From 8accb3fd2fb782518c428080b53db1592d0b8b1f Mon Sep 17 00:00:00 2001 From: jusax23 Date: Sun, 5 Mar 2023 12:42:51 +0100 Subject: [PATCH] small changes --- src/api/acts/admin.ts | 2 +- src/api/acts/login.ts | 24 +++++++++++++++++++----- src/api/acts/server.ts | 0 src/api/post.ts | 10 ++++++---- src/api/user.ts | 11 ++++++----- src/api/ws.ts | 2 +- src/server/serverCerts.ts | 15 +++++++-------- src/sys/db.ts | 3 ++- 8 files changed, 42 insertions(+), 25 deletions(-) create mode 100644 src/api/acts/server.ts diff --git a/src/api/acts/admin.ts b/src/api/acts/admin.ts index 0ce41af..8aa1a7d 100644 --- a/src/api/acts/admin.ts +++ b/src/api/acts/admin.ts @@ -144,7 +144,7 @@ export const addOTA = { func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { try { await insert(signupOTA.token, signupOTA.expires, signupOTA.usesLeft) - .add(data.token, data.expires, data. usesLeft) + .add(data.token, data.expires, data.usesLeft) .query(db); } catch (error) { await update(signupOTA) diff --git a/src/api/acts/login.ts b/src/api/acts/login.ts index 61b1767..c34b77d 100644 --- a/src/api/acts/login.ts +++ b/src/api/acts/login.ts @@ -6,8 +6,22 @@ import { oConf } from "../../sys/config.js"; import { sha256, verify } from "../../sys/crypto.js"; import { accounts, db, signupOTA as signupOTATable } from "../../sys/db.js"; import { get64, uts } from "../../sys/tools.js"; +import { addTempToken, postClient } from "../post.js"; import { Act, Client, STATE } from "../user.js"; +export const requestTempToken: Act = { + state: STATE.no, + right: 0, + data: {}, + func: async (client: Client, data: any, aws: (code: string, data: any) => void): Promise => { + if (!(client instanceof postClient)) return void aws("error", "mode"); + let token = addTempToken(client); + aws("ok", { + token + }); + } +}; + export const signup: Act = { state: STATE.no, right: 0, @@ -128,7 +142,7 @@ export const remote1 = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { data.server = await outbagURLshort(data.server); - try{ + try { var cert = await getRemote(data.server); var tagAcert = data.name + "@" + data.server + "-" + data.key; if (!(await verify(tagAcert, data.sign, cert))) { @@ -143,9 +157,9 @@ export const remote1 = { client.state = STATE.remoteP; client.remoteKey = data.key; aws("ok", client.challenge); - }catch (e){ + } catch (e) { client.suspect(); - aws("error","signature"); + aws("error", "signature"); } } }; @@ -157,10 +171,10 @@ export const remote2 = { sign: "string" }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { - if(await verify(client.challenge,data.sign,client.remoteKey)){ + if (await verify(client.challenge, data.sign, client.remoteKey)) { aws("ok", ""); client.state = STATE.remote; - }else{ + } else { client.suspect(); aws("error", "signature"); } diff --git a/src/api/acts/server.ts b/src/api/acts/server.ts new file mode 100644 index 0000000..e69de29 diff --git a/src/api/post.ts b/src/api/post.ts index 998263b..ffe32f2 100644 --- a/src/api/post.ts +++ b/src/api/post.ts @@ -28,11 +28,13 @@ export const addPostMethods = (server: express.Express) => { let client: postClient | null = null; try { let auth = authorization.parse(req.headers["authorization"] ?? ""); - if (auth.token != null && typeof auth.token == "string") { + if (auth.scheme == "outbagServer") { + + } else if (auth.token != null && typeof auth.token == "string") { if (tempTokens[auth.token] != null) { client = tempTokens[auth.token]; } else { - if(req.suspect)req.suspect(); + if (req.suspect) req.suspect(); aws("error", "token"); return; } @@ -50,7 +52,7 @@ export const addPostMethods = (server: express.Express) => { .query(db); if (query.length == 0 || query[0].accountKey != sha256((query[0].accountKeySalt ?? '') + accountKey)) { - if(req.suspect)req.suspect(); + if (req.suspect) req.suspect(); aws("error", "auth"); return; } @@ -72,7 +74,7 @@ export const addPostMethods = (server: express.Express) => { } } -class postClient extends Client { +export class postClient extends Client { lastReq = uts(); constructor(ip: string) { super(ip); diff --git a/src/api/user.ts b/src/api/user.ts index 5f68bef..b561ffc 100644 --- a/src/api/user.ts +++ b/src/api/user.ts @@ -3,14 +3,15 @@ import { accounts, db, roomMembers, rooms } from "../sys/db.js"; import { addBruteforcePotantial } from "../sys/bruteforce.js"; export const STATE = { - no: 0b0001, - remoteP: 0b0010, - remote: 0b0100, - client: 0b1000 + no: 0b00001, + remoteP: 0b00010, + remote: 0b00100, + client: 0b01000, + server: 0b10000, }; export const MODE = { - ws: 0b01, + ws: 0b01, post: 0b10, both: 0b11, }; diff --git a/src/api/ws.ts b/src/api/ws.ts index 6ed49d8..ca978fb 100644 --- a/src/api/ws.ts +++ b/src/api/ws.ts @@ -15,7 +15,7 @@ export const wsOnConnection = (socket: ws.WebSocket, req: http.IncomingMessage) let clients: wsClient[] = []; -class wsClient extends Client { +export class wsClient extends Client { socket: ws.WebSocket; open = true; activeRequests = 0; diff --git a/src/server/serverCerts.ts b/src/server/serverCerts.ts index b13faf2..d402027 100644 --- a/src/server/serverCerts.ts +++ b/src/server/serverCerts.ts @@ -1,6 +1,6 @@ -import { outbagURL } from "./outbagURL.js"; +import { outbagURL, outbagURLshort } from "./outbagURL.js"; import { db, serverCerts } from "../sys/db.js" -import { eq, exists, insert, not, remove, select, update } from "dblang"; +import { eq, insert, select, update } from "dblang"; import { error, log } from "../sys/log.js"; import { uts } from "../sys/tools.js"; import { getSettings, setSettings, SETTINGS } from "../sys/settings.js" @@ -21,13 +21,12 @@ export const startUpdateCerts = () => { }; let intervalId = setInterval(update, 1000 * 60); update(); - + nman.addShutdownTask(() => { clearInterval(intervalId); }, 100); } - async function updateRemote(url: string, pKey: string = ""): Promise { var urlP = await outbagURL(url); return new Promise((res, rej) => { @@ -63,9 +62,9 @@ async function updateRemote(url: string, pKey: string = ""): Promise { let query = await select([serverCerts.publicKey, serverCerts.expires], serverCerts) @@ -74,4 +73,4 @@ export const getRemote = async (url: string) => { if (query.length == 0 || query[0][serverCerts.expires] < uts() - 60) return await updateRemote(url, query[0][serverCerts.publicKey]); return query[0][serverCerts.publicKey]; -} +}; diff --git a/src/sys/db.ts b/src/sys/db.ts index fbdf3e0..8985c10 100644 --- a/src/sys/db.ts +++ b/src/sys/db.ts @@ -72,7 +72,8 @@ serverCerts.addAttributes({ serverCertID: { type: INT, primaryKey: true, autoIncrement: true }, url: { type: TEXT }, publicKey: { type: TEXT }, - expires: { type: BIGINT } + expires: { type: BIGINT }, + token: { type: TEXT, notNull: false }, }); export const signupOTA = db.newTable("signupOTA");