KevinMidboe/zoff
1
0
Fork 0
mirror of https://github.com/KevinMidboe/zoff.git synced 2025-10-29 18:00:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into feature/kick-ban-in-chat

Browse Source
This commit is contained in:
Kasper Rynning-Tønnesen
2018-09-27 12:29:26 +02:00
parent e1781c4f11 c0864b3311
commit c0d36b368c
9 changed files with 181 additions and 113 deletions
Download Patch File Download Diff File Expand all files Collapse all files

113
server/handlers/chat.js
View File

@@ -3,9 +3,9 @@ var crypto = require('crypto');
var Filter = require('bad-words');
var filter = new Filter({ placeHolder: 'x'});
/*var filter = {
clean: function(str) {
return str;
}
clean: function(str) {
return str;
}
}*/
var db = require(pathThumbnails + '/handlers/db.js');
@@ -26,11 +26,13 @@ function get_history(channel, all, socket) {
if(!query.all) {
Functions.getSessionAdminUser(Functions.getSession(socket), channel, function(userpass) {
if(userpass != "" || pass == undefined) {
pass = userpass;
pass = userpass
} else {
pass = crypto.createHash('sha256').update(Functions.decrypt_string(pass)).digest('base64')
}
db.collection(channel + "_settings").find({id: "config"}, function(err, conf) {
if(conf.length > 0) {
if(conf[0].userpass == "" || conf[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(pass)).digest('base64')) {
if(conf[0].userpass == "" || conf[0].userpass == pass) {
getAndSendLogs(channel, all, socket, pass, query);
}
}
@@ -56,47 +58,52 @@ function getAndSendLogs(channel, all, socket, pass, query) {
});
}
function checkIfUserIsBanned(channel, socket, callback) {
function checkIfUserIsBanned(channel, socket, guid, callback) {
var connection_id = Functions.hash_pass(socket.handshake.headers["user-agent"] + socket.handshake.address + socket.handshake.headers["accept-language"]);
db.collection(channel + "_banned_chat").find({connection_id: connection_id}, function(err, docs) {
if(docs.length == 0) callback();
else {
socket.emit('chat', {from: "System", msg: ": You can't chat in this channel, you are banned. The reason is: " + docs[0].reason, icon: "https://zoff.me/assets/images/favicon-32x32.png"});
return;
db.collection("user_names").update({guid, guid}, {$addToSet:{channels: channel}}, function(){
socket.emit('chat', {from: "System", msg: ": You can't chat in this channel, you are banned. The reason is: " + docs[0].reason, icon: "https://zoff.me/assets/images/favicon-32x32.png"});
return;
});
}
})
}
function chat(msg, guid, offline, socket) {
if(typeof(msg) !== 'object' || !msg.hasOwnProperty('data') ||
!msg.hasOwnProperty('channel') || typeof(msg.data) != "string" || typeof(msg.channel) != "string") {
var result = {
data: {
expected: "string",
got: msg.hasOwnProperty("data") ? typeof(msg.data) : undefined,
},
channel: {
expected: "string",
got: msg.hasOwnProperty("channel") ? typeof(msg.channel) : undefined
},
pass: {
expected: "string",
got: msg.hasOwnProperty("pass") ? typeof(msg.pass) : undefined
}
};
!msg.hasOwnProperty('channel') || typeof(msg.data) != "string" || typeof(msg.channel) != "string") {
var result = {
data: {
expected: "string",
got: msg.hasOwnProperty("data") ? typeof(msg.data) : undefined,
},
channel: {
expected: "string",
got: msg.hasOwnProperty("channel") ? typeof(msg.channel) : undefined
},
pass: {
expected: "string",
got: msg.hasOwnProperty("pass") ? typeof(msg.pass) : undefined
}
};
socket.emit('update_required', result);
return;
}
var coll = msg.channel.toLowerCase();//.replace(/ /g,'');
coll = Functions.removeEmojis(coll).toLowerCase();
//coll = filter.clean(coll);
checkIfUserIsBanned(coll, socket, function() {
checkIfUserIsBanned(coll, socket, guid, function() {
Functions.getSessionAdminUser(Functions.getSession(socket), coll, function(userpass, adminpass) {
if(userpass != "" || msg.pass == undefined) {
msg.pass = userpass;
} else {
msg.pass = crypto.createHash('sha256').update(Functions.decrypt_string(msg.pass)).digest("base64");
}
db.collection(coll + "_settings").find(function(err, conf){
if(conf.length > 0 && (conf[0].userpass == undefined || conf[0].userpass == "" || (msg.hasOwnProperty('pass') && conf[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(msg.pass)).digest("base64")))) {
if(conf.length > 0 && (conf[0].userpass == undefined || conf[0].userpass == "" || (msg.hasOwnProperty('pass') && conf[0].userpass == msg.pass))) {
var data = msg.data;
Functions.check_inlist(coll, guid, socket, offline, function() {
@@ -113,7 +120,7 @@ function chat(msg, guid, offline, socket) {
var splitData = data.split(" ");
if((data.startsWith("/ban") && splitData.length >= 3) || (data.startsWith("/unban") && splitData.length >= 2)) {
if(splitData[1].length > 0) {
var passToCompare = Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(adminpass), true))
var passToCompare = Functions.hash_pass(adminpass);
if(passToCompare == conf[0].adminpass) {
db.collection("user_names").find({name: splitData[1]}, function(err, name) {
if(name.length == 1) {
@@ -192,18 +199,18 @@ function chat(msg, guid, offline, socket) {
function all_chat(msg, guid, offline, socket) {
if(typeof(msg) !== 'object' || !msg.hasOwnProperty("channel") ||
!msg.hasOwnProperty("data") || typeof(msg.data) != "string" ||
typeof(msg.channel) != "string") {
var result = {
data: {
expected: "string",
got: msg.hasOwnProperty("data") ? typeof(msg.data) : undefined,
},
channel: {
expected: "string",
got: msg.hasOwnProperty("channel") ? typeof(msg.channel) : undefined
}
};
!msg.hasOwnProperty("data") || typeof(msg.data) != "string" ||
typeof(msg.channel) != "string") {
var result = {
data: {
expected: "string",
got: msg.hasOwnProperty("data") ? typeof(msg.data) : undefined,
},
channel: {
expected: "string",
got: msg.hasOwnProperty("channel") ? typeof(msg.channel) : undefined
}
};
socket.emit('update_required', result);
return;
}
@@ -234,12 +241,13 @@ function all_chat(msg, guid, offline, socket) {
function namechange(data, guid, socket, tried, callback) {
/*if(!data.hasOwnProperty("channel") ||
typeof(data.channel) != "string") return;*/
checkIfUserIsBanned(data.channel, socket, function() {
typeof(data.channel) != "string") return;*/
checkIfUserIsBanned(data.channel, socket, guid, function() {
var pw = "";
var new_password;
var first = false;
Functions.getSessionChatPass(Functions.getSession(socket), function(name, pass) {
var fetched = false;
if(data.hasOwnProperty("first") && data.first) {
pw = pass;
name = name;
@@ -250,6 +258,8 @@ function namechange(data, guid, socket, tried, callback) {
if(typeof(callback) == "function") callback();
return;
}
fetched = true;
password = pw;
} else {
var name = data.name;
if(data.hasOwnProperty("first")) {
@@ -262,13 +272,17 @@ function namechange(data, guid, socket, tried, callback) {
pw = data.old_password;
new_password = Functions.decrypt_string(data.new_password);
}
password = Functions.decrypt_string(pw);
password = Functions.hash_pass(password);
doubled = true;
}
if(name == "") {
if(typeof(callback) == "function") callback();
return;
}
var password = Functions.decrypt_string(pw);
db.collection("registered_users").find({"_id": name.toLowerCase()}, function(err, docs) {
var accepted_password = false;
var icon = false;
@@ -279,36 +293,37 @@ function namechange(data, guid, socket, tried, callback) {
}
accepted_password = true;
Functions.setSessionChatPass(Functions.getSession(socket), name.toLowerCase(), data.password, function() {
db.collection("registered_users").update({"_id": name.toLowerCase()}, {$set: {password: Functions.hash_pass(password)}}, {upsert: true}, function() {
db.collection("registered_users").update({"_id": name.toLowerCase()}, {$set: {password: password}}, {upsert: true}, function() {
});
});
} else if(docs[0].password == Functions.hash_pass(password)) {
} else if(docs[0].password == password) {
if(docs[0].icon) {
icon = docs[0].icon;
}
accepted_password = true;
if(new_password) {
Functions.setSessionChatPass(Functions.getSession(socket), name.toLowerCase(), data.new_password, function() {
db.collection("registered_users").update({"_id": name.toLowerCase(), password: Functions.hash_pass(password)}, {$set: {password: Functions.hash_pass(new_password)}}, function() {
db.collection("registered_users").update({"_id": name.toLowerCase(), password: password}, {$set: {password: Functions.hash_pass(new_password)}}, function() {
});
});
} else {
Functions.setSessionChatPass(Functions.getSession(socket), name.toLowerCase(), data.password, function() {
Functions.setSessionChatPass(Functions.getSession(socket), name.toLowerCase(), fetched ? data.password : Functions.hash_pass(Functions.decrypt_string(data.password)), function() {
});
}
}
if(accepted_password) {
db.collection("user_names").find({"guid": guid}, function(err, names) {
if(names.length > 0 || (docs.length != 0 && docs[0].password == Functions.hash_pass(password))) {
if(names.length > 0 || (docs.length != 0 && docs[0].password == password)) {
var no_name = false;
if(names.length == 0) no_name = true;
if(!no_name) {
var old_name = names[0].name;
db.collection("user_names").update({"_id": "all_names"}, {$pull: {names: old_name}}, function() {});
}
var connection_id = Functions.hash_pass(socket.handshake.headers["user-agent"] + socket.handshake.address + socket.handshake.headers["accept-language"]);
var updateElement = {$set: {name: name, icon: icon, connection_id: connection_id}};
var updateElement = {$set: {name: name, icon: icon}};
if(data.hasOwnProperty("channel") && data.channel != "") {
updateElement["$addToSet"] = {channels: data.channel};
}
@@ -325,7 +340,7 @@ function namechange(data, guid, socket, tried, callback) {
});
});
} else {
if(tried < 3 || tried == undefined) {
if(tried < 3 || tried == undefined) {
if(tried == undefined) {
tried = 1;
}