Commit 92e31ed9 authored by nanahira's avatar nanahira

update auth

parent f7408480
......@@ -26,6 +26,7 @@ or as follows, to use a specific set of permissions.
###
fs = require 'fs'
loadJSON = require('load-json-file').sync
loadJSONPromise = require('load-json-file')
moment = require 'moment'
moment.updateLocale('zh-cn', {
relativeTime: {
......@@ -57,16 +58,19 @@ add_log = (message) ->
text = mt.format('YYYY-MM-DD HH:mm:ss') + " --> " + message + "\n"
res = false
try
fs.appendFileSync("./logs/"+mt.format('YYYY-MM-DD')+".log", text)
await util.promisfy(fs.appendFile)("./logs/"+mt.format('YYYY-MM-DD')+".log", text)
res = true
catch
res = false
return
return res
default_data = loadJSON('./data/default_data.json')
setting_save = (settings) ->
fs.writeFileSync(settings.file, JSON.stringify(settings, null, 2))
try
await util.promisfy(fs.writeFile)(settings.file, JSON.stringify(settings, null, 2))
catch e
add_log("save fail");
return
default_data = loadJSON('./data/default_data.json')
......@@ -78,16 +82,15 @@ catch
setting_save(users)
save = () ->
setting_save(users)
return
return await setting_save(users)
reload = () ->
user_backup = users
try
users = loadJSON('./config/admin_user.json')
users = await loadJSONPromise('./config/admin_user.json')
catch
users = user_backup
add_log("Invalid user data JSON")
await add_log("Invalid user data JSON")
return
check_permission = (user, permission_required) ->
......@@ -96,31 +99,31 @@ check_permission = (user, permission_required) ->
if typeof(permission) != 'object'
permission = users.permission_examples[_permission]
if !permission
add_log("Permision not set:"+_permission)
await add_log("Permision not set:"+_permission)
return false
return permission[permission_required]
@auth = (name, pass, permission_required, action = 'unknown', no_log) ->
reload()
await reload()
user = users.users[name]
if !user
add_log("Unknown user login. User: "+ name+", Permission needed: "+ permission_required+", Action: " +action)
await add_log("Unknown user login. User: "+ name+", Permission needed: "+ permission_required+", Action: " +action)
return false
if user.password != pass
add_log("Unauthorized user login. User: "+ name+", Permission needed: "+ permission_required+", Action: " +action)
await add_log("Unauthorized user login. User: "+ name+", Permission needed: "+ permission_required+", Action: " +action)
return false
if !user.enabled
add_log("Disabled user login. User: "+ name+", Permission needed: "+ permission_required+", Action: " +action)
await add_log("Disabled user login. User: "+ name+", Permission needed: "+ permission_required+", Action: " +action)
return false
if !check_permission(user, permission_required)
add_log("Permission denied. User: "+ name+", Permission needed: "+ permission_required+", Action: " +action)
if !await check_permission(user, permission_required)
await add_log("Permission denied. User: "+ name+", Permission needed: "+ permission_required+", Action: " +action)
return false
if !no_log
add_log("Operation success. User: "+ name+", Permission needed: "+ permission_required+", Action: " +action)
await add_log("Operation success. User: "+ name+", Permission needed: "+ permission_required+", Action: " +action)
return true
@add_user = (name, pass, enabled, permissions) ->
reload()
await reload()
if users.users[name]
return false
users.users[name] = {
......@@ -128,21 +131,21 @@ check_permission = (user, permission_required) ->
"enabled": enabled,
"permissions": permissions
}
save()
await save()
return true
@delete_user = (name) ->
reload()
await reload()
if !users.users[name]
return false
delete users.users[name]
save()
return true
await save()
return
@update_user = (name, key, value) ->
reload()
await reload()
if !users.users[name]
return false
users.users[name][key] = value
save()
return true
await save()
return
......@@ -26,12 +26,14 @@
}
},
*/
var add_log, bunyan, check_permission, default_data, fs, loadJSON, log, moment, reload, save, setting_save, users;
var add_log, bunyan, check_permission, default_data, fs, loadJSON, loadJSONPromise, log, moment, reload, save, setting_save, users;
fs = require('fs');
loadJSON = require('load-json-file').sync;
loadJSONPromise = require('load-json-file');
moment = require('moment');
moment.updateLocale('zh-cn', {
......@@ -62,24 +64,31 @@
fs.mkdirSync('./logs');
}
add_log = function(message) {
add_log = async function(message) {
var mt, res, text;
mt = moment();
log.info(message);
text = mt.format('YYYY-MM-DD HH:mm:ss') + " --> " + message + "\n";
res = false;
try {
fs.appendFileSync("./logs/" + mt.format('YYYY-MM-DD') + ".log", text);
await util.promisfy(fs.appendFile)("./logs/" + mt.format('YYYY-MM-DD') + ".log", text);
res = true;
} catch (error) {
res = false;
}
return res;
};
default_data = loadJSON('./data/default_data.json');
setting_save = function(settings) {
fs.writeFileSync(settings.file, JSON.stringify(settings, null, 2));
setting_save = async function(settings) {
var e;
try {
await util.promisfy(fs.writeFile)(settings.file, JSON.stringify(settings, null, 2));
} catch (error) {
e = error;
add_log("save fail");
}
};
default_data = loadJSON('./data/default_data.json');
......@@ -91,22 +100,22 @@
setting_save(users);
}
save = function() {
setting_save(users);
save = async function() {
return (await setting_save(users));
};
reload = function() {
reload = async function() {
var user_backup;
user_backup = users;
try {
users = loadJSON('./config/admin_user.json');
users = (await loadJSONPromise('./config/admin_user.json'));
} catch (error) {
users = user_backup;
add_log("Invalid user data JSON");
await add_log("Invalid user data JSON");
}
};
check_permission = function(user, permission_required) {
check_permission = async function(user, permission_required) {
var _permission, permission;
_permission = user.permissions;
permission = _permission;
......@@ -114,40 +123,40 @@
permission = users.permission_examples[_permission];
}
if (!permission) {
add_log("Permision not set:" + _permission);
await add_log("Permision not set:" + _permission);
return false;
}
return permission[permission_required];
};
this.auth = function(name, pass, permission_required, action = 'unknown', no_log) {
this.auth = async function(name, pass, permission_required, action = 'unknown', no_log) {
var user;
reload();
await reload();
user = users.users[name];
if (!user) {
add_log("Unknown user login. User: " + name + ", Permission needed: " + permission_required + ", Action: " + action);
await add_log("Unknown user login. User: " + name + ", Permission needed: " + permission_required + ", Action: " + action);
return false;
}
if (user.password !== pass) {
add_log("Unauthorized user login. User: " + name + ", Permission needed: " + permission_required + ", Action: " + action);
await add_log("Unauthorized user login. User: " + name + ", Permission needed: " + permission_required + ", Action: " + action);
return false;
}
if (!user.enabled) {
add_log("Disabled user login. User: " + name + ", Permission needed: " + permission_required + ", Action: " + action);
await add_log("Disabled user login. User: " + name + ", Permission needed: " + permission_required + ", Action: " + action);
return false;
}
if (!check_permission(user, permission_required)) {
add_log("Permission denied. User: " + name + ", Permission needed: " + permission_required + ", Action: " + action);
if (!(await check_permission(user, permission_required))) {
await add_log("Permission denied. User: " + name + ", Permission needed: " + permission_required + ", Action: " + action);
return false;
}
if (!no_log) {
add_log("Operation success. User: " + name + ", Permission needed: " + permission_required + ", Action: " + action);
await add_log("Operation success. User: " + name + ", Permission needed: " + permission_required + ", Action: " + action);
}
return true;
};
this.add_user = function(name, pass, enabled, permissions) {
reload();
this.add_user = async function(name, pass, enabled, permissions) {
await reload();
if (users.users[name]) {
return false;
}
......@@ -156,28 +165,26 @@
"enabled": enabled,
"permissions": permissions
};
save();
await save();
return true;
};
this.delete_user = function(name) {
reload();
this.delete_user = async function(name) {
await reload();
if (!users.users[name]) {
return false;
}
delete users.users[name];
save();
return true;
await save();
};
this.update_user = function(name, key, value) {
reload();
this.update_user = async function(name, key, value) {
await reload();
if (!users.users[name]) {
return false;
}
users.users[name][key] = value;
save();
return true;
await save();
};
}).call(this);
......@@ -480,7 +480,7 @@ var packDatas = function (callback) {
function requestListener(req, res) {
var u = url.parse(req.url, true);
if (!auth.auth(u.query.username, u.query.password, "pre_dashboard", "pre_dashboard")) {
if (!await auth.auth(u.query.username, u.query.password, "pre_dashboard", "pre_dashboard")) {
res.writeHead(403);
res.end("Auth Failed.");
return;
......@@ -505,7 +505,7 @@ function requestListener(req, res) {
else if (u.pathname === '/api/load_db') {
res.writeHead(200);
res.end(u.query.callback+'({"message":"开始加载数据库。"});');
loadAllDbs(() => { });
await util.promisify(loadAllDbs)();
}
else if (u.pathname === '/api/fetch_datas') {
res.writeHead(200);
......@@ -514,23 +514,23 @@ function requestListener(req, res) {
}
else if (u.pathname === '/api/push_datas') {
res.writeHead(200);
res.end(u.query.callback+'({"message":"开始上传数据。"});');
pushDatas(() => { });
res.end(u.query.callback + '({"message":"开始上传数据。"});');
await util.promisify(pushDatas)();
}
else if (u.pathname === '/api/write_to_file') {
res.writeHead(200);
res.end(u.query.callback+'({"message":"开始写列表页。"});');
writeToFile(u.query.message, () => { });
await util.promisify(writeToFile)(u.query.message);
}
else if (u.pathname === '/api/copy_to_ygopro') {
res.writeHead(200);
res.end(u.query.callback+'({"message":"开始更新到服务器。"});');
copyToYGOPRO(() => { });
await util.promisify(copyToYGOPRO)();
}
else if (u.pathname === '/api/pack_data') {
res.writeHead(200);
res.end(u.query.callback+'({"message":"开始生成更新包。"});');
packDatas(() => { });
await util.promisify(packDatas)();
}
else {
res.writeHead(400);
......
......@@ -80,6 +80,8 @@ merge = require 'deepmerge'
loadJSON = require('load-json-file').sync
util = require("util")
#heapdump = require 'heapdump'
# 配置
......@@ -1756,6 +1758,7 @@ net.createServer (client) ->
b = stoc_buffer.slice(3, stoc_message_length - 1 + 3)
info = null
struct = ygopro.structs[ygopro.proto_structs.STOC[ygopro.constants.STOC[stoc_proto]]]
if struct and !cancel
struct._setBuff(b)
info = _.clone(struct.fields)
......@@ -3598,7 +3601,7 @@ if settings.modules.http
#console.log(u.query.username, u.query.pass)
if u.pathname == '/api/getrooms'
pass_validated = auth.auth(u.query.username, u.query.pass, "get_rooms", "get_rooms", true)
pass_validated = await auth.auth(u.query.username, u.query.pass, "get_rooms", "get_rooms", true)
if !settings.modules.http.public_roomlist and !pass_validated
response.writeHead(200)
response.end(addCallback(u.query.callback, '{"rooms":[{"roomid":"0","roomname":"密码错误","needpass":"true"}]}'))
......@@ -3634,7 +3637,7 @@ if settings.modules.http
else if u.pathname == '/api/duellog' and settings.modules.tournament_mode.enabled
if !auth.auth(u.query.username, u.query.pass, "duel_log", "duel_log")
if !await auth.auth(u.query.username, u.query.pass, "duel_log", "duel_log")
response.writeHead(200)
response.end(addCallback(u.query.callback, "[{name:'密码错误'}]"))
return
......@@ -3644,7 +3647,7 @@ if settings.modules.http
response.end(addCallback(u.query.callback, duellog))
else if u.pathname == '/api/archive.zip' and settings.modules.tournament_mode.enabled
if !auth.auth(u.query.username, u.query.pass, "download_replay", "download_replay_archive")
if !await auth.auth(u.query.username, u.query.pass, "download_replay", "download_replay_archive")
response.writeHead(403)
response.end("Invalid password.")
return
......@@ -3687,7 +3690,7 @@ if settings.modules.http
response.end("Failed reading replays. " + error)
else if u.pathname == '/api/clearlog' and settings.modules.tournament_mode.enabled
if !auth.auth(u.query.username, u.query.pass, "clear_duel_log", "clear_duel_log")
if !await auth.auth(u.query.username, u.query.pass, "clear_duel_log", "clear_duel_log")
response.writeHead(200)
response.end(addCallback(u.query.callback, "[{name:'密码错误'}]"))
return
......@@ -3703,7 +3706,7 @@ if settings.modules.http
response.end(addCallback(u.query.callback, "[{name:'Success'}]"))
else if _.startsWith(u.pathname, '/api/replay') and settings.modules.tournament_mode.enabled
if !auth.auth(u.query.username, u.query.pass, "download_replay", "download_replay")
if !await auth.auth(u.query.username, u.query.pass, "download_replay", "download_replay")
response.writeHead(403)
response.end("密码错误")
return
......@@ -3734,7 +3737,7 @@ if settings.modules.http
# return
if u.query.shout
if !auth.auth(u.query.username, u.query.pass, "shout", "shout")
if !await auth.auth(u.query.username, u.query.pass, "shout", "shout")
response.writeHead(200)
response.end(addCallback(u.query.callback, "['密码错误', 0]"))
return
......@@ -3744,35 +3747,32 @@ if settings.modules.http
response.end(addCallback(u.query.callback, "['shout ok', '" + u.query.shout + "']"))
else if u.query.stop
if !auth.auth(u.query.username, u.query.pass, "stop", "stop")
if !await auth.auth(u.query.username, u.query.pass, "stop", "stop")
response.writeHead(200)
response.end(addCallback(u.query.callback, "['密码错误', 0]"))
return
if u.query.stop == 'false'
u.query.stop = false
setting_change(settings, 'modules:stop', u.query.stop, (err)->
response.writeHead(200)
if(err)
response.end(addCallback(u.query.callback, "['stop fail', '" + u.query.stop + "']"))
else
try
await util.promisfy(setting_change)(settings, 'modules:stop', u.query.stop)
response.end(addCallback(u.query.callback, "['stop ok', '" + u.query.stop + "']"))
)
catch err
response.end(addCallback(u.query.callback, "['stop fail', '" + u.query.stop + "']"))
else if u.query.welcome
if !auth.auth(u.query.username, u.query.pass, "change_settings", "change_welcome")
if !await auth.auth(u.query.username, u.query.pass, "change_settings", "change_welcome")
response.writeHead(200)
response.end(addCallback(u.query.callback, "['密码错误', 0]"))
return
setting_change(settings, 'modules:welcome', (err)->
response.writeHead(200)
if(err)
response.end(addCallback(u.query.callback, "['welcome fail', '" + u.query.welcome + "']"))
else
try
await util.promisfy(setting_change)(settings, 'modules:stop', u.query.welcome)
response.end(addCallback(u.query.callback, "['welcome ok', '" + u.query.welcome + "']"))
)
catch err
response.end(addCallback(u.query.callback, "['welcome fail', '" + u.query.welcome + "']"))
else if u.query.getwelcome
if !auth.auth(u.query.username, u.query.pass, "change_settings", "get_welcome")
if !await auth.auth(u.query.username, u.query.pass, "change_settings", "get_welcome")
response.writeHead(200)
response.end(addCallback(u.query.callback, "['密码错误', 0]"))
return
......@@ -3780,7 +3780,7 @@ if settings.modules.http
response.end(addCallback(u.query.callback, "['get ok', '" + settings.modules.welcome + "']"))
else if u.query.loadtips
if !auth.auth(u.query.username, u.query.pass, "change_settings", "change_tips")
if !await auth.auth(u.query.username, u.query.pass, "change_settings", "change_tips")
response.writeHead(200)
response.end(addCallback(u.query.callback, "['密码错误', 0]"))
return
......@@ -3793,7 +3793,7 @@ if settings.modules.http
)
else if u.query.loaddialogues
if !auth.auth(u.query.username, u.query.pass, "change_settings", "change_dialogues")
if !await auth.auth(u.query.username, u.query.pass, "change_settings", "change_dialogues")
response.writeHead(200)
response.end(addCallback(u.query.callback, "['密码错误', 0]"))
return
......@@ -3806,7 +3806,7 @@ if settings.modules.http
)
else if u.query.ban
if !auth.auth(u.query.username, u.query.pass, "ban_user", "ban_user")
if !await auth.auth(u.query.username, u.query.pass, "ban_user", "ban_user")
response.writeHead(200)
response.end(addCallback(u.query.callback, "['密码错误', 0]"))
return
......@@ -3819,7 +3819,7 @@ if settings.modules.http
)
else if u.query.kick
if !auth.auth(u.query.username, u.query.pass, "kick_user", "kick_user")
if !await auth.auth(u.query.username, u.query.pass, "kick_user", "kick_user")
response.writeHead(200)
response.end(addCallback(u.query.callback, "['密码错误', 0]"))
return
......@@ -3835,7 +3835,7 @@ if settings.modules.http
else if u.query.death
if !auth.auth(u.query.username, u.query.pass, "start_death", "start_death")
if !await auth.auth(u.query.username, u.query.pass, "start_death", "start_death")
response.writeHead(200)
response.end(addCallback(u.query.callback, "['密码错误', 0]"))
return
......@@ -3857,7 +3857,7 @@ if settings.modules.http
)
else if u.query.deathcancel
if !auth.auth(u.query.username, u.query.pass, "start_death", "cancel_death")
if !await auth.auth(u.query.username, u.query.pass, "start_death", "cancel_death")
response.writeHead(200)
response.end(addCallback(u.query.callback, "['密码错误', 0]"))
return
......@@ -3878,7 +3878,7 @@ if settings.modules.http
)
else if u.query.reboot
if !auth.auth(u.query.username, u.query.pass, "stop", "reboot")
if !await auth.auth(u.query.username, u.query.pass, "stop", "reboot")
response.writeHead(200)
response.end(addCallback(u.query.callback, "['密码错误', 0]"))
return
......
This diff is collapsed.
......@@ -210,10 +210,10 @@ var pushHTMLs = function() {
//建立一个http服务器,接收API操作
function requestListener(req, res) {
async function requestListener(req, res) {
var u = url.parse(req.url, true);
if (!auth.auth(u.query.username, u.query.password, "update_dashboard", "update_dashboard")) {
if (!await auth.auth(u.query.username, u.query.password, "update_dashboard", "update_dashboard")) {
res.writeHead(403);
res.end("Auth Failed.");
return;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment