KevinMidboe/zoff
1
0
Fork 0
mirror of https://github.com/KevinMidboe/zoff.git synced 2025-10-29 18:00:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Updated RESTApi to have tokens also

Browse Source
This commit is contained in:
Kasper Rynning-Tønnesen
2018-03-03 16:24:57 +01:00
parent 731f26e3d4
commit 78ffcec66d
5 changed files with 375 additions and 243 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
server/apps/addtype.js
View File

@@ -1,15 +1,29 @@
path = require('path'), path = require('path'),
pathThumbnails = __dirname; pathThumbnails = __dirname;
db = require(pathThumbnails + '/../handlers/db.js'); db = require(pathThumbnails + '/../handlers/db.js');
var usual = [];
var settings = [];
db.getCollectionNames(function(err, docs) { db.getCollectionNames(function(err, docs) {
for(var i = 0; i < docs.length; i++) { /*for(var i = 0; i < docs.length; i++) {
addType(docs[i]); if(docs[i].indexOf("_settings") > -1) {
settings.push(docs[0]);
} else {
usual.push(docs[0]);
}
//addType(docs[i]);
} }
for(var i = 0; i < usual.length; i++) {
if(settings.indexOf(usual + "_settings") < 0) {
console.log(usual);
}
}*/
}) })
function addType(name) { function addType(name) {
db.collection(name).update({duration: {$exists: true},type:{$ne:"suggested"}}, {$set: { type: "video" }}, {multi: true}, function(err, doc) { if(name.indexOf("_settings") > -1) {
process.exit(); db.collection(name).update({views: {$exists: true}}, {$set: { id: "config" }}, {multi: true}, function(err, doc) {
}); console.log(name);
});
}
} }

13
server/public/assets/admin/authenticated/js/main.js
View File

@@ -205,6 +205,19 @@ $(document).on("click", "#get_token", function(e){
}) })
}); });
$(document).on("click", "#get_api_token", function(e){
e.preventDefault();
$.ajax({
type: "GET",
url: "/api/api_token",
success: function(response){
if(response != false){
$("#new_api_token").val(response.token);
}
}
})
});
$(document).on("click", ".approve_thumbnails", function(e){ $(document).on("click", ".approve_thumbnails", function(e){
e.preventDefault(); e.preventDefault();
var channel = $(this).attr("data-channel"); var channel = $(this).attr("data-channel");

9
server/public/layouts/admin/authenticated.handlebars
View File

@@ -98,6 +98,15 @@
<a href="#" id="remove_token" class="btn red waves-effect hide">REMOVE</a> <a href="#" id="remove_token" class="btn red waves-effect hide">REMOVE</a>
</div> </div>
</div> </div>
<div class="row">
<div class="input-field col s8 m10">
<input type="text" readonly id="new_api_token" />
</div>
<div class="col s2">
<a href="#" id="get_api_token" class="btn waves-effect purple">GET API</a>
</div>
</div>
</div> </div>
</div> </div>
<div id="thumbnails" class="col s12"> <div id="thumbnails" class="col s12">

13
server/routing/admin/api.js
View File

@@ -5,6 +5,8 @@ var mongo_db_cred = require(path.join(__dirname, '../../config/mongo_config.js')
var mongojs = require('mongojs'); var mongojs = require('mongojs');
var db = mongojs(mongo_db_cred.config); var db = mongojs(mongo_db_cred.config);
var token_db = mongojs("tokens"); var token_db = mongojs("tokens");
var uniqid = require('uniqid');
var crypto = require('crypto');
router.use(function(req, res, next) { router.use(function(req, res, next) {
next(); // make sure we go to the next routes and don't stop here next(); // make sure we go to the next routes and don't stop here
@@ -164,6 +166,17 @@ router.route('/api/token').get(function(req, res){
} }
}); });
router.route('/api/api_token').get(function(req, res){
if(req.isAuthenticated()){
var id = crypto.createHash('sha256').update(uniqid()).digest('base64');
token_db.collection("api_token").insert({token: id}, function(err, docs){
res.json({token: id});
});
} else {
res.send(false);
}
});
router.route('/api/delete').post(function(req, res){ router.route('/api/delete').post(function(req, res){
if(req.isAuthenticated()){ if(req.isAuthenticated()){
var list = req.body._id; var list = req.body._id;

559
server/routing/client/api.js
View File

@@ -3,6 +3,8 @@ var router = express.Router();
var path = require('path'); var path = require('path');
var mongojs = require('mongojs'); var mongojs = require('mongojs');
var ObjectId = mongojs.ObjectId; var ObjectId = mongojs.ObjectId;
var token_db = mongojs("tokens");
var toShowChannel = { var toShowChannel = {
start: 1, start: 1,
end: 1, end: 1,
@@ -120,6 +122,10 @@ router.route('/api/list/:channel_name/:video_id').delete(function(req, res) {
res.status(400).send(JSON.stringify(error.formatting)); res.status(400).send(JSON.stringify(error.formatting));
return; return;
} }
var token = "";
if(req.body.hasOwnProperty("token")) {
token = req.body.token;
}
try { try {
var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress; var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress;
var guid = Functions.hash_pass(req.get('User-Agent') + ip + req.headers["accept-language"]); var guid = Functions.hash_pass(req.get('User-Agent') + ip + req.headers["accept-language"]);
@@ -136,39 +142,46 @@ router.route('/api/list/:channel_name/:video_id').delete(function(req, res) {
return; return;
} }
checkTimeout(guid, res, "DELETE", function() { token_db.collection("api_token").find({token: token}, function(err, token_docs) {
validateLogin(adminpass, userpass, channel_name, "delete", res, function(exists) { var authorized = false;
if(!exists) { if(token_docs.length == 1 && token_docs.token == token) {
res.status(404).send(JSON.stringify(error.not_found.list)); authorized = true;
return; }
}
db.collection(channel_name).find({id:video_id, now_playing: false}, function(err, docs){ checkTimeout(guid, res, authorized, "DELETE", function() {
if(docs.length == 0) { validateLogin(adminpass, userpass, channel_name, "delete", res, function(exists) {
res.status(404).send(JSON.stringify(error.not_found.local)); if(!exists) {
res.status(404).send(JSON.stringify(error.not_found.list));
return; return;
} }
var dont_increment = false; db.collection(channel_name).find({id:video_id, now_playing: false}, function(err, docs){
if(docs[0]){ if(docs.length == 0) {
if(docs[0].type == "suggested"){ res.status(404).send(JSON.stringify(error.not_found.local));
dont_increment = true; return;
} }
db.collection(channel_name).remove({id:video_id}, function(err, docs){ var dont_increment = false;
io.to(channel_name).emit("channel", {type:"deleted", value: video_id}); if(docs[0]){
if(!dont_increment) { if(docs[0].type == "suggested"){
db.collection("frontpage_lists").update({_id: channel_name, count: {$gt: 0}}, {$inc: {count: -1}, $set:{accessed: Functions.get_time()}}, {upsert: true}, function(err, docs){ dont_increment = true;
updateTimeout(guid, res, "DELETE", function(err, docs) { }
db.collection(channel_name).remove({id:video_id}, function(err, docs){
io.to(channel_name).emit("channel", {type:"deleted", value: video_id});
if(!dont_increment) {
db.collection("frontpage_lists").update({_id: channel_name, count: {$gt: 0}}, {$inc: {count: -1}, $set:{accessed: Functions.get_time()}}, {upsert: true}, function(err, docs){
updateTimeout(guid, res, authorized, "DELETE", function(err, docs) {
res.status(200).send(JSON.stringify(error.no_error));
return;
});
});
} else {
updateTimeout(guid, res, authorized, "DELETE", function(err, docs) {
res.status(200).send(JSON.stringify(error.no_error)); res.status(200).send(JSON.stringify(error.no_error));
return; return;
}); });
}); }
} else { });
updateTimeout(guid, res, "DELETE", function(err, docs) { }
res.status(200).send(JSON.stringify(error.no_error)); });
return;
});
}
});
}
}); });
}); });
}); });
@@ -178,6 +191,7 @@ router.route('/api/conf/:channel_name').put(function(req, res) {
res.header("Access-Control-Allow-Origin", "*"); res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept"); res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
res.header({"Content-Type": "application/json"}); res.header({"Content-Type": "application/json"});
if(!req.body.hasOwnProperty('adminpass') || !req.body.hasOwnProperty('userpass') || if(!req.body.hasOwnProperty('adminpass') || !req.body.hasOwnProperty('userpass') ||
!req.params.hasOwnProperty('channel_name') || !req.body.hasOwnProperty('vote') || !req.params.hasOwnProperty('channel_name') || !req.body.hasOwnProperty('vote') ||
!req.body.hasOwnProperty('addsongs') || !req.body.hasOwnProperty('longsongs') || !req.body.hasOwnProperty('addsongs') || !req.body.hasOwnProperty('longsongs') ||
@@ -187,6 +201,10 @@ router.route('/api/conf/:channel_name').put(function(req, res) {
res.status(400).send(JSON.stringify(error.formatting)); res.status(400).send(JSON.stringify(error.formatting));
return; return;
} }
var token = "";
if(req.body.hasOwnProperty("token")) {
token = req.body.token;
}
try { try {
var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress; var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress;
var guid = Functions.hash_pass(req.get('User-Agent') + ip + req.headers["accept-language"]); var guid = Functions.hash_pass(req.get('User-Agent') + ip + req.headers["accept-language"]);
@@ -215,55 +233,62 @@ router.route('/api/conf/:channel_name').put(function(req, res) {
res.status(400).send(JSON.stringify(error.formatting)); res.status(400).send(JSON.stringify(error.formatting));
return; return;
} }
checkTimeout(guid, res, "CONFIG", function() {
validateLogin(adminpass, userpass, channel_name, "config", res, function(exists, conf) {
if(!exists && conf.length == 0) {
res.status(404).send(JSON.stringify(error.not_found.list));
return;
}
if((!userpass_changed && frontpage) || (userpass_changed && userpass == "")) { token_db.collection("api_token").find({token: token}, function(err, token_docs) {
userpass = ""; var authorized = false;
} else if(userpass_changed && userpass != "") { if(token_docs.length == 1 && token_docs.token == token) {
frontpage = false; authorized = true;
} }
var description = ""; checkTimeout(guid, res, authorized, "CONFIG", function() {
validateLogin(adminpass, userpass, channel_name, "config", res, function(exists, conf) {
if(!exists && conf.length == 0) {
res.status(404).send(JSON.stringify(error.not_found.list));
return;
}
var obj = { if((!userpass_changed && frontpage) || (userpass_changed && userpass == "")) {
addsongs:addsongs, userpass = "";
allvideos:allvideos, } else if(userpass_changed && userpass != "") {
frontpage:frontpage, frontpage = false;
skip:skipping, }
vote:voting, var description = "";
removeplay:removeplay,
shuffle:shuffling,
longsongs:longsongs,
adminpass:adminpass,
desc: description,
};
if(userpass_changed) {
obj["userpass"] = userpass;
} else if (frontpage) {
obj["userpass"] = "";
}
db.collection(channel_name + "_settings").update({views:{$exists:true}}, {
$set:obj
}, function(err, docs){
if(obj.adminpass !== "") obj.adminpass = true; var obj = {
if(obj.hasOwnProperty("userpass") && obj.userpass != "") obj.userpass = true; addsongs:addsongs,
else obj.userpass = false; allvideos:allvideos,
io.to(channel_name).emit("conf", [obj]); frontpage:frontpage,
skip:skipping,
vote:voting,
removeplay:removeplay,
shuffle:shuffling,
longsongs:longsongs,
adminpass:adminpass,
desc: description,
};
if(userpass_changed) {
obj["userpass"] = userpass;
} else if (frontpage) {
obj["userpass"] = "";
}
db.collection(channel_name + "_settings").update({views:{$exists:true}}, {
$set:obj
}, function(err, docs){
db.collection("frontpage_lists").update({_id: channel_name}, {$set:{ if(obj.adminpass !== "") obj.adminpass = true;
frontpage:frontpage, accessed: Functions.get_time()} if(obj.hasOwnProperty("userpass") && obj.userpass != "") obj.userpass = true;
}, else obj.userpass = false;
{upsert:true}, function(err, docs){ io.to(channel_name).emit("conf", [obj]);
updateTimeout(guid, res, "CONFIG", function(err, docs) {
var to_return = error.no_error; db.collection("frontpage_lists").update({_id: channel_name}, {$set:{
to_return.results = [obj]; frontpage:frontpage, accessed: Functions.get_time()}
res.status(200).send(JSON.stringify(to_return)); },
return; {upsert:true}, function(err, docs){
updateTimeout(guid, res, authorized, "CONFIG", function(err, docs) {
var to_return = error.no_error;
to_return.results = [obj];
res.status(200).send(JSON.stringify(to_return));
return;
});
}); });
}); });
}); });
@@ -281,7 +306,10 @@ router.route('/api/list/:channel_name/:video_id').put(function(req,res) {
res.status(400).send(JSON.stringify(error.formatting)); res.status(400).send(JSON.stringify(error.formatting));
return; return;
} }
var token = "";
if(req.body.hasOwnProperty("token")) {
token = req.body.token;
}
try { try {
var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress; var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress;
var guid = Functions.hash_pass(req.get('User-Agent') + ip + req.headers["accept-language"]); var guid = Functions.hash_pass(req.get('User-Agent') + ip + req.headers["accept-language"]);
@@ -298,35 +326,42 @@ router.route('/api/list/:channel_name/:video_id').put(function(req,res) {
return; return;
} }
checkTimeout(guid, res, "PUT", function() { token_db.collection("api_token").find({token: token}, function(err, token_docs) {
validateLogin(adminpass, userpass, channel_name, "vote", res, function(exists) { var authorized = false;
if(!exists) { if(token_docs.length == 1 && token_docs.token == token) {
res.status(404).send(JSON.stringify(error.not_found.list)); authorized = true;
return; }
}
db.collection(channel_name).find({id: video_id, now_playing: false, type:"video"}, function(err, song) { checkTimeout(guid, res, authorized, "PUT", function() {
if(song.length == 0) { validateLogin(adminpass, userpass, channel_name, "vote", res, function(exists) {
res.status(404).send(JSON.stringify(error.not_found.local)); if(!exists) {
res.status(404).send(JSON.stringify(error.not_found.list));
return; return;
} else if(song[0].guids.indexOf(guid) > -1) { }
res.status(409).send(JSON.stringify(error.conflicting)); db.collection(channel_name).find({id: video_id, now_playing: false, type:"video"}, function(err, song) {
return; if(song.length == 0) {
} else { res.status(404).send(JSON.stringify(error.not_found.local));
song[0].votes += 1; return;
song[0].guids.push(guid); } else if(song[0].guids.indexOf(guid) > -1) {
db.collection(channel_name).update({id: video_id}, {$inc:{votes:1}, $set:{added:Functions.get_time(), type: "video"}, $push :{guids: guid}}, function(err, success) { res.status(409).send(JSON.stringify(error.conflicting));
io.to(channel_name).emit("channel", {type: "vote", value: video_id, time: Functions.get_time()}); return;
List.getNextSong(channel_name, function() { } else {
updateTimeout(guid, res, "PUT", function(err, docs) { song[0].votes += 1;
var to_return = error.no_error; song[0].guids.push(guid);
to_return.results = song; db.collection(channel_name).update({id: video_id}, {$inc:{votes:1}, $set:{added:Functions.get_time(), type: "video"}, $push :{guids: guid}}, function(err, success) {
res.status(200).send(JSON.stringify(to_return)); io.to(channel_name).emit("channel", {type: "vote", value: video_id, time: Functions.get_time()});
return; List.getNextSong(channel_name, function() {
updateTimeout(guid, res, authorized, "PUT", function(err, docs) {
var to_return = error.no_error;
to_return.results = song;
res.status(200).send(JSON.stringify(to_return));
return;
});
}); });
}); });
}); }
} })
}) });
}); });
}); });
}); });
@@ -347,32 +382,42 @@ router.route('/api/list/:channel_name/__np__').post(function(req, res) {
var channel_name = req.params.channel_name; var channel_name = req.params.channel_name;
req.body.userpass = req.body.userpass == "" ? "" : crypto.createHash('sha256').update(req.body.userpass, 'utf8').digest("hex"); req.body.userpass = req.body.userpass == "" ? "" : crypto.createHash('sha256').update(req.body.userpass, 'utf8').digest("hex");
var userpass = req.body.userpass; var userpass = req.body.userpass;
var token = "";
if(req.body.hasOwnProperty("token")) {
token = req.body.token;
}
console.log(token);
if(typeof(userpass) != "string") { if(typeof(userpass) != "string") {
res.status(400).send(JSON.stringify(error.formatting)); res.status(400).send(JSON.stringify(error.formatting));
return; return;
} }
token_db.collection("api_token").find({token: token}, function(err, token_docs) {
checkTimeout(guid, res, "POST", function() { var authorized = false;
db.collection(channel_name).find({now_playing: true}, toShowChannel, function(err, list) { if(token_docs.length == 1 && token_docs.token == token) {
if(list.length > 0) { authorized = true;
db.collection(channel_name + "_settings").find({views: {$exists: true}}, function(err, conf) { }
if(conf.length == 0) { console.log(authorized);
res.status(404).send(JSON.stringify(error.not_found.list)); checkTimeout(guid, res, authorized, "POST", function() {
return; db.collection(channel_name).find({now_playing: true}, toShowChannel, function(err, list) {
} else if(conf[0].userpass != userpass && conf[0].userpass != "") { if(list.length > 0) {
res.status(404).send(JSON.stringify(error.not_authenticated)); db.collection(channel_name + "_settings").find({ id: "config" }, function(err, conf) {
return; if(conf.length == 0) {
} res.status(404).send(JSON.stringify(error.not_found.list));
updateTimeout(guid, res, "POST", function(err, docs) { return;
var to_return = error.no_error; } else if(conf[0].userpass != userpass && conf[0].userpass != "") {
to_return.results = list; res.status(404).send(JSON.stringify(error.not_authenticated));
res.status(200).send(JSON.stringify(to_return)); return;
}
updateTimeout(guid, res, authorized, "POST", function(err, docs) {
var to_return = error.no_error;
to_return.results = list;
res.status(200).send(JSON.stringify(to_return));
});
}); });
}); } else {
} else { res.status(404).send(JSON.stringify(error.not_found.list));
res.status(404).send(JSON.stringify(error.not_found.list)); }
} });
}); });
}); });
}); });
@@ -385,6 +430,10 @@ router.route('/api/list/:channel_name/:video_id').post(function(req,res) {
if(req.body.hasOwnProperty('fetch_song')) { if(req.body.hasOwnProperty('fetch_song')) {
fetch_only = true; fetch_only = true;
} }
var token = "";
if(req.body.hasOwnProperty("token")) {
token = req.body.token;
}
if(!fetch_only && (!req.body.hasOwnProperty('adminpass') || !req.body.hasOwnProperty('userpass') || if(!fetch_only && (!req.body.hasOwnProperty('adminpass') || !req.body.hasOwnProperty('userpass') ||
!req.params.hasOwnProperty('channel_name') || !req.params.hasOwnProperty('video_id') || !req.params.hasOwnProperty('channel_name') || !req.params.hasOwnProperty('video_id') ||
!req.body.hasOwnProperty('duration') || !req.body.hasOwnProperty('start_time') || !req.body.hasOwnProperty('duration') || !req.body.hasOwnProperty('start_time') ||
@@ -416,77 +465,83 @@ router.route('/api/list/:channel_name/:video_id').post(function(req,res) {
return; return;
} }
checkTimeout(guid, res, "POST", function() { token_db.collection("api_token").find({token: token}, function(err, token_docs) {
var type = fetch_only ? "fetch_song" : "add"; var authorized = false;
validateLogin(adminpass, userpass, channel_name, type, res, function(exists, conf, authenticated) { if(token_docs.length == 1 && token_docs.token == token) {
db.collection(channel_name).find({id: video_id}, function(err, result) { authorized = true;
if(result.length == 0 || result[0].type == "suggested") { }
var song_type = authenticated ? "video" : "suggested"; checkTimeout(guid, res, authorized, "POST", function() {
if(fetch_only && result.length == 0) { var type = fetch_only ? "fetch_song" : "add";
res.status(404).send(JSON.stringify(error.not_found.local)); validateLogin(adminpass, userpass, channel_name, type, res, function(exists, conf, authenticated) {
return; db.collection(channel_name).find({id: video_id}, function(err, result) {
} if(result.length == 0 || result[0].type == "suggested") {
db.collection(channel_name).find({now_playing: true}, function(err, now_playing) { var song_type = authenticated ? "video" : "suggested";
var set_np = false; if(fetch_only && result.length == 0) {
if(now_playing.length == 0 && authenticated) { res.status(404).send(JSON.stringify(error.not_found.local));
set_np = true; return;
} }
var new_song = {"added": Functions.get_time(),"guids":[guid],"id":video_id,"now_playing":set_np,"title":title,"votes":1, "duration":duration, "start": parseInt(start_time), "end": parseInt(end_time), "type": song_type}; db.collection(channel_name).find({now_playing: true}, function(err, now_playing) {
Search.get_correct_info(new_song, channel_name, false, function(element, found) { var set_np = false;
if(!found) { if(now_playing.length == 0 && authenticated) {
res.status(404).send(JSON.stringify(error.not_found.youtube)); set_np = true;
return;
} }
new_song = element; var new_song = {"added": Functions.get_time(),"guids":[guid],"id":video_id,"now_playing":set_np,"title":title,"votes":1, "duration":duration, "start": parseInt(start_time), "end": parseInt(end_time), "type": song_type};
db.collection("frontpage_lists").find({"_id": channel_name}, function(err, count) { Search.get_correct_info(new_song, channel_name, false, function(element, found) {
var create_frontpage_lists = false; if(!found) {
if(count.length == 0) { res.status(404).send(JSON.stringify(error.not_found.youtube));
create_frontpage_lists = true; return;
} }
if(!exists) { new_song = element;
var configs = {"addsongs":false, "adminpass":"", "allvideos":true, "frontpage":true, "longsongs":false, "removeplay": false, "shuffle": true, "skip": false, "skips": [], "startTime":Functions.get_time(), "views": [], "vote": false, "desc": ""}; db.collection("frontpage_lists").find({"_id": channel_name}, function(err, count) {
db.collection(channel_name + "_settings").insert(configs, function(err, docs){ var create_frontpage_lists = false;
io.to(channel_name).emit("conf", configs); if(count.length == 0) {
}); create_frontpage_lists = true;
} }
db.collection(channel_name).update({"id": new_song.id}, new_song, {upsert: true}, function(err, success) { if(!exists) {
if(create_frontpage_lists) { var configs = {"addsongs":false, "adminpass":"", "allvideos":true, "frontpage":true, "longsongs":false, "removeplay": false, "shuffle": true, "skip": false, "skips": [], "startTime":Functions.get_time(), "views": [], "vote": false, "desc": ""};
db.collection("frontpage_lists").update({"_id": channel_name, "count" : (authenticated ? 1 : 0), "frontpage": true, "accessed": Functions.get_time(), "viewers": 1}, {upsert: true}, function(err, docs) { db.collection(channel_name + "_settings").insert(configs, function(err, docs){
if(authenticated) { io.to(channel_name).emit("conf", configs);
io.to(channel_name).emit("channel", {type: "added", value: new_song});
} else {
io.to(channel_name).emit("suggested", new_song);
}
postEnd(channel_name, configs, new_song, guid, res, authenticated);
});
} else if(set_np) {
Frontpage.update_frontpage(channel_name, video_id, title, function() {
io.to(channel_name).emit("np", {np: [new_song], conf: [conf]});
postEnd(channel_name, configs, new_song, guid, res, authenticated);
});
} else {
db.collection("frontpage_lists").update({"_id": channel_name}, {$inc: {count: (authenticated ? 1 : 0)}}, function(err, docs) {
if(authenticated) {
io.to(channel_name).emit("channel", {type: "added", value: new_song});
} else {
io.to(channel_name).emit("suggested", new_song);
}
postEnd(channel_name, configs, new_song, guid, res, authenticated);
}); });
} }
}); db.collection(channel_name).update({"id": new_song.id}, new_song, {upsert: true}, function(err, success) {
}) if(create_frontpage_lists) {
db.collection("frontpage_lists").update({"_id": channel_name, "count" : (authenticated ? 1 : 0), "frontpage": true, "accessed": Functions.get_time(), "viewers": 1}, {upsert: true}, function(err, docs) {
if(authenticated) {
io.to(channel_name).emit("channel", {type: "added", value: new_song});
} else {
io.to(channel_name).emit("suggested", new_song);
}
postEnd(channel_name, configs, new_song, guid, res, authenticated, authorized);
});
} else if(set_np) {
Frontpage.update_frontpage(channel_name, video_id, title, function() {
io.to(channel_name).emit("np", {np: [new_song], conf: [conf]});
postEnd(channel_name, configs, new_song, guid, res, authenticated, authorized);
});
} else {
db.collection("frontpage_lists").update({"_id": channel_name}, {$inc: {count: (authenticated ? 1 : 0)}}, function(err, docs) {
if(authenticated) {
io.to(channel_name).emit("channel", {type: "added", value: new_song});
} else {
io.to(channel_name).emit("suggested", new_song);
}
postEnd(channel_name, configs, new_song, guid, res, authenticated, authorized);
});
}
});
})
});
}); });
}); } else if(fetch_only) {
} else if(fetch_only) { var to_return = error.no_error;
var to_return = error.no_error; to_return.results = result;
to_return.results = result; res.status(200).send(JSON.stringify(to_return));
res.status(200).send(JSON.stringify(to_return)); return;
return; } else {
} else { res.status(409).send(JSON.stringify(error.conflicting));
res.status(409).send(JSON.stringify(error.conflicting)); return;
return; }
} });
}); });
}); });
}); });
@@ -500,7 +555,7 @@ router.route('/api/list/:channel_name').get(function(req, res) {
var channel_name = req.params.channel_name; var channel_name = req.params.channel_name;
db.collection(channel_name).find({views: {$exists: false}}, toShowChannel, function(err, docs) { db.collection(channel_name).find({views: {$exists: false}}, toShowChannel, function(err, docs) {
if(docs.length > 0) { if(docs.length > 0) {
db.collection(channel_name + "_settings").find({views: {$exists: true}}, function(err, conf) { db.collection(channel_name + "_settings").find({ id: "config" }, function(err, conf) {
if(conf.length == 0) { if(conf.length == 0) {
res.status(404).send(JSON.stringify(error.not_found.list)); res.status(404).send(JSON.stringify(error.not_found.list));
return; return;
@@ -530,7 +585,7 @@ router.route('/api/list/:channel_name/:video_id').get(function(req, res) {
searchQuery = {now_playing: true}; searchQuery = {now_playing: true};
} }
db.collection(channel_name).find(searchQuery, toShowChannel, function(err, docs) { db.collection(channel_name).find(searchQuery, toShowChannel, function(err, docs) {
db.collection(channel_name + "_settings").find({views: {$exists: true}}, function(err, conf) { db.collection(channel_name + "_settings").find({ id: "config" }, function(err, conf) {
if(conf.length == 0) { if(conf.length == 0) {
res.status(404).send(JSON.stringify(error.not_found.list)); res.status(404).send(JSON.stringify(error.not_found.list));
return; return;
@@ -556,7 +611,7 @@ router.route('/api/conf/:channel_name').get(function(req, res) {
res.header({"Content-Type": "application/json"}); res.header({"Content-Type": "application/json"});
var channel_name = req.params.channel_name; var channel_name = req.params.channel_name;
db.collection(channel_name + "_settings").find({views: {$exists: true}}, toShowConfig, function(err, docs) { db.collection(channel_name + "_settings").find({ id: "config" }, toShowConfig, function(err, docs) {
if(docs.length > 0 && docs[0].userpass == "" || docs[0].userpass == undefined) { if(docs.length > 0 && docs[0].userpass == "" || docs[0].userpass == undefined) {
var conf = docs[0]; var conf = docs[0];
if(conf.adminpass != "") { if(conf.adminpass != "") {
@@ -591,6 +646,10 @@ router.route('/api/conf/:channel_name').post(function(req, res) {
res.status(400).send(JSON.stringify(error.formatting)); res.status(400).send(JSON.stringify(error.formatting));
return; return;
} }
var token = "";
if(req.body.hasOwnProperty("token")) {
token = req.body.token;
}
var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress; var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress;
var guid = Functions.hash_pass(req.get('User-Agent') + ip + req.headers["accept-language"]); var guid = Functions.hash_pass(req.get('User-Agent') + ip + req.headers["accept-language"]);
var channel_name = req.params.channel_name; var channel_name = req.params.channel_name;
@@ -602,32 +661,38 @@ router.route('/api/conf/:channel_name').post(function(req, res) {
return; return;
} }
checkTimeout(guid, res, "POST", function() { token_db.collection("api_token").find({token: token}, function(err, token_docs) {
db.collection(channel_name + "_settings").find({views: {$exists: true}}, toShowConfig, function(err, docs) { var authorized = false;
if(docs.length > 0 && docs[0].userpass == userpass) { if(token_docs.length == 1 && token_docs.token == token) {
var conf = docs[0]; authorized = true;
if(conf.adminpass != "") { }
conf.adminpass = true; checkTimeout(guid, res, authorized, "POST", function() {
db.collection(channel_name + "_settings").find({ id: "config" }, toShowConfig, function(err, docs) {
if(docs.length > 0 && docs[0].userpass == userpass) {
var conf = docs[0];
if(conf.adminpass != "") {
conf.adminpass = true;
} else {
conf.adminpass = false;
}
if(conf.userpass != "") {
conf.userpass = true;
} else {
conf.userpass = false;
}
updateTimeout(guid, res, authorized, "POST", function(err, docs) {
var to_return = error.no_error;
to_return.results = conf;
res.status(200).send(JSON.stringify(to_return));
});
} else if(docs.length > 0 && docs[0].userpass != userpass) {
res.status(404).send(JSON.stringify(error.not_authenticated));
return;
} else { } else {
conf.adminpass = false; res.status(404).send(JSON.stringify(error.not_found.list));
return;
} }
if(conf.userpass != "") { });
conf.userpass = true;
} else {
conf.userpass = false;
}
updateTimeout(guid, res, "POST", function(err, docs) {
var to_return = error.no_error;
to_return.results = conf;
res.status(200).send(JSON.stringify(to_return));
});
} else if(docs.length > 0 && docs[0].userpass != userpass) {
res.status(404).send(JSON.stringify(error.not_authenticated));
return;
} else {
res.status(404).send(JSON.stringify(error.not_found.list));
return;
}
}); });
}); });
}); });
@@ -642,6 +707,10 @@ router.route('/api/list/:channel_name').post(function(req, res) {
return; return;
} }
var token = "";
if(req.body.hasOwnProperty("token")) {
token = req.body.token;
}
var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress; var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress;
var guid = Functions.hash_pass(req.get('User-Agent') + ip + req.headers["accept-language"]); var guid = Functions.hash_pass(req.get('User-Agent') + ip + req.headers["accept-language"]);
var channel_name = req.params.channel_name; var channel_name = req.params.channel_name;
@@ -653,26 +722,32 @@ router.route('/api/list/:channel_name').post(function(req, res) {
return; return;
} }
checkTimeout(guid, res, "POST", function() { token_db.collection("api_token").find({token: token}, function(err, token_docs) {
db.collection(channel_name).find({views: {$exists: false}}, toShowChannel, function(err, list) { var authorized = false;
if(list.length > 0) { if(token_docs.length == 1 && token_docs.token == token) {
db.collection(channel_name + "_settings").find({views: {$exists: true}}, function(err, conf) { authorized = true;
if(conf.length == 0) { }
res.status(404).send(JSON.stringify(error.not_found.list)); checkTimeout(guid, res, authorized, "POST", function() {
return; db.collection(channel_name).find({views: {$exists: false}}, toShowChannel, function(err, list) {
} else if(conf[0].userpass != userpass && conf[0].userpass != "") { if(list.length > 0) {
res.status(404).send(JSON.stringify(error.not_authenticated)); db.collection(channel_name + "_settings").find({ id: "config" }, function(err, conf) {
return; if(conf.length == 0) {
} res.status(404).send(JSON.stringify(error.not_found.list));
updateTimeout(guid, res, "POST", function(err, docs) { return;
var to_return = error.no_error; } else if(conf[0].userpass != userpass && conf[0].userpass != "") {
to_return.results = list; res.status(404).send(JSON.stringify(error.not_authenticated));
res.status(200).send(JSON.stringify(to_return)); return;
}
updateTimeout(guid, res, authorized, "POST", function(err, docs) {
var to_return = error.no_error;
to_return.results = list;
res.status(200).send(JSON.stringify(to_return));
});
}); });
}); } else {
} else { res.status(404).send(JSON.stringify(error.not_found.list));
res.status(404).send(JSON.stringify(error.not_found.list)); }
} });
}); });
}); });
}); });
@@ -747,11 +822,15 @@ try {
}); });
} }
function updateTimeout(guid, res, type, callback) { function updateTimeout(guid, res, authorized, type, callback) {
db.collection("timeout_api").update({type: "DELETE", guid: guid}, { if(authorized) {
callback(null, null);
return;
}
db.collection("timeout_api").update({type: type, guid: guid}, {
$set: { $set: {
"createdAt": new Date(), "createdAt": new Date(),
type: "DELETE", type: type,
guid: guid, guid: guid,
}, },
}, {upsert: true}, function(err, docs) { }, {upsert: true}, function(err, docs) {
@@ -759,7 +838,11 @@ function updateTimeout(guid, res, type, callback) {
}); });
} }
function checkTimeout(guid, res, type, callback) { function checkTimeout(guid, res, authorized, type, callback) {
if(authorized) {
callback();
return;
}
db.collection("timeout_api").find({ db.collection("timeout_api").find({
type: type, type: type,
guid: guid, guid: guid,
@@ -788,7 +871,7 @@ function cleanChannelName(channel_name) {
} }
function validateLogin(adminpass, userpass, channel_name, type, res, callback) { function validateLogin(adminpass, userpass, channel_name, type, res, callback) {
db.collection(channel_name + "_settings").find({views: {$exists: true}}, function(err, conf) { db.collection(channel_name + "_settings").find({ id: "config" }, function(err, conf) {
var exists = false; var exists = false;
if(conf.length > 0 && ((conf[0].userpass == undefined || conf[0].userpass == "" || conf[0].userpass == userpass))) { if(conf.length > 0 && ((conf[0].userpass == undefined || conf[0].userpass == "" || conf[0].userpass == userpass))) {
exists = true; exists = true;
@@ -817,12 +900,12 @@ function validateLogin(adminpass, userpass, channel_name, type, res, callback) {
}); });
} }
function postEnd(channel_name, configs, new_song, guid, res, authenticated) { function postEnd(channel_name, configs, new_song, guid, res, authenticated, authorized) {
if(configs != undefined) { if(configs != undefined) {
io.to(channel_name).emit("conf", configs); io.to(channel_name).emit("conf", configs);
} }
List.getNextSong(channel_name, function() { List.getNextSong(channel_name, function() {
updateTimeout(guid, res, "POST", function(err, docs) { updateTimeout(guid, res, authorized, "POST", function(err, docs) {
var to_return = error.no_error; var to_return = error.no_error;
if(!authenticated) { if(!authenticated) {
to_return = error.not_authenticated; to_return = error.not_authenticated;