token == "string") { } else if (auth.token != null && typeof auth.token == "string") {
if (tempTokens[auth.token] != null) { if (tempTokens[auth.token] != null) {
client = tempTokens[auth.token]; client = tempTokens[auth.token];
@ -49,13 +49,13 @@ export const addPostMethods = (server: express.Express) => {
} }
} else if (auth?.params?.name != null && auth?.params?.accountKey != null && typeof auth?.params?.name == "string" && typeof auth?.params?.accountKey == "string") { } else if (auth?.params?.name != null && auth?.params?.accountKey != null && typeof auth?.params?.name == "string" && typeof auth?.params?.accountKey == "string") {
client = new postClient(req.ip); client = new postClient(req.ip);
client.name = auth?.params?.name; client.client.name = auth?.params?.name;
client.server = localhostTag; client.client.server = localhostTag;
let accountKey = auth?.params?.accountKey; let accountKey = auth?.params?.accountKey;
let query = await select([accounts.accID, accounts.accountKey, accounts.accountKeySalt], accounts) let query = await select([accounts.accID, accounts.accountKey, accounts.accountKeySalt], accounts)
.where(and( .where(and(
eq(accounts.name, client.name), eq(accounts.name, client.client.name),
eq(accounts.deleted, 0) eq(accounts.deleted, 0)
)) ))
.query(db); .query(db);
@ -65,8 +65,8 @@ export const addPostMethods = (server: express.Express) => {
aws("error", "auth"); aws("error", "auth");
return; return;
} }
client.accID = query[0][accounts.accID]; client.client.accID = query[0][accounts.accID];
client.state = STATE.client; client.client.state = STATE.client;
} }
} catch (error) { } catch (error) {
@ -83,19 +83,20 @@ export const addPostMethods = (server: express.Express) => {
} }
} }
export class postClient extends Client { export class postClient {
lastReq = uts(); lastReq = uts();
constructor(ip: string) { client: Client;
super(ip); constructor(ip: string, client = new Client(ip)) {
this.client = client;
} }
async runAct(act: Act, json: any, aws: (state: string, data: any) => void) { async runAct(act: Act, json: any, aws: (state: string, data: any) => void) {
this.lastReq = uts(); this.lastReq = uts();
try { try {
let { state, data, right, func } = act; let { state, data, right, func } = act;
if (!(state & this.state)) { if (!(state & this.client.state)) {
aws("error", "wrongstate"); aws("error", "wrongstate");
debug("POST", "send:", "error", "wrongstate"); debug("POST", "send:", "error", "wrongstate");
this.suspect(); this.client.suspect();
return; return;
} }
if (json.data === null) { if (json.data === null) {
@ -113,15 +114,15 @@ export class postClient extends Client {
} }
} }
} }
if (right && !(await this.checkRight(right))) { if (right && !(await this.client.checkRight(right))) {
aws("error", "right"); aws("error", "right");
debug("POST", "send:", "error", "right"); debug("POST", "send:", "error", "right");
this.suspect(); this.client.suspect();
return; return;
} }
var send = false; var send = false;
try { try {
await func(this, json.data, (state, data = "") => { await func(this.client, json.data, (state, data = "") => {
debug("POST", "send:", state, data); debug("POST", "send:", state, data);
aws(state, data); aws(state, data);
send = true; send = true;
@ -141,8 +142,7 @@ export class postClient extends Client {
} }
} }
export const addTempToken = (client: Client) => { export const addTempToken = (client: postClient) => {
if (!(client instanceof postClient)) return false;
let token = get64(128); let token = get64(128);
if (tempTokens[token] != null) token = get64(128); if (tempTokens[token] != null) token = get64(128);
if (tempTokens[token] != null) token = get64(128); if (tempTokens[token] != null) token = get64(128);
@ -155,7 +155,7 @@ addShutdownTask(() => {
let keys = Object.keys(tempTokens); let keys = Object.keys(tempTokens);
for (let i = 0; i < keys.length; i++) { for (let i = 0; i < keys.length; i++) {
const c = tempTokens[keys[i]]; const c = tempTokens[keys[i]];
if (c.lastReq + 60 * 60 * 3 < uts()) { if (c.lastReq + 60 * 60 * 1 < uts()) {
delete tempTokens[keys[i]]; delete tempTokens[keys[i]];
} }
} }

View file

@ -8,7 +8,7 @@ import * as importActs from "./acts.js"
let acts = importActs as { [key: string]: Act }; let acts = importActs as { [key: string]: Act };
let activeWS = false; let activeWS = false;
export const activatePost = () => { activeWS = true; }; export const activateWS = () => { activeWS = true; };
export const wsOnConnection = (socket: ws.WebSocket, req: http.IncomingMessage) => { export const wsOnConnection = (socket: ws.WebSocket, req: http.IncomingMessage) => {
let ip = req.socket.remoteAddress; let ip = req.socket.remoteAddress;
@ -18,12 +18,13 @@ export const wsOnConnection = (socket: ws.WebSocket, req: http.IncomingMessage)
let clients: wsClient[] = []; let clients: wsClient[] = [];
export class wsClient extends Client { export class wsClient {
socket: ws.WebSocket; socket: ws.WebSocket;
open = true; open = true;
activeRequests = 0; activeRequests = 0;
client: Client;
constructor(socket: ws.WebSocket, req: http.IncomingMessage) { constructor(socket: ws.WebSocket, req: http.IncomingMessage) {
super(req.socket.remoteAddress ?? ""); this.client = new Client(req.socket.remoteAddress ?? "");
this.socket = socket; this.socket = socket;
socket.on("message", async (msg: any) => { socket.on("message", async (msg: any) => {
@ -54,14 +55,14 @@ export class wsClient extends Client {
return; return;
} }
let { state, data, right, func } = acts[json.act]; let { state, data, right, func } = acts[json.act];
if (!(state & this.state)) { if (!(state & this.client.state)) {
socket.send(JSON.stringify({ socket.send(JSON.stringify({
id: json.id, id: json.id,
state: "error", state: "error",
data: "wrongstate" data: "wrongstate"
})); }));
debug("WebSocket", "send:", "error", "wrongstate"); debug("WebSocket", "send:", "error", "wrongstate");
this.suspect(); this.client.suspect();
return; return;
} }
if (json.data === null) { if (json.data === null) {
@ -87,19 +88,19 @@ export class wsClient extends Client {
} }
} }
} }
if (right && !(await this.checkRight(right))) { if (right && !(await this.client.checkRight(right))) {
socket.send(JSON.stringify({ socket.send(JSON.stringify({
id: json.id, id: json.id,
state: "error", state: "error",
data: "right" data: "right"
})); }));
debug("WebSocket", "send:", "error", "right"); debug("WebSocket", "send:", "error", "right");
this.suspect(); this.client.suspect();
return; return;
} }
var send = false; var send = false;
try { try {
await func(this, json.data, (state, data = "") => { await func(this.client, json.data, (state, data = "") => {
debug("WebSocket", "send:", state, data); debug("WebSocket", "send:", state, data);
socket.send(JSON.stringify({ id: json.id, state, data })); socket.send(JSON.stringify({ id: json.id, state, data }));
send = true; send = true;

View file

@ -14,8 +14,8 @@ import { connectToDB } from "./sys/db.js";
import bruteforce from "./sys/bruteforce.js"; import bruteforce from "./sys/bruteforce.js";
import { fullSetup, partiellSetup } from "./setup/config.js"; import { fullSetup, partiellSetup } from "./setup/config.js";
import { addGetMethods } from "./api/get.js"; import { addGetMethods } from "./api/get.js";
import { addPostMethods } from "./api/post.js"; import { activatePost, addPostMethods } from "./api/post.js";
import { wsOnConnection } from "./api/ws.js"; import { activateWS, wsOnConnection } from "./api/ws.js";
import { startUpdateCert } from "./server/serverCerts.js"; import { startUpdateCert } from "./server/serverCerts.js";
@ -64,8 +64,8 @@ async function startServer() {
await connectToDB(); await connectToDB();
const server = express(); const server = express();
server.use(express.json({ limit: '100mb' })); server.use(express.json({ limit: '1000mb' }));
server.use(express.urlencoded({ limit: '100mb', extended: false })); server.use(express.urlencoded({ limit: '1000mb', extended: false }));
server.use(cors()); server.use(cors());
server.use(bruteforce); server.use(bruteforce);
addGetMethods(server); addGetMethods(server);
@ -78,7 +78,6 @@ async function startServer() {
const wssServer = new WebSocketServer({ server: HTTPserver }); const wssServer = new WebSocketServer({ server: HTTPserver });
wssServer.on('connection', wsOnConnection); wssServer.on('connection', wsOnConnection);
serverclose = HTTPserver.listen(oConf.get("System", "PORT"), () => { serverclose = HTTPserver.listen(oConf.get("System", "PORT"), () => {
log("Server", 'Listening...');
complete_loaded(); complete_loaded();
}); });
}).catch(err => { }).catch(err => {
@ -91,7 +90,6 @@ async function startServer() {
const wssServer = new WebSocketServer({ server: HTTPserver }); const wssServer = new WebSocketServer({ server: HTTPserver });
wssServer.on('connection', wsOnConnection); wssServer.on('connection', wsOnConnection);
serverclose = HTTPserver.listen(oConf.get("System", "PORT"), () => { serverclose = HTTPserver.listen(oConf.get("System", "PORT"), () => {
log("Server", 'Listening...');
complete_loaded(); complete_loaded();
}); });
} }
@ -101,6 +99,8 @@ async function startServer() {
async function complete_loaded() { async function complete_loaded() {
startUpdateCert(); startUpdateCert();
let succ = await generateTag(); let succ = await generateTag();
if(!succ) error("System", "Could not resolve own Server Tag. Remote-Auth will not work! Check if the Server is reachable and the config ist correct!"); if(!succ) error("Outbag", "Could not resolve own Server Tag. Remote-Auth will not work! Check if the Server is reachable and the config ist correct!");
activatePost();
activateWS();
log("Server", 'Listening...');
} }