KevinMidboe/zoff
1
0
Fork 0
mirror of https://github.com/KevinMidboe/zoff.git synced 2025-10-29 18:00:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Removed some dependencies

Browse Source
This commit is contained in:
Kasper Rynning-Tønnesen
2018-04-06 13:16:10 +02:00
parent d8ecd34960
commit c245ec80ff
14 changed files with 2377 additions and 3448 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
gulpfile.js
View File

@@ -2,76 +2,7 @@ var gulp = require('gulp'),
gutil = require('gulp-util'), gutil = require('gulp-util'),
uglify = require('gulp-uglifyjs'), uglify = require('gulp-uglifyjs'),
concat = require('gulp-concat'); concat = require('gulp-concat');
/*
var critical = require('critical');
gulp.task('critical-frontpage', function (cb) {
critical.generate({
base: './server/public/',
src: './assets/html/frontpage.html',
css: ['./server/public/assets/css/style.css', './server/public/assets/css/materialize.min.css', './server/public/assets/css/jquery-ui.min.css'],
dimensions: [{
width: 320,
height: 480
},{
width: 768,
height: 1024
},{
width: 1280,
height: 960
}],
dest: './assets/css/f.c.min.css',
minify: true,
extract: false,
ignore: ['font-face']
});
});
gulp.task('critical-channel', function (cb) {
critical.generate({
base: './server/public/',
src: './assets/html/embed.html',
css: ['./server/public/assets/css/style.css', './server/public/assets/css/materialize.min.css', './server/public/assets/css/jquery-ui.min.css'],
dimensions: [{
width: 320,
height: 480
},{
width: 768,
height: 1024
},{
width: 1280,
height: 960
}],
dest: './assets/css/c.c.min.css',
minify: true,
extract: false,
ignore: ['font-face']
});
});
gulp.task('critical-embed', function (cb) {
critical.generate({
base: './server/public/',
src: './assets/html/embed.html',
css: ['./server/public/assets/css/embed.css', './server/public/assets/css/materialize.min.css', './server/public/assets/css/jquery-ui.min.css'],
dimensions: [{
width: 320,
height: 480
},{
width: 768,
height: 1024
},{
width: 1280,
height: 960
}],
dest: './assets/css/e.c.min.css',
minify: true,
extract: false,
ignore: ['font-face']
});
});
*/
gulp.task('js', function () { gulp.task('js', function () {
gulp.src(['server/VERSION.js', 'server/config/api_key.js', 'server/public/assets/js/*.js', '!server/public/assets/js/embed*', '!server/public/assets/js/token*', '!server/public/assets/js/remotecontroller.js', '!server/public/assets/js/callback.js']) gulp.src(['server/VERSION.js', 'server/config/api_key.js', 'server/public/assets/js/*.js', '!server/public/assets/js/embed*', '!server/public/assets/js/token*', '!server/public/assets/js/remotecontroller.js', '!server/public/assets/js/callback.js'])
.pipe(uglify({ .pipe(uglify({

5625
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

11
package.json
View File

@@ -27,35 +27,27 @@
}, },
"homepage": "https://github.com/zoff-music/zoff#readme", "homepage": "https://github.com/zoff-music/zoff#readme",
"dependencies": { "dependencies": {
"assert": "^1.4.1",
"bad-words": "^1.6.1", "bad-words": "^1.6.1",
"bcrypt-nodejs": "0.0.3", "bcrypt-nodejs": "0.0.3",
"body-parser": "^1.17.1", "body-parser": "^1.17.1",
"color-thief-jimp": "^2.0.2", "color-thief-jimp": "^2.0.2",
"cookie-parser": "^1.4.3", "cookie-parser": "^1.4.3",
"cookies": "^0.7.1",
"cors": "^2.8.4", "cors": "^2.8.4",
"critical": "^1.1.0",
"emoji-strip": "^0.0.3",
"express": "^4.16.3", "express": "^4.16.3",
"express-handlebars": "^3.0.0", "express-handlebars": "^3.0.0",
"express-recaptcha": "^3.0.1", "express-recaptcha": "^3.0.1",
"express-session": "^1.15.6", "express-session": "^1.15.6",
"express-sessions": "^1.0.6", "express-sessions": "^1.0.6",
"express-subdomain": "^1.0.5",
"gulp": "^3.9.1", "gulp": "^3.9.1",
"gulp-concat": "^2.6.1", "gulp-concat": "^2.6.1",
"gulp-uglifyjs": "^0.6.2", "gulp-uglifyjs": "^0.6.2",
"gulp-util": "^3.0.8", "gulp-util": "^3.0.8",
"helmet": "^3.12.0", "helmet": "^3.12.0",
"http2": "^3.3.7",
"jimp": "^0.2.28", "jimp": "^0.2.28",
"mobile-detect": "^1.4.1",
"mongodb": "^2.2.35", "mongodb": "^2.2.35",
"mongojs": "^2.5.0", "mongojs": "^2.5.0",
"mongoose": "^5.0.10", "mongoose": "^5.0.10",
"mpromise": "^0.5.5", "mpromise": "^0.5.5",
"node-cryptojs-aes": "^0.4.0",
"nodemailer": "^4.6.3", "nodemailer": "^4.6.3",
"passport": "^0.4.0", "passport": "^0.4.0",
"passport-local": "^1.0.0", "passport-local": "^1.0.0",
@@ -64,7 +56,6 @@
"socket.io": "^2.1.0", "socket.io": "^2.1.0",
"socket.io-redis": "^5.2.0", "socket.io-redis": "^5.2.0",
"sticky-session": "^1.1.2", "sticky-session": "^1.1.2",
"uniqid": "^4.1.1", "uniqid": "^4.1.1"
"vhost": "^3.0.2"
} }
} }

1
server/apps/admin.js
View File

@@ -19,7 +19,6 @@ var mongojs = require('mongojs');
var db = mongojs(mongo_db_cred.config); var db = mongojs(mongo_db_cred.config);
var token_db = mongojs("tokens"); var token_db = mongojs("tokens");
var bodyParser = require('body-parser'); var bodyParser = require('body-parser');
var Cookies = require('cookies');
var session = require('express-session'); var session = require('express-session');
var api = require(pathThumbnails + '/routing/admin/api.js'); var api = require(pathThumbnails + '/routing/admin/api.js');

5
server/apps/client.js
View File

@@ -36,7 +36,6 @@ app.set('views', publicPath);
var bodyParser = require('body-parser'); var bodyParser = require('body-parser');
var cookieParser = require("cookie-parser"); var cookieParser = require("cookie-parser");
var cookies = require("cookie");
var helmet = require('helmet') var helmet = require('helmet')
app.use(helmet({ app.use(helmet({
frameguard: false frameguard: false
@@ -72,9 +71,7 @@ Frontpage = require(pathThumbnails + '/handlers/frontpage.js');
Notifications = require(pathThumbnails + '/handlers/notifications.js'); Notifications = require(pathThumbnails + '/handlers/notifications.js');
Search = require(pathThumbnails + '/handlers/search.js'); Search = require(pathThumbnails + '/handlers/search.js');
crypto = require('crypto'); crypto = require('crypto');
node_cryptojs = require('node-cryptojs-aes'); emojiStrip = Functions.removeEmojis;
CryptoJS = node_cryptojs.CryptoJS;
emojiStrip = require('emoji-strip');
Filter = require('bad-words'); Filter = require('bad-words');
filter = new Filter({ placeHolder: 'x'}); filter = new Filter({ placeHolder: 'x'});

8
server/handlers/chat.js
View File

@@ -19,7 +19,7 @@ function get_history(channel, all, socket) {
} }
db.collection(channel + "_settings").find({id: "config"}, function(err, conf) { db.collection(channel + "_settings").find({id: "config"}, function(err, conf) {
if(conf.length > 0) { if(conf.length > 0) {
if(conf[0].userpass == "" || conf[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(socket.zoff_id, pass)).digest('base64')) { if(conf[0].userpass == "" || conf[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(pass)).digest('base64')) {
getAndSendLogs(channel, all, socket, pass, query); getAndSendLogs(channel, all, socket, pass, query);
} }
} }
@@ -72,7 +72,7 @@ function chat(msg, guid, offline, socket) {
msg.pass = userpass; msg.pass = userpass;
} }
db.collection(coll + "_settings").find(function(err, docs){ db.collection(coll + "_settings").find(function(err, docs){
if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (msg.hasOwnProperty('pass') && docs[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(socket.zoff_id, msg.pass)).digest("base64")))) { if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (msg.hasOwnProperty('pass') && docs[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(msg.pass)).digest("base64")))) {
var data = msg.data; var data = msg.data;
Functions.check_inlist(coll, guid, socket, offline); Functions.check_inlist(coll, guid, socket, offline);
if(data !== "" && data !== undefined && data !== null && if(data !== "" && data !== undefined && data !== null &&
@@ -165,13 +165,13 @@ function namechange(data, guid, socket, tried) {
new_password = false; new_password = false;
} else if(data.hasOwnProperty("new_password") && data.hasOwnProperty("old_password")) { } else if(data.hasOwnProperty("new_password") && data.hasOwnProperty("old_password")) {
pw = data.old_password; pw = data.old_password;
new_password = Functions.decrypt_string(socket.zoff_id, data.new_password); new_password = Functions.decrypt_string(data.new_password);
} }
} }
if(name == "") { if(name == "") {
return; return;
} }
var password = Functions.decrypt_string(socket.zoff_id, pw); var password = Functions.decrypt_string(pw);
db.collection("registered_users").find({"_id": name.toLowerCase()}, function(err, docs) { db.collection("registered_users").find({"_id": name.toLowerCase()}, function(err, docs) {
var accepted_password = false; var accepted_password = false;
var icon = false; var icon = false;

33
server/handlers/functions.js
View File

@@ -23,7 +23,7 @@ function getSession(socket) {
try { try {
/*var cookieParser = require("cookie-parser"); /*var cookieParser = require("cookie-parser");
var cookie = require("cookie"); var cookie = require("cookie");
var parsedCookies = cookie.parse(socket.handshake.headers.cookie); var parsedCookies = cookie.parse(socket.handshake.headers.cookie);
return parsedCookies["_uI"];*/ return parsedCookies["_uI"];*/
return socket.cookie_id; return socket.cookie_id;
} catch(e) { } catch(e) {
@@ -110,27 +110,15 @@ function rndName(seed, len) {
return word; return word;
} }
function decrypt_string(socket_id, pw){ function removeEmojis (string) {
//https://stackoverflow.com/a/41164278/4266467
var regex = /(?:[\u2700-\u27bf]|(?:\ud83c[\udde6-\uddff]){2}|[\ud800-\udbff][\udc00-\udfff]|[\u0023-\u0039]\ufe0f?\u20e3|\u3299|\u3297|\u303d|\u3030|\u24c2|\ud83c[\udd70-\udd71]|\ud83c[\udd7e-\udd7f]|\ud83c\udd8e|\ud83c[\udd91-\udd9a]|\ud83c[\udde6-\uddff]|\ud83c[\ude01-\ude02]|\ud83c\ude1a|\ud83c\ude2f|\ud83c[\ude32-\ude3a]|\ud83c[\ude50-\ude51]|\u203c|\u2049|[\u25aa-\u25ab]|\u25b6|\u25c0|[\u25fb-\u25fe]|\u00a9|\u00ae|\u2122|\u2139|\ud83c\udc04|[\u2600-\u26FF]|\u2b05|\u2b06|\u2b07|\u2b1b|\u2b1c|\u2b50|\u2b55|\u231a|\u231b|\u2328|\u23cf|[\u23e9-\u23f3]|[\u23f8-\u23fa]|\ud83c\udccf|\u2934|\u2935|[\u2190-\u21ff])/g;
return string.replace(regex, '');
}
function decrypt_string(pw){
try { try {
/*var input = pw.split("$");
pw = input[0];
var testKey = ((new Buffer(socket_id).toString('base64')) + (new Buffer(socket_id).toString('base64'))).substring(0,32);
var keyNew = (new Buffer(testKey)).toString('base64');
var encrypted = CryptoJS.enc.Base64.parse(pw);
var key = CryptoJS.enc.Base64.parse(keyNew);
var iv = CryptoJS.enc.Base64.parse(input[1]);
var decrypted = CryptoJS.enc.Utf8.stringify(
CryptoJS.AES.decrypt({
ciphertext: encrypted
}, key, {
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7,
iv: iv,
})
);*/
//return atob(pw);
return Buffer.from(pw, 'base64').toString('ascii') return Buffer.from(pw, 'base64').toString('ascii')
//return decrypted;
} catch(e) { } catch(e) {
return ""; return "";
} }
@@ -246,8 +234,8 @@ function getSessionAdminUser(id, list, callback) {
var userpass = ""; var userpass = "";
var adminpass = ""; var adminpass = "";
if(d.length > 0) { if(d.length > 0) {
if(d[0].userpass != undefined) userpass = d[0].userpass; if(d[0].userpass != undefined) userpass = d[0].userpass;
if(d[0].adminpass != undefined) adminpass = d[0].adminpass; if(d[0].adminpass != undefined) adminpass = d[0].adminpass;
} }
callback(userpass, adminpass, true); callback(userpass, adminpass, true);
}) })
@@ -279,6 +267,7 @@ function removeSessionAdminPass(id, channel, callback) {
}); });
} }
module.exports.removeEmojis = removeEmojis;
module.exports.getSessionChatPass = getSessionChatPass; module.exports.getSessionChatPass = getSessionChatPass;
module.exports.setSessionChatPass = setSessionChatPass; module.exports.setSessionChatPass = setSessionChatPass;
module.exports.removeSessionAdminPass = removeSessionAdminPass; module.exports.removeSessionAdminPass = removeSessionAdminPass;

2
server/handlers/io.js
View File

@@ -451,7 +451,7 @@ module.exports = function() {
if(userpass != "" || obj.pass == undefined) { if(userpass != "" || obj.pass == undefined) {
obj.pass = userpass; obj.pass = userpass;
} }
if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (obj.hasOwnProperty('pass') && docs[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(socketid, obj.pass)).digest("base64")))) { if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (obj.hasOwnProperty('pass') && docs[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(obj.pass)).digest("base64")))) {
Functions.check_inlist(coll, guid, socket, offline); Functions.check_inlist(coll, guid, socket, offline);
List.send_play(coll, socket); List.send_play(coll, socket);
} else { } else {

10
server/handlers/list.js
View File

@@ -47,7 +47,7 @@ function list(msg, guid, coll, offline, socket) {
return; return;
} }
coll = msg.channel.toLowerCase().replace(/ /g,''); coll = msg.channel.toLowerCase().replace(/ /g,'');
var pass = crypto.createHash('sha256').update(Functions.decrypt_string(socketid, msg.pass)).digest("base64"); var pass = crypto.createHash('sha256').update(Functions.decrypt_string(msg.pass)).digest("base64");
db.collection('frontpage_lists').find({"_id": coll}, function(err, frontpage_lists){ db.collection('frontpage_lists').find({"_id": coll}, function(err, frontpage_lists){
if(frontpage_lists.length == 1) { if(frontpage_lists.length == 1) {
db.collection(coll + "_settings").find(function(err, docs) { db.collection(coll + "_settings").find(function(err, docs) {
@@ -56,7 +56,7 @@ function list(msg, guid, coll, offline, socket) {
Functions.setSessionUserPass(Functions.getSession(socket), msg.pass, coll, function(){}) Functions.setSessionUserPass(Functions.getSession(socket), msg.pass, coll, function(){})
socket.emit("auth_accepted", {value: true}); socket.emit("auth_accepted", {value: true});
} }
if(docs.length > 0 && docs[0].hasOwnProperty("adminpass") && docs[0].adminpass != "" && docs[0].adminpass == Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(socketid, adminpass), true))) { if(docs.length > 0 && docs[0].hasOwnProperty("adminpass") && docs[0].adminpass != "" && docs[0].adminpass == Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(adminpass), true))) {
socket.emit("pw", true); socket.emit("pw", true);
} }
in_list = true; in_list = true;
@@ -151,7 +151,7 @@ function skip(list, guid, coll, offline, socket) {
} }
db.collection(coll + "_settings").find(function(err, docs){ db.collection(coll + "_settings").find(function(err, docs){
if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (list.hasOwnProperty('userpass') && docs[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(socketid, list.userpass)).digest("base64")))) { if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (list.hasOwnProperty('userpass') && docs[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(list.userpass)).digest("base64")))) {
Functions.check_inlist(coll, guid, socket, offline); Functions.check_inlist(coll, guid, socket, offline);
@@ -168,7 +168,7 @@ function skip(list, guid, coll, offline, socket) {
} }
if(adminpass !== undefined && adminpass !== null && adminpass !== "") if(adminpass !== undefined && adminpass !== null && adminpass !== "")
hash = Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(socketid, adminpass),true)); hash = Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(adminpass),true));
else else
hash = ""; hash = "";
@@ -549,7 +549,7 @@ function end(obj, coll, guid, offline, socket) {
} }
db.collection(coll + "_settings").find(function(err, docs){ db.collection(coll + "_settings").find(function(err, docs){
if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (obj.hasOwnProperty('pass') && docs[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(socketid, obj.pass)).digest("base64")))) { if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (obj.hasOwnProperty('pass') && docs[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(obj.pass)).digest("base64")))) {
Functions.check_inlist(coll, guid, socket, offline); Functions.check_inlist(coll, guid, socket, offline);
db.collection(coll).find({now_playing:true}, function(err, np){ db.collection(coll).find({now_playing:true}, function(err, np){

28
server/handlers/list_change.js
View File

@@ -56,10 +56,10 @@ function addFromOtherList(arr, guid, offline, socket) {
to_set_np = false; to_set_np = false;
} }
db.collection(new_channel + "_settings").find({id: "config"}, function(e, new_conf) { db.collection(new_channel + "_settings").find({id: "config"}, function(e, new_conf) {
if(new_conf.length > 0 && (new_conf[0].userpass == "" || !new_conf[0].userpass || new_conf[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(socketid, otheruser)).digest("base64"))) { if(new_conf.length > 0 && (new_conf[0].userpass == "" || !new_conf[0].userpass || new_conf[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(otheruser)).digest("base64"))) {
db.collection(channel + "_settings").find({id: "config"}, function(e, this_conf) { db.collection(channel + "_settings").find({id: "config"}, function(e, this_conf) {
var hash = Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(socketid, arr.adminpass), true)); var hash = Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(arr.adminpass), true));
if((this_conf[0].userpass == "" || !this_conf[0].userpass || this_conf[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(socketid, arr.userpass)).digest("base64"))) { if((this_conf[0].userpass == "" || !this_conf[0].userpass || this_conf[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(arr.userpass)).digest("base64"))) {
if(((this_conf[0].addsongs === true && (hash == this_conf[0].adminpass || this_conf[0].adminpass === "")) || if(((this_conf[0].addsongs === true && (hash == this_conf[0].adminpass || this_conf[0].adminpass === "")) ||
this_conf[0].addsongs === false)) { this_conf[0].addsongs === false)) {
db.collection(new_channel).aggregate([ db.collection(new_channel).aggregate([
@@ -169,8 +169,8 @@ function addPlaylist(arr, guid, offline, socket) {
return; return;
} }
if(conf.length > 0) { if(conf.length > 0) {
var hash = Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(socketid, arr.adminpass), true)); var hash = Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(arr.adminpass), true));
if((conf[0].userpass == "" || !conf[0].userpass || conf[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(socketid, arr.userpass)).digest("base64"))) { if((conf[0].userpass == "" || !conf[0].userpass || conf[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(arr.userpass)).digest("base64"))) {
if(((conf[0].addsongs === true && (hash == conf[0].adminpass || conf[0].adminpass === "")) || if(((conf[0].addsongs === true && (hash == conf[0].adminpass || conf[0].adminpass === "")) ||
conf[0].addsongs === false)) { conf[0].addsongs === false)) {
var path = require('path'); var path = require('path');
@@ -342,13 +342,13 @@ function add_function(arr, coll, guid, offline, socket) {
} }
db.collection(coll + "_settings").find(function(err, docs){ db.collection(coll + "_settings").find(function(err, docs){
if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (arr.hasOwnProperty('pass') && docs[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(socketid, arr.pass)).digest("base64")))) { if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (arr.hasOwnProperty('pass') && docs[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(arr.pass)).digest("base64")))) {
Functions.check_inlist(coll, guid, socket, offline); Functions.check_inlist(coll, guid, socket, offline);
var id = arr.id; var id = arr.id;
var title = arr.title; var title = arr.title;
var hash = Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(socketid, arr.adminpass), true)); var hash = Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(arr.adminpass), true));
var duration = parseInt(arr.duration); var duration = parseInt(arr.duration);
/*db.collection(coll + "_settings").find(function(err, docs) /*db.collection(coll + "_settings").find(function(err, docs)
{*/ {*/
@@ -478,7 +478,7 @@ function voteUndecided(msg, coll, guid, offline, socket) {
} }
db.collection(coll + "_settings").find({id: "config"}, function(err, docs){ db.collection(coll + "_settings").find({id: "config"}, function(err, docs){
if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (msg.hasOwnProperty('pass') && docs[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(socketid, msg.pass)).digest("base64")))) { if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (msg.hasOwnProperty('pass') && docs[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(msg.pass)).digest("base64")))) {
Functions.check_inlist(coll, guid, socket, offline); Functions.check_inlist(coll, guid, socket, offline);
@@ -486,7 +486,7 @@ function voteUndecided(msg, coll, guid, offline, socket) {
ListChange.del(msg, socket, socketid); ListChange.del(msg, socket, socketid);
} else { } else {
var id = msg.id; var id = msg.id;
var hash = Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(socketid, msg.adminpass), true)); var hash = Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(msg.adminpass), true));
if(docs !== null && docs.length !== 0 && ((docs[0].vote === true && (hash == docs[0].adminpass || docs[0].adminpass === "")) || if(docs !== null && docs.length !== 0 && ((docs[0].vote === true && (hash == docs[0].adminpass || docs[0].adminpass === "")) ||
docs[0].vote === false)) { docs[0].vote === false)) {
ListChange.vote(coll, id, guid, socket); ListChange.vote(coll, id, guid, socket);
@@ -566,9 +566,9 @@ function shuffle(msg, coll, guid, offline, socket) {
Functions.check_inlist(coll, guid, socket, offline); Functions.check_inlist(coll, guid, socket, offline);
var hash; var hash;
if(msg.adminpass === "") hash = msg.adminpass; if(msg.adminpass === "") hash = msg.adminpass;
else hash = Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(socketid, msg.adminpass),true)); else hash = Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(msg.adminpass),true));
db.collection(coll + "_settings").find(function(err, docs){ db.collection(coll + "_settings").find(function(err, docs){
if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (msg.hasOwnProperty('pass') && docs[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(socketid, msg.pass)).digest("base64")))) { if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (msg.hasOwnProperty('pass') && docs[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(msg.pass)).digest("base64")))) {
if(docs !== null && docs.length !== 0 && ((docs[0].adminpass == hash || docs[0].adminpass === "") || docs[0].shuffle === false)) if(docs !== null && docs.length !== 0 && ((docs[0].adminpass == hash || docs[0].adminpass === "") || docs[0].shuffle === false))
{ {
db.collection(coll).find({now_playing:false}).forEach(function(err, docs){ db.collection(coll).find({now_playing:false}).forEach(function(err, docs){
@@ -608,7 +608,7 @@ function del(params, socket, socketid) {
coll = filter.clean(coll); coll = filter.clean(coll);
db.collection(coll + "_settings").find(function(err, docs){ db.collection(coll + "_settings").find(function(err, docs){
if(docs !== null && docs.length !== 0 && docs[0].adminpass == Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(socketid, params.adminpass),true))) if(docs !== null && docs.length !== 0 && docs[0].adminpass == Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(params.adminpass),true)))
{ {
db.collection(coll).find({id:params.id}, function(err, docs){ db.collection(coll).find({id:params.id}, function(err, docs){
var dont_increment = false; var dont_increment = false;
@@ -658,8 +658,8 @@ function delete_all(msg, coll, guid, offline, socket) {
if(userpass != "" || msg.pass == undefined) { if(userpass != "" || msg.pass == undefined) {
msg.pass = userpass; msg.pass = userpass;
} }
var hash = Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(socketid, msg.adminpass),true)); var hash = Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(msg.adminpass),true));
var hash_userpass = crypto.createHash('sha256').update(Functions.decrypt_string(socketid, msg.pass)).digest("base64"); var hash_userpass = crypto.createHash('sha256').update(Functions.decrypt_string(msg.pass)).digest("base64");
db.collection(coll + "_settings").find(function(err, conf) { db.collection(coll + "_settings").find(function(err, conf) {
if(conf.length == 1 && conf) { if(conf.length == 1 && conf) {
conf = conf[0]; conf = conf[0];

8
server/handlers/list_settings.js
View File

@@ -31,7 +31,7 @@ function password(inp, coll, guid, offline, socket) {
} }
coll = coll.replace(/ /g,''); coll = coll.replace(/ /g,'');
uncrypted = pw; uncrypted = pw;
pw = Functions.hash_pass(Functions.decrypt_string(socket.zoff_id, pw), true); pw = Functions.hash_pass(Functions.decrypt_string(pw), true);
Functions.check_inlist(coll, guid, socket, offline); Functions.check_inlist(coll, guid, socket, offline);
Functions.getSessionAdminUser(sessionId, coll, function(userpass, adminpass) { Functions.getSessionAdminUser(sessionId, coll, function(userpass, adminpass) {
@@ -50,7 +50,7 @@ function password(inp, coll, guid, offline, socket) {
socket.emit("pw", true); socket.emit("pw", true);
}); });
}); });
} else if(docs[0].adminpass === "" || docs[0].adminpass == Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(socket.zoff_id, adminpass), true))) { } else if(docs[0].adminpass === "" || docs[0].adminpass == Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(adminpass), true))) {
Functions.setSessionAdminPass(sessionId, inp.password, coll, function() { Functions.setSessionAdminPass(sessionId, inp.password, coll, function() {
db.collection(coll + "_settings").update({ id: "config" }, {$set:{adminpass:Functions.hash_pass(pw)}}, function(err, docs){ db.collection(coll + "_settings").update({ id: "config" }, {$set:{adminpass:Functions.hash_pass(pw)}}, function(err, docs){
if(adminpass != pw) { if(adminpass != pw) {
@@ -169,7 +169,7 @@ function conf_function(params, coll, guid, offline, socket) {
var adminpass = params.adminpass; var adminpass = params.adminpass;
var skipping = params.skipping; var skipping = params.skipping;
var shuffling = params.shuffling; var shuffling = params.shuffling;
var userpass = Functions.decrypt_string(socket.zoff_id, params.userpass); var userpass = Functions.decrypt_string(params.userpass);
if((!params.userpass_changed && frontpage) || (params.userpass_changed && userpass == "")) { if((!params.userpass_changed && frontpage) || (params.userpass_changed && userpass == "")) {
@@ -181,7 +181,7 @@ function conf_function(params, coll, guid, offline, socket) {
var hash; var hash;
if(params.description) description = params.description; if(params.description) description = params.description;
if(adminpass !== "") { if(adminpass !== "") {
hash = Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(socket.zoff_id, adminpass), true)); hash = Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(adminpass), true));
} else { } else {
hash = adminpass; hash = adminpass;
} }

8
server/handlers/suggestions.js
View File

@@ -35,9 +35,9 @@ function thumbnail(msg, coll, guid, offline, socket) {
msg.thumbnail = msg.thumbnail.replace(/^https?\:\/\//i, ""); msg.thumbnail = msg.thumbnail.replace(/^https?\:\/\//i, "");
if(msg.thumbnail.substring(0,2) != "//") msg.thumbnail = "//" + msg.thumbnail; if(msg.thumbnail.substring(0,2) != "//") msg.thumbnail = "//" + msg.thumbnail;
var channel = msg.channel.toLowerCase(); var channel = msg.channel.toLowerCase();
var hash = Functions.hash_pass(Functions.decrypt_string(socket.zoff_id, msg.adminpass)); var hash = Functions.hash_pass(Functions.decrypt_string(msg.adminpass));
db.collection(channel + "_settings").find({id: "config"}, function(err, docs){ db.collection(channel + "_settings").find({id: "config"}, function(err, docs){
if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (msg.hasOwnProperty('pass') && docs[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(socketid, msg.pass)).digest("base64")))) { if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (msg.hasOwnProperty('pass') && docs[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(msg.pass)).digest("base64")))) {
if(docs !== null && docs.length !== 0 && docs[0].adminpass !== "" && docs[0].adminpass == hash){ if(docs !== null && docs.length !== 0 && docs[0].adminpass !== "" && docs[0].adminpass == hash){
db.collection("suggested_thumbnails").update({channel: channel}, {$set:{thumbnail: msg.thumbnail}}, {upsert:true}, function(err, docs){ db.collection("suggested_thumbnails").update({channel: channel}, {$set:{thumbnail: msg.thumbnail}}, {upsert:true}, function(err, docs){
Notifications.requested_change("thumbnail", msg.thumbnail, channel); Notifications.requested_change("thumbnail", msg.thumbnail, channel);
@@ -87,9 +87,9 @@ function description(msg, coll, guid, offline, socket) {
msg.adminpass = adminpass; msg.adminpass = adminpass;
} }
var channel = msg.channel.toLowerCase(); var channel = msg.channel.toLowerCase();
var hash = Functions.hash_pass(Functions.decrypt_string(socket.zoff_id, msg.adminpass)); var hash = Functions.hash_pass(Functions.decrypt_string(msg.adminpass));
db.collection(channel + "_settings").find({id: "config"}, function(err, docs){ db.collection(channel + "_settings").find({id: "config"}, function(err, docs){
if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (msg.hasOwnProperty('pass') && docs[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(socketid, msg.pass)).digest("base64")))) { if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (msg.hasOwnProperty('pass') && docs[0].userpass == crypto.createHash('sha256').update(Functions.decrypt_string(msg.pass)).digest("base64")))) {
if(docs !== null && docs.length !== 0 && docs[0].adminpass !== "" && docs[0].adminpass == hash){ if(docs !== null && docs.length !== 0 && docs[0].adminpass !== "" && docs[0].adminpass == hash){
db.collection("suggested_descriptions").update({channel: channel}, {$set:{description: msg.description}}, {upsert:true}, function(err, docs){ db.collection("suggested_descriptions").update({channel: channel}, {$set:{description: msg.description}}, {upsert:true}, function(err, docs){
Notifications.requested_change("description", msg.description, channel); Notifications.requested_change("description", msg.description, channel);

1
server/routing/client/api.js
View File

@@ -5,7 +5,6 @@ var mongojs = require('mongojs');
var ObjectId = mongojs.ObjectId; var ObjectId = mongojs.ObjectId;
var token_db = mongojs("tokens"); var token_db = mongojs("tokens");
var cookieParser = require("cookie-parser"); var cookieParser = require("cookie-parser");
var cookies = require("cookie");
var toShowChannel = { var toShowChannel = {
start: 1, start: 1,

16
server/routing/client/router.js
View File

@@ -62,8 +62,6 @@ router.route('/api/apply/:id').get(function(req,res) {
correct: true, correct: true,
stylesheet: "style.css", stylesheet: "style.css",
embed: false, embed: false,
critical: "f",
critical_enabled: true
} }
res.render('layouts/client/token', data); res.render('layouts/client/token', data);
}); });
@@ -79,8 +77,6 @@ router.route('/api/apply/:id').get(function(req,res) {
correct: false, correct: false,
stylesheet: "style.css", stylesheet: "style.css",
embed: false, embed: false,
critical: "f",
critical_enabled: true
} }
res.render('layouts/client/token', data); res.render('layouts/client/token', data);
} }
@@ -99,8 +95,6 @@ router.route('/api/apply').get(function(req, res, next) {
correct: false, correct: false,
stylesheet: "style.css", stylesheet: "style.css",
embed: false, embed: false,
critical: "f",
critical_enabled: true
} }
res.render('layouts/client/token', data); res.render('layouts/client/token', data);
}); });
@@ -122,8 +116,6 @@ function root(req, res, next) {
stylesheet: "style.css", stylesheet: "style.css",
embed: false, embed: false,
client: false, client: false,
critical: "f",
critical_enabled: true
} }
res.render('layouts/client/remote', data); res.render('layouts/client/remote', data);
} else if(subdomain[0] == "www") { } else if(subdomain[0] == "www") {
@@ -137,8 +129,6 @@ function root(req, res, next) {
stylesheet: "style.css", stylesheet: "style.css",
embed: false, embed: false,
client: false, client: false,
critical: "f",
critical_enabled: true
} }
if(subdomain[0] == "client") { if(subdomain[0] == "client") {
data.client = true; data.client = true;
@@ -168,8 +158,6 @@ function channel(req, res, next) {
stylesheet: "style.css", stylesheet: "style.css",
embed: false, embed: false,
client: false, client: false,
critical: "f",
critical_enabled: true
} }
res.render('layouts/client/remote', data); res.render('layouts/client/remote', data);
} else if(subdomain.length >= 2 && subdomain[0] == "www") { } else if(subdomain.length >= 2 && subdomain[0] == "www") {
@@ -184,8 +172,6 @@ function channel(req, res, next) {
analytics: analytics, analytics: analytics,
stylesheet: "embed.css", stylesheet: "embed.css",
embed: true, embed: true,
critical: "e",
critical_enabled: false
} }
res.render('layouts/client/embed', data); res.render('layouts/client/embed', data);
} else if(req.params.channel_name == "o_callback") { } else if(req.params.channel_name == "o_callback") {
@@ -201,8 +187,6 @@ function channel(req, res, next) {
stylesheet: "style.css", stylesheet: "style.css",
embed: false, embed: false,
client:false, client:false,
critical: "c",
critical_enabled: false
} }
if(subdomain == "client") { if(subdomain == "client") {
data.client = true; data.client = true;