KevinMidboe/zoff
1
0
Fork 0
mirror of https://github.com/KevinMidboe/zoff.git synced 2025-10-29 18:00:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Started preliminary testing with local api-key. So far working.

Browse Source 
- Need to fix response statuscodes
- Need to test when strict not enabled
- Need to test why sIO is not working
- Need to test with userpassword
- Need to add a secret way of storing allowed api-key
This commit is contained in:
Kasper Rynning-Tønnesen
2019-01-18 17:35:33 +01:00
parent 1ff0de31bc
commit 07e44ec947
3 changed files with 70 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
server/handlers/functions.js
View File

@@ -438,7 +438,7 @@ function left_channel(coll, guid, short_id, in_list, socket, change, caller) {
} }
function checkTimeout(type, timeout, channel, guid, conf_pass, this_pass, socket, callback, error_message){ function checkTimeout(type, timeout, channel, guid, conf_pass, this_pass, socket, callback, error_message, error_callback){
if(conf_pass != "" && conf_pass == this_pass) { if(conf_pass != "" && conf_pass == this_pass) {
callback(); callback();
return; return;
@@ -454,7 +454,9 @@ function checkTimeout(type, timeout, channel, guid, conf_pass, this_pass, socket
var retry_in = (date.getTime() - now.getTime()) / 1000; var retry_in = (date.getTime() - now.getTime()) / 1000;
if(retry_in > 0) { if(retry_in > 0) {
if(error_message) { if(typeof(error_callback) == "function") {
error_callback();
} else if(error_message) {
var sOrNot = Math.ceil(retry_in) > 1 || Math.ceil(retry_in) == 0 ? "s" : ""; var sOrNot = Math.ceil(retry_in) > 1 || Math.ceil(retry_in) == 0 ? "s" : "";
socket.emit("toast", error_message + Math.ceil(retry_in) + " second" + sOrNot + "."); socket.emit("toast", error_message + Math.ceil(retry_in) + " second" + sOrNot + ".");
} else { } else {

72
server/routing/client/api.js
View File

@@ -6,6 +6,7 @@ var ObjectId = mongojs.ObjectId;
var token_db = mongojs("tokens"); var token_db = mongojs("tokens");
var cookieParser = require("cookie-parser"); var cookieParser = require("cookie-parser");
var db = require(pathThumbnails + '/handlers/db.js'); var db = require(pathThumbnails + '/handlers/db.js');
var secrets = require(pathThumbnails + '/config/api_key.js');
var crypto = require('crypto'); var crypto = require('crypto');
var List = require(pathThumbnails + '/handlers/list.js'); var List = require(pathThumbnails + '/handlers/list.js');
var Functions = require(pathThumbnails + '/handlers/functions.js'); var Functions = require(pathThumbnails + '/handlers/functions.js');
@@ -14,8 +15,9 @@ var Search = require(pathThumbnails + '/handlers/search.js');
var uniqid = require('uniqid'); var uniqid = require('uniqid');
var Filter = require('bad-words'); var Filter = require('bad-words');
var filter = new Filter({ placeHolder: 'x'}); var filter = new Filter({ placeHolder: 'x'});
var sIO = require(path.join(__dirname, '../../apps/client.js')).socketIO;
var projects = require(pathThumbnails + "/handlers/aggregates.js"); var projects = require(pathThumbnails + "/handlers/aggregates.js");
console.log(path.join(__dirname, '../../apps/client.js'));
var error = { var error = {
not_found: { not_found: {
youtube: { youtube: {
@@ -278,14 +280,70 @@ router.route('/api/skip/:channel_name').post(function(req, res) {
var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress; var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress;
var api_key = req.body.api_key; var api_key = req.body.api_key;
var id = req.body.id; //var id = req.body.id;
var guid = req.body.chat_name; var guid = req.body.chat_name;
var channel_name = cleanChannelName(req.params.channel_name);
var userpass = "";
if(req.body.userpass) userpass = crypto.createHash('sha256').update(Functions.decrypt_string(req.body.userpass)).digest("base64");
console.log(api_key, guid, channel_name, userpass);
if(api_key == "AhmC4Yg2BhaWPZBXeoWK96DAiAVfbou8TUG2IXtD3ZQ=") {
db.collection(channel_name + "_settings").find({"id": "config"}, function(err, settings) {
if(settings.length == 0) {
// LIST DOESNT EXIST
res.status(404).send(error.wrong_token);
return;
}
settings = settings[0];
if(!settings.strictSkip) {
// DONT HAVE STRICT SKIP
res.status(404).send(error.wrong_token);
return;
}
//CHECK API KEY FOR ZOFFBOT if(settings.userpass == "" || (settings.userpass == userpass)) {
List.skip(list, guid, channel_name, false, undefined, function(skipped, text) { if(settings.skips.length+1 >= settings.strictSkipNumber) {
Functions.checkTimeout("skip", 1, channel_name, channel_name, false, true, undefined, function() {
}) db.collection(channel_name).find({now_playing: true}, function(err, np) {
}) if(np.length != 1) {
// NO SONG
res.status(404).send(error.wrong_token);
return;
}
List.change_song(channel_name, false, np[0].id, [settings], function() {
// VOTED TO SKIP
res.status(200).send(error.wrong_token);
return;
});
console.log("hello",sIO);
//sIO.to(channel_name).emit('chat', {from: guid, icon: false, msg: " skipped via API."});
});
}, "The channel is skipping too often, please wait ");
} else if(!Functions.contains(settings.skips, guid)){
db.collection(coll + "_settings").update({ id: "config" }, {$push:{skips:guid}}, function(err, d){
var to_skip = (strictSkipNumber) - settings.skips.length-1;
console.log("ok", sIO);
//sIO.to(channel_name).emit('chat', {from: guid, msg: " voted to skip via API."});
// VOTED TO SKIP
res.status(200).send(error.wrong_token);
return;
});
} else {
//ALREADY SKIP
res.status(404).send(error.wrong_token);
return;
}
} else {
// NOT AUTHENTICATED
res.status(404).send(error.wrong_token);
return;
}
});
} else {
// WRONG API KEY
res.status(403).send(error.wrong_token);
return;
}
});
router.route('/api/conf/:channel_name').put(function(req, res) { router.route('/api/conf/:channel_name').put(function(req, res) {
res.header("Access-Control-Allow-Origin", "*"); res.header("Access-Control-Allow-Origin", "*");