KevinMidboe/zoff
1
0
Fork 0
mirror of https://github.com/KevinMidboe/zoff.git synced 2025-10-29 18:00:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added url for applying for api-tokens

Browse Source
This commit is contained in:
Kasper Rynning-Tønnesen
2018-03-04 11:24:44 +01:00
parent 785813b842
commit 76e7001e51
15 changed files with 665 additions and 304 deletions
Download Patch File Download Diff File Expand all files Collapse all files

676
server/routing/client/api.js
View File

@@ -147,48 +147,50 @@ router.route('/api/list/:channel_name/:video_id').delete(function(req, res) {
if(token_docs.length == 1 && token_docs[0].token == token) {
authorized = true;
}
checkTimeout(guid, res, authorized, "DELETE", function() {
if(token != "" && !authorized) {
updateTimeout(guid, res, authorized, "DELETE", function(err, docs) {
res.status(403).send(JSON.stringify(error.not_authenticated));
return;
});
}
validateLogin(adminpass, userpass, channel_name, "delete", res, function(exists) {
if(!exists) {
res.status(404).send(JSON.stringify(error.not_found.list));
return;
checkOveruseApiToken(authorized, token_docs, res, function() {
checkTimeout(guid, res, authorized, "DELETE", function() {
if(token != "" && !authorized) {
updateTimeout(guid, res, authorized, "DELETE", function(err, docs) {
res.status(403).send(JSON.stringify(error.not_authenticated));
return;
});
}
db.collection(channel_name).find({id:video_id, now_playing: false}, function(err, docs){
if(docs.length == 0) {
res.status(404).send(JSON.stringify(error.not_found.local));
validateLogin(adminpass, userpass, channel_name, "delete", res, function(exists) {
if(!exists) {
res.status(404).send(JSON.stringify(error.not_found.list));
return;
}
var dont_increment = false;
if(docs[0]){
if(docs[0].type == "suggested"){
dont_increment = true;
db.collection(channel_name).find({id:video_id, now_playing: false}, function(err, docs){
if(docs.length == 0) {
res.status(404).send(JSON.stringify(error.not_found.local));
return;
}
db.collection(channel_name).remove({id:video_id}, function(err, docs){
if(authorized) {
incrementToken(token);
var dont_increment = false;
if(docs[0]){
if(docs[0].type == "suggested"){
dont_increment = true;
}
io.to(channel_name).emit("channel", {type:"deleted", value: video_id});
if(!dont_increment) {
db.collection("frontpage_lists").update({_id: channel_name, count: {$gt: 0}}, {$inc: {count: -1}, $set:{accessed: Functions.get_time()}}, {upsert: true}, function(err, docs){
db.collection(channel_name).remove({id:video_id}, function(err, docs){
if(authorized) {
incrementToken(token);
}
io.to(channel_name).emit("channel", {type:"deleted", value: video_id});
if(!dont_increment) {
db.collection("frontpage_lists").update({_id: channel_name, count: {$gt: 0}}, {$inc: {count: -1}, $set:{accessed: Functions.get_time()}}, {upsert: true}, function(err, docs){
updateTimeout(guid, res, authorized, "DELETE", function(err, docs) {
res.status(200).send(JSON.stringify(error.no_error));
return;
});
});
} else {
updateTimeout(guid, res, authorized, "DELETE", function(err, docs) {
res.status(200).send(JSON.stringify(error.no_error));
return;
});
});
} else {
updateTimeout(guid, res, authorized, "DELETE", function(err, docs) {
res.status(200).send(JSON.stringify(error.no_error));
return;
});
}
});
}
}
});
}
});
});
});
});
@@ -247,64 +249,66 @@ router.route('/api/conf/:channel_name').put(function(req, res) {
if(token_docs.length == 1 && token_docs[0].token == token) {
authorized = true;
}
checkTimeout(guid, res, authorized, "CONFIG", function() {
if(token != "" && !authorized) {
updateTimeout(guid, res, authorized, "CONFIG", function(err, docs) {
res.status(403).send(JSON.stringify(error.not_authenticated));
return;
});
}
validateLogin(adminpass, userpass, channel_name, "config", res, function(exists, conf) {
if(!exists && conf.length == 0) {
res.status(404).send(JSON.stringify(error.not_found.list));
return;
checkOveruseApiToken(authorized, token_docs, res, function() {
checkTimeout(guid, res, authorized, "CONFIG", function() {
if(token != "" && !authorized) {
updateTimeout(guid, res, authorized, "CONFIG", function(err, docs) {
res.status(403).send(JSON.stringify(error.not_authenticated));
return;
});
}
validateLogin(adminpass, userpass, channel_name, "config", res, function(exists, conf) {
if(!exists && conf.length == 0) {
res.status(404).send(JSON.stringify(error.not_found.list));
return;
}
if((!userpass_changed && frontpage) || (userpass_changed && userpass == "")) {
userpass = "";
} else if(userpass_changed && userpass != "") {
frontpage = false;
}
var description = "";
if((!userpass_changed && frontpage) || (userpass_changed && userpass == "")) {
userpass = "";
} else if(userpass_changed && userpass != "") {
frontpage = false;
}
var description = "";
var obj = {
addsongs:addsongs,
allvideos:allvideos,
frontpage:frontpage,
skip:skipping,
vote:voting,
removeplay:removeplay,
shuffle:shuffling,
longsongs:longsongs,
adminpass:adminpass,
desc: description,
};
if(userpass_changed) {
obj["userpass"] = userpass;
} else if (frontpage) {
obj["userpass"] = "";
}
db.collection(channel_name + "_settings").update({views:{$exists:true}}, {
$set:obj
}, function(err, docs){
var obj = {
addsongs:addsongs,
allvideos:allvideos,
frontpage:frontpage,
skip:skipping,
vote:voting,
removeplay:removeplay,
shuffle:shuffling,
longsongs:longsongs,
adminpass:adminpass,
desc: description,
};
if(userpass_changed) {
obj["userpass"] = userpass;
} else if (frontpage) {
obj["userpass"] = "";
}
db.collection(channel_name + "_settings").update({views:{$exists:true}}, {
$set:obj
}, function(err, docs){
if(obj.adminpass !== "") obj.adminpass = true;
if(obj.hasOwnProperty("userpass") && obj.userpass != "") obj.userpass = true;
else obj.userpass = false;
io.to(channel_name).emit("conf", [obj]);
if(obj.adminpass !== "") obj.adminpass = true;
if(obj.hasOwnProperty("userpass") && obj.userpass != "") obj.userpass = true;
else obj.userpass = false;
io.to(channel_name).emit("conf", [obj]);
db.collection("frontpage_lists").update({_id: channel_name}, {$set:{
frontpage:frontpage, accessed: Functions.get_time()}
},
{upsert:true}, function(err, docs){
if(authorized) {
incrementToken(token);
}
updateTimeout(guid, res, authorized, "CONFIG", function(err, docs) {
var to_return = error.no_error;
to_return.results = [obj];
res.status(200).send(JSON.stringify(to_return));
return;
db.collection("frontpage_lists").update({_id: channel_name}, {$set:{
frontpage:frontpage, accessed: Functions.get_time()}
},
{upsert:true}, function(err, docs){
if(authorized) {
incrementToken(token);
}
updateTimeout(guid, res, authorized, "CONFIG", function(err, docs) {
var to_return = error.no_error;
to_return.results = [obj];
res.status(200).send(JSON.stringify(to_return));
return;
});
});
});
});
@@ -348,44 +352,46 @@ router.route('/api/list/:channel_name/:video_id').put(function(req,res) {
if(token_docs.length == 1 && token_docs[0].token == token) {
authorized = true;
}
checkTimeout(guid, res, authorized, "PUT", function() {
if(token != "" && !authorized) {
updateTimeout(guid, res, authorized, "PUT", function(err, docs) {
res.status(403).send(JSON.stringify(error.not_authenticated));
return;
});
}
validateLogin(adminpass, userpass, channel_name, "vote", res, function(exists) {
if(!exists) {
res.status(404).send(JSON.stringify(error.not_found.list));
return;
checkOveruseApiToken(authorized, token_docs, res, function() {
checkTimeout(guid, res, authorized, "PUT", function() {
if(token != "" && !authorized) {
updateTimeout(guid, res, authorized, "PUT", function(err, docs) {
res.status(403).send(JSON.stringify(error.not_authenticated));
return;
});
}
db.collection(channel_name).find({id: video_id, now_playing: false, type:"video"}, function(err, song) {
if(song.length == 0) {
res.status(404).send(JSON.stringify(error.not_found.local));
validateLogin(adminpass, userpass, channel_name, "vote", res, function(exists) {
if(!exists) {
res.status(404).send(JSON.stringify(error.not_found.list));
return;
} else if(song[0].guids.indexOf(guid) > -1) {
res.status(409).send(JSON.stringify(error.conflicting));
return;
} else {
song[0].votes += 1;
song[0].guids.push(guid);
db.collection(channel_name).update({id: video_id}, {$inc:{votes:1}, $set:{added:Functions.get_time(), type: "video"}, $push :{guids: guid}}, function(err, success) {
if(authorized) {
incrementToken(token);
}
io.to(channel_name).emit("channel", {type: "vote", value: video_id, time: Functions.get_time()});
List.getNextSong(channel_name, function() {
updateTimeout(guid, res, authorized, "PUT", function(err, docs) {
var to_return = error.no_error;
to_return.results = song;
res.status(200).send(JSON.stringify(to_return));
return;
}
db.collection(channel_name).find({id: video_id, now_playing: false, type:"video"}, function(err, song) {
if(song.length == 0) {
res.status(404).send(JSON.stringify(error.not_found.local));
return;
} else if(song[0].guids.indexOf(guid) > -1) {
res.status(409).send(JSON.stringify(error.conflicting));
return;
} else {
song[0].votes += 1;
song[0].guids.push(guid);
db.collection(channel_name).update({id: video_id}, {$inc:{votes:1}, $set:{added:Functions.get_time(), type: "video"}, $push :{guids: guid}}, function(err, success) {
if(authorized) {
incrementToken(token);
}
io.to(channel_name).emit("channel", {type: "vote", value: video_id, time: Functions.get_time()});
List.getNextSong(channel_name, function() {
updateTimeout(guid, res, authorized, "PUT", function(err, docs) {
var to_return = error.no_error;
to_return.results = song;
res.status(200).send(JSON.stringify(to_return));
return;
});
});
});
});
}
})
}
})
});
});
});
});
@@ -420,35 +426,37 @@ router.route('/api/list/:channel_name/__np__').post(function(req, res) {
if(token_docs.length == 1 && token_docs[0].token == token) {
authorized = true;
}
checkTimeout(guid, res, authorized, "POST", function() {
if(token != "" && !authorized) {
updateTimeout(guid, res, authorized, "POST", function(err, docs) {
res.status(403).send(JSON.stringify(error.not_authenticated));
return;
});
}
db.collection(channel_name).find({now_playing: true}, toShowChannel, function(err, list) {
if(list.length > 0) {
db.collection(channel_name + "_settings").find({ id: "config" }, function(err, conf) {
if(authorized) {
incrementToken(token);
}
if(conf.length == 0) {
res.status(404).send(JSON.stringify(error.not_found.list));
return;
} else if(conf[0].userpass != userpass && conf[0].userpass != "") {
res.status(403).send(JSON.stringify(error.not_authenticated));
return;
}
updateTimeout(guid, res, authorized, "POST", function(err, docs) {
var to_return = error.no_error;
to_return.results = list;
res.status(200).send(JSON.stringify(to_return));
});
checkOveruseApiToken(authorized, token_docs, res, function() {
checkTimeout(guid, res, authorized, "POST", function() {
if(token != "" && !authorized) {
updateTimeout(guid, res, authorized, "POST", function(err, docs) {
res.status(403).send(JSON.stringify(error.not_authenticated));
return;
});
} else {
res.status(404).send(JSON.stringify(error.not_found.list));
}
db.collection(channel_name).find({now_playing: true}, toShowChannel, function(err, list) {
if(list.length > 0) {
db.collection(channel_name + "_settings").find({ id: "config" }, function(err, conf) {
if(authorized) {
incrementToken(token);
}
if(conf.length == 0) {
res.status(404).send(JSON.stringify(error.not_found.list));
return;
} else if(conf[0].userpass != userpass && conf[0].userpass != "") {
res.status(403).send(JSON.stringify(error.not_authenticated));
return;
}
updateTimeout(guid, res, authorized, "POST", function(err, docs) {
var to_return = error.no_error;
to_return.results = list;
res.status(200).send(JSON.stringify(to_return));
});
});
} else {
res.status(404).send(JSON.stringify(error.not_found.list));
}
});
});
});
});
@@ -502,86 +510,88 @@ router.route('/api/list/:channel_name/:video_id').post(function(req,res) {
if(token_docs.length == 1 && token_docs[0].token == token) {
authorized = true;
}
checkTimeout(guid, res, authorized, "POST", function() {
if(token != "" && !authorized) {
updateTimeout(guid, res, authorized, "POST", function(err, docs) {
res.status(403).send(JSON.stringify(error.not_authenticated));
return;
});
}
var type = fetch_only ? "fetch_song" : "add";
validateLogin(adminpass, userpass, channel_name, type, res, function(exists, conf, authenticated) {
db.collection(channel_name).find({id: video_id}, function(err, result) {
if(result.length == 0 || result[0].type == "suggested") {
var song_type = authenticated ? "video" : "suggested";
if(fetch_only && result.length == 0) {
res.status(404).send(JSON.stringify(error.not_found.local));
checkOveruseApiToken(authorized, token_docs, res, function() {
checkTimeout(guid, res, authorized, "POST", function() {
if(token != "" && !authorized) {
updateTimeout(guid, res, authorized, "POST", function(err, docs) {
res.status(403).send(JSON.stringify(error.not_authenticated));
return;
});
}
var type = fetch_only ? "fetch_song" : "add";
validateLogin(adminpass, userpass, channel_name, type, res, function(exists, conf, authenticated) {
db.collection(channel_name).find({id: video_id}, function(err, result) {
if(result.length == 0 || result[0].type == "suggested") {
var song_type = authenticated ? "video" : "suggested";
if(fetch_only && result.length == 0) {
res.status(404).send(JSON.stringify(error.not_found.local));
return;
}
db.collection(channel_name).find({now_playing: true}, function(err, now_playing) {
var set_np = false;
if(now_playing.length == 0 && authenticated) {
set_np = true;
}
var new_song = {"added": Functions.get_time(),"guids":[guid],"id":video_id,"now_playing":set_np,"title":title,"votes":1, "duration":duration, "start": parseInt(start_time), "end": parseInt(end_time), "type": song_type};
Search.get_correct_info(new_song, channel_name, false, function(element, found) {
if(!found) {
res.status(404).send(JSON.stringify(error.not_found.youtube));
return;
}
new_song = element;
db.collection("frontpage_lists").find({"_id": channel_name}, function(err, count) {
var create_frontpage_lists = false;
if(count.length == 0) {
create_frontpage_lists = true;
}
if(!exists) {
var configs = {"addsongs":false, "adminpass":"", "allvideos":true, "frontpage":true, "longsongs":false, "removeplay": false, "shuffle": true, "skip": false, "skips": [], "startTime":Functions.get_time(), "views": [], "vote": false, "desc": ""};
db.collection(channel_name + "_settings").insert(configs, function(err, docs){
io.to(channel_name).emit("conf", configs);
});
}
db.collection(channel_name).update({"id": new_song.id}, new_song, {upsert: true}, function(err, success) {
if(authorized) {
incrementToken(token);
}
if(create_frontpage_lists) {
db.collection("frontpage_lists").update({"_id": channel_name, "count" : (authenticated ? 1 : 0), "frontpage": true, "accessed": Functions.get_time(), "viewers": 1}, {upsert: true}, function(err, docs) {
if(authenticated) {
io.to(channel_name).emit("channel", {type: "added", value: new_song});
} else {
io.to(channel_name).emit("suggested", new_song);
}
postEnd(channel_name, configs, new_song, guid, res, authenticated, authorized);
});
} else if(set_np) {
Frontpage.update_frontpage(channel_name, video_id, title, function() {
io.to(channel_name).emit("np", {np: [new_song], conf: [conf]});
postEnd(channel_name, configs, new_song, guid, res, authenticated, authorized);
});
} else {
db.collection("frontpage_lists").update({"_id": channel_name}, {$inc: {count: (authenticated ? 1 : 0)}}, function(err, docs) {
if(authenticated) {
io.to(channel_name).emit("channel", {type: "added", value: new_song});
} else {
io.to(channel_name).emit("suggested", new_song);
}
postEnd(channel_name, configs, new_song, guid, res, authenticated, authorized);
});
}
});
})
});
});
} else if(fetch_only) {
var to_return = error.no_error;
to_return.results = result;
res.status(200).send(JSON.stringify(to_return));
return;
} else {
res.status(409).send(JSON.stringify(error.conflicting));
return;
}
db.collection(channel_name).find({now_playing: true}, function(err, now_playing) {
var set_np = false;
if(now_playing.length == 0 && authenticated) {
set_np = true;
}
var new_song = {"added": Functions.get_time(),"guids":[guid],"id":video_id,"now_playing":set_np,"title":title,"votes":1, "duration":duration, "start": parseInt(start_time), "end": parseInt(end_time), "type": song_type};
Search.get_correct_info(new_song, channel_name, false, function(element, found) {
if(!found) {
res.status(404).send(JSON.stringify(error.not_found.youtube));
return;
}
new_song = element;
db.collection("frontpage_lists").find({"_id": channel_name}, function(err, count) {
var create_frontpage_lists = false;
if(count.length == 0) {
create_frontpage_lists = true;
}
if(!exists) {
var configs = {"addsongs":false, "adminpass":"", "allvideos":true, "frontpage":true, "longsongs":false, "removeplay": false, "shuffle": true, "skip": false, "skips": [], "startTime":Functions.get_time(), "views": [], "vote": false, "desc": ""};
db.collection(channel_name + "_settings").insert(configs, function(err, docs){
io.to(channel_name).emit("conf", configs);
});
}
db.collection(channel_name).update({"id": new_song.id}, new_song, {upsert: true}, function(err, success) {
if(authorized) {
incrementToken(token);
}
if(create_frontpage_lists) {
db.collection("frontpage_lists").update({"_id": channel_name, "count" : (authenticated ? 1 : 0), "frontpage": true, "accessed": Functions.get_time(), "viewers": 1}, {upsert: true}, function(err, docs) {
if(authenticated) {
io.to(channel_name).emit("channel", {type: "added", value: new_song});
} else {
io.to(channel_name).emit("suggested", new_song);
}
postEnd(channel_name, configs, new_song, guid, res, authenticated, authorized);
});
} else if(set_np) {
Frontpage.update_frontpage(channel_name, video_id, title, function() {
io.to(channel_name).emit("np", {np: [new_song], conf: [conf]});
postEnd(channel_name, configs, new_song, guid, res, authenticated, authorized);
});
} else {
db.collection("frontpage_lists").update({"_id": channel_name}, {$inc: {count: (authenticated ? 1 : 0)}}, function(err, docs) {
if(authenticated) {
io.to(channel_name).emit("channel", {type: "added", value: new_song});
} else {
io.to(channel_name).emit("suggested", new_song);
}
postEnd(channel_name, configs, new_song, guid, res, authenticated, authorized);
});
}
});
})
});
});
} else if(fetch_only) {
var to_return = error.no_error;
to_return.results = result;
res.status(200).send(JSON.stringify(to_return));
return;
} else {
res.status(409).send(JSON.stringify(error.conflicting));
return;
}
});
});
});
});
@@ -707,46 +717,77 @@ router.route('/api/conf/:channel_name').post(function(req, res) {
if(token_docs.length == 1 && token_docs[0].token == token) {
authorized = true;
}
checkTimeout(guid, res, authorized, "POST", function() {
if(token != "" && !authorized) {
updateTimeout(guid, res, authorized, "DELETE", function(err, docs) {
res.status(403).send(JSON.stringify(error.not_authenticated));
return;
});
}
db.collection(channel_name + "_settings").find({ id: "config" }, toShowConfig, function(err, docs) {
if(docs.length > 0 && docs[0].userpass == userpass) {
var conf = docs[0];
if(conf.adminpass != "") {
conf.adminpass = true;
} else {
conf.adminpass = false;
}
if(conf.userpass != "") {
conf.userpass = true;
} else {
conf.userpass = false;
}
if(authorized) {
incrementToken(token);
}
updateTimeout(guid, res, authorized, "POST", function(err, docs) {
var to_return = error.no_error;
to_return.results = conf;
res.status(200).send(JSON.stringify(to_return));
checkOveruseApiToken(authorized, token_docs, res, function() {
checkTimeout(guid, res, authorized, "POST", function() {
if(token != "" && !authorized) {
updateTimeout(guid, res, authorized, "DELETE", function(err, docs) {
res.status(403).send(JSON.stringify(error.not_authenticated));
return;
});
} else if(docs.length > 0 && docs[0].userpass != userpass) {
res.status(403).send(JSON.stringify(error.not_authenticated));
return;
} else {
res.status(404).send(JSON.stringify(error.not_found.list));
return;
}
db.collection(channel_name + "_settings").find({ id: "config" }, toShowConfig, function(err, docs) {
if(docs.length > 0 && docs[0].userpass == userpass) {
var conf = docs[0];
if(conf.adminpass != "") {
conf.adminpass = true;
} else {
conf.adminpass = false;
}
if(conf.userpass != "") {
conf.userpass = true;
} else {
conf.userpass = false;
}
if(authorized) {
incrementToken(token);
}
updateTimeout(guid, res, authorized, "POST", function(err, docs) {
var to_return = error.no_error;
to_return.results = conf;
res.status(200).send(JSON.stringify(to_return));
});
} else if(docs.length > 0 && docs[0].userpass != userpass) {
res.status(403).send(JSON.stringify(error.not_authenticated));
return;
} else {
res.status(404).send(JSON.stringify(error.not_found.list));
return;
}
});
});
});
});
});
function checkOveruseApiToken(authorized, token_docs, res, callback) {
if(authorized || (authorized && token_docs[0].limit == 0)) {
callback();
return;
}
db.collection("timeout_api").find({guid: token_docs[0].token}, function(e, doc) {
if(doc.length == 1) {
var this_doc = doc[0];
var date = new Date(this_doc[0].createdAt);
date.setSeconds(date.getSeconds() + 1);
var now = new Date();
var retry_in = (date.getTime() - now.getTime()) / 1000;
if(this_doc.used > token_docs[0].limit && retry_in > 0) {
res.header({'Retry-After': retry_in});
res.status(429).send(JSON.stringify(error.tooMany));
return;
} else {
db.collection("timeout_api").update({guid: token}, {$inc: {used: 1}}, function(e, d) {
callback();
});
}
} else {
db.collection("timeout_api").insert({guid: token, used: 0, createdAt: new Date(), type: "ALL"}, function(e, d) {
callback();
});
}
});
}
router.route('/api/list/:channel_name').post(function(req, res) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
@@ -777,37 +818,39 @@ router.route('/api/list/:channel_name').post(function(req, res) {
if(token_docs.length == 1 && token_docs[0].token == token) {
authorized = true;
}
checkTimeout(guid, res, authorized, "POST", function() {
if(token != "" && !authorized) {
updateTimeout(guid, res, authorized, "POST", function(err, docs) {
res.status(403).send(JSON.stringify(error.not_authenticated));
return;
});
}
db.collection(channel_name).find({views: {$exists: false}}, toShowChannel, function(err, list) {
if(list.length > 0) {
db.collection(channel_name + "_settings").find({ id: "config" }, function(err, conf) {
if(conf.length == 0) {
res.status(404).send(JSON.stringify(error.not_found.list));
return;
} else if(conf[0].userpass != userpass && conf[0].userpass != "") {
res.status(403).send(JSON.stringify(error.not_authenticated));
return;
}
if(authorized) {
incrementToken(token);
}
updateTimeout(guid, res, authorized, "POST", function(err, docs) {
var to_return = error.no_error;
to_return.results = list;
res.status(200).send(JSON.stringify(to_return));
return;
});
checkOveruseApiToken(authorized, token_docs, res, function() {
checkTimeout(guid, res, authorized, "POST", function() {
if(token != "" && !authorized) {
updateTimeout(guid, res, authorized, "POST", function(err, docs) {
res.status(403).send(JSON.stringify(error.not_authenticated));
return;
});
} else {
res.status(404).send(JSON.stringify(error.not_found.list));
return;
}
db.collection(channel_name).find({views: {$exists: false}}, toShowChannel, function(err, list) {
if(list.length > 0) {
db.collection(channel_name + "_settings").find({ id: "config" }, function(err, conf) {
if(conf.length == 0) {
res.status(404).send(JSON.stringify(error.not_found.list));
return;
} else if(conf[0].userpass != userpass && conf[0].userpass != "") {
res.status(403).send(JSON.stringify(error.not_authenticated));
return;
}
if(authorized) {
incrementToken(token);
}
updateTimeout(guid, res, authorized, "POST", function(err, docs) {
var to_return = error.no_error;
to_return.results = list;
res.status(200).send(JSON.stringify(to_return));
return;
});
});
} else {
res.status(404).send(JSON.stringify(error.not_found.list));
return;
}
});
});
});
});
@@ -831,8 +874,8 @@ router.route('/api/imageblob').post(function(req, res) {
});
});
var nodemailer = require('nodemailer');
try {
var nodemailer = require('nodemailer');
var mailconfig = require(path.join(__dirname, '../../config/mailconfig.js'));
var recaptcha_config = require(path.join(__dirname, '../../config/recaptcha.js'));
var Recaptcha = require('express-recaptcha');
@@ -840,6 +883,61 @@ try {
var RECAPTCHA_SECRET_KEY = recaptcha_config.key;
var recaptcha = new Recaptcha(RECAPTCHA_SITE_KEY, RECAPTCHA_SECRET_KEY);
router.route('/api/apply').post(recaptcha.middleware.verify, function(req, res) {
if(req.body.email == "" || req.body.email == undefined) {
res.send("failed");
return;
}
if(req.recaptcha.error == null) {
var name = req.body.email;
var id = crypto.createHash('sha256').update(uniqid()).digest('base64');
var uniqid_link = crypto.createHash('sha256').update(uniqid()).digest('hex');
token_db.collection("api_token").find({name: name}, function(err, results_find) {
if(results_find.length > 0) {
res.send("failed");
return;
}
token_db.collection("api_token").insert({name: name, token: id, usage: 0, active: false}, function(err, docs){
token_db.collection("api_links").insert({id: uniqid_link, token: id, createdAt: new Date()}, function(err, docs) {
let transporter = nodemailer.createTransport(mailconfig);
transporter.verify(function(error, success) {
if (error) {
token_db.collection("api_links").remove({id: uniqid_link}, function(e,d) {
res.send("failed");
return;
})
} else {
var subject = 'ZOFF: API-key';
var message = "Link to API-key: <a href='https://zoff.me/api/apply/" + uniqid_link + "'/>https://zoff.me/api/apply/" + uniqid_link + "</a>\n\nThis link expires in 1 day.";
var msg = {
from: mailconfig.from,
to: name,
subject: subject,
text: message,
html: message,
}
transporter.sendMail(msg, (error, info) => {
if (error) {
res.status(400).send("failed");
transporter.close();
return;
}
res.status(200).send("success");
transporter.close();
return;
});
}
});
})
});
})
} else {
res.send("failed");
return;
}
});
router.route('/api/mail').post(recaptcha.middleware.verify, function(req, res) {
if(req.recaptcha.error == null) {
let transporter = nodemailer.createTransport(mailconfig);
@@ -916,7 +1014,7 @@ function checkTimeout(guid, res, authorized, type, callback) {
}, function(err, docs) {
if(docs.length > 0) {
var date = new Date(docs[0].createdAt);
date.setSeconds(date.getSeconds() + 2);
date.setSeconds(date.getSeconds() + 1);
var now = new Date();
var retry_in = (date.getTime() - now.getTime()) / 1000;
if(retry_in > 0) {