update auth

92e31ed9 · nanahira · f7408480 · 92e31ed9 · 92e31ed9 · 92e31ed9
Commit 92e31ed9 authored Apr 05, 2020 by nanahira
6 changed files
--- a/ygopro-auth.coffee
+++ b/ygopro-auth.coffee
@@ -26,6 +26,7 @@ or as follows, to use a specific set of permissions.
 ###
 fs = require 'fs'
 loadJSON = require('load-json-file').sync
+loadJSONPromise = require('load-json-file')
 moment = require 'moment'
 moment.updateLocale('zh-cn', {
  relativeTime: {
@@ -57,16 +58,19 @@ add_log = (message) ->
  text = mt.format('YYYY-MM-DD HH:mm:ss') + " --> " + message + "\n"
  res = false
  try
-    fs.appendFileSync("./logs/"+mt.format('YYYY-MM-DD')+".log", text)
+    await util.promisfy(fs.appendFile)("./logs/"+mt.format('YYYY-MM-DD')+".log", text)
    res = true
  catch
    res = false
-  return
+  return res
 default_data = loadJSON('./data/default_data.json')
 setting_save = (settings) ->
-  fs.writeFileSync(settings.file, JSON.stringify(settings, null, 2))
+  try
+    await util.promisfy(fs.writeFile)(settings.file, JSON.stringify(settings, null, 2))
+  catch e
+    add_log("save fail");
  return
 default_data = loadJSON('./data/default_data.json')
@@ -78,16 +82,15 @@ catch
  setting_save(users)
 save = () ->
-  setting_save(users)
+  return await setting_save(users)
-  return
 reload = () ->
  user_backup = users
  try
-    users = loadJSON('./config/admin_user.json')
+    users = await loadJSONPromise('./config/admin_user.json')
  catch
    users = user_backup
-    add_log("Invalid user data JSON")
+    await add_log("Invalid user data JSON")
  return
 check_permission = (user, permission_required) ->
@@ -96,31 +99,31 @@ check_permission = (user, permission_required) ->
  if typeof(permission) != 'object'
    permission = users.permission_examples[_permission]
  if !permission
-    add_log("Permision not set:"+_permission)
+    await add_log("Permision not set:"+_permission)
    return false
  return permission[permission_required]
 @auth = (name, pass, permission_required, action = 'unknown', no_log) ->
-  reload()
+  await reload()
  user = users.users[name]
  if !user
-    add_log("Unknown user login. User: "+ name+", Permission needed: "+ permission_required+", Action: " +action)
+    await add_log("Unknown user login. User: "+ name+", Permission needed: "+ permission_required+", Action: " +action)
    return false
  if user.password != pass
-    add_log("Unauthorized user login. User: "+ name+", Permission needed: "+ permission_required+", Action: " +action)
+    await add_log("Unauthorized user login. User: "+ name+", Permission needed: "+ permission_required+", Action: " +action)
    return false
  if !user.enabled
-    add_log("Disabled user login. User: "+ name+", Permission needed: "+ permission_required+", Action: " +action)
+    await add_log("Disabled user login. User: "+ name+", Permission needed: "+ permission_required+", Action: " +action)
    return false
-  if !check_permission(user, permission_required)
+  if !await check_permission(user, permission_required)
-    add_log("Permission denied. User: "+ name+", Permission needed: "+ permission_required+", Action: " +action)
+    await add_log("Permission denied. User: "+ name+", Permission needed: "+ permission_required+", Action: " +action)
    return false
  if !no_log
-    add_log("Operation success. User: "+ name+", Permission needed: "+ permission_required+", Action: " +action)
+    await add_log("Operation success. User: "+ name+", Permission needed: "+ permission_required+", Action: " +action)
  return true
 @add_user = (name, pass, enabled, permissions) ->
-  reload()
+  await reload()
  if users.users[name]
    return false
  users.users[name] = {
@@ -128,21 +131,21 @@ check_permission = (user, permission_required) ->
    "enabled": enabled,
    "permissions": permissions
  }
-  save()
+  await save()
  return true
 @delete_user = (name) ->
-  reload()
+  await reload()
  if !users.users[name]
    return false
  delete users.users[name]
-  save()
+  await save()
-  return true
+  return
 @update_user = (name, key, value) ->
-  reload()
+  await reload()
  if !users.users[name]
    return false
  users.users[name][key] = value
-  save()
+  await save()
-  return true
+  return
--- a/ygopro-auth.js
+++ b/ygopro-auth.js
@@ -26,12 +26,14 @@
        }
      },
  */
-  var add_log, bunyan, check_permission, default_data, fs, loadJSON, log, moment, reload, save, setting_save, users;
+  var add_log, bunyan, check_permission, default_data, fs, loadJSON, loadJSONPromise, log, moment, reload, save, setting_save, users;
  fs = require('fs');
  loadJSON = require('load-json-file').sync;
+  loadJSONPromise = require('load-json-file');
  moment = require('moment');
  moment.updateLocale('zh-cn', {
@@ -62,24 +64,31 @@
    fs.mkdirSync('./logs');
  }
-  add_log = function(message) {
+  add_log = async function(message) {
    var mt, res, text;
    mt = moment();
    log.info(message);
    text = mt.format('YYYY-MM-DD HH:mm:ss') + " --> " + message + "\n";
    res = false;
    try {
-      fs.appendFileSync("./logs/" + mt.format('YYYY-MM-DD') + ".log", text);
+      await util.promisfy(fs.appendFile)("./logs/" + mt.format('YYYY-MM-DD') + ".log", text);
      res = true;
    } catch (error) {
      res = false;
    }
+    return res;
  };
  default_data = loadJSON('./data/default_data.json');
-  setting_save = function(settings) {
+  setting_save = async function(settings) {
-    fs.writeFileSync(settings.file, JSON.stringify(settings, null, 2));
+    var e;
+    try {
+      await util.promisfy(fs.writeFile)(settings.file, JSON.stringify(settings, null, 2));
+    } catch (error) {
+      e = error;
+      add_log("save fail");
+    }
  };
  default_data = loadJSON('./data/default_data.json');
@@ -91,22 +100,22 @@
    setting_save(users);
  }
-  save = function() {
+  save = async function() {
-    setting_save(users);
+    return (await setting_save(users));
  };
-  reload = function() {
+  reload = async function() {
    var user_backup;
    user_backup = users;
    try {
-      users = loadJSON('./config/admin_user.json');
+      users = (await loadJSONPromise('./config/admin_user.json'));
    } catch (error) {
      users = user_backup;
-      add_log("Invalid user data JSON");
+      await add_log("Invalid user data JSON");
    }
  };
-  check_permission = function(user, permission_required) {
+  check_permission = async function(user, permission_required) {
    var _permission, permission;
    _permission = user.permissions;
    permission = _permission;
@@ -114,40 +123,40 @@
      permission = users.permission_examples[_permission];
    }
    if (!permission) {
-      add_log("Permision not set:" + _permission);
+      await add_log("Permision not set:" + _permission);
      return false;
    }
    return permission[permission_required];
  };
-  this.auth = function(name, pass, permission_required, action = 'unknown', no_log) {
+  this.auth = async function(name, pass, permission_required, action = 'unknown', no_log) {
    var user;
-    reload();
+    await reload();
    user = users.users[name];
    if (!user) {
-      add_log("Unknown user login. User: " + name + ", Permission needed: " + permission_required + ", Action: " + action);
+      await add_log("Unknown user login. User: " + name + ", Permission needed: " + permission_required + ", Action: " + action);
      return false;
    }
    if (user.password !== pass) {
-      add_log("Unauthorized user login. User: " + name + ", Permission needed: " + permission_required + ", Action: " + action);
+      await add_log("Unauthorized user login. User: " + name + ", Permission needed: " + permission_required + ", Action: " + action);
      return false;
    }
    if (!user.enabled) {
-      add_log("Disabled user login. User: " + name + ", Permission needed: " + permission_required + ", Action: " + action);
+      await add_log("Disabled user login. User: " + name + ", Permission needed: " + permission_required + ", Action: " + action);
      return false;
    }
-    if (!check_permission(user, permission_required)) {
+    if (!(await check_permission(user, permission_required))) {
-      add_log("Permission denied. User: " + name + ", Permission needed: " + permission_required + ", Action: " + action);
+      await add_log("Permission denied. User: " + name + ", Permission needed: " + permission_required + ", Action: " + action);
      return false;
    }
    if (!no_log) {
-      add_log("Operation success. User: " + name + ", Permission needed: " + permission_required + ", Action: " + action);
+      await add_log("Operation success. User: " + name + ", Permission needed: " + permission_required + ", Action: " + action);
    }
    return true;
  };
-  this.add_user = function(name, pass, enabled, permissions) {
+  this.add_user = async function(name, pass, enabled, permissions) {
-    reload();
+    await reload();
    if (users.users[name]) {
      return false;
    }
@@ -156,28 +165,26 @@
      "enabled": enabled,
      "permissions": permissions
    };
-    save();
+    await save();
    return true;
  };
-  this.delete_user = function(name) {
+  this.delete_user = async function(name) {
-    reload();
+    await reload();
    if (!users.users[name]) {
      return false;
    }
    delete users.users[name];
-    save();
+    await save();
-    return true;
  };
-  this.update_user = function(name, key, value) {
+  this.update_user = async function(name, key, value) {
-    reload();
+    await reload();
    if (!users.users[name]) {
      return false;
    }
    users.users[name][key] = value;
-    save();
+    await save();
-    return true;
  };
 }).call(this);
--- a/ygopro-pre.js
+++ b/ygopro-pre.js
@@ -480,7 +480,7 @@ var packDatas = function (callback) {
 function requestListener(req, res) {
    var u = url.parse(req.url, true);
-    if (!auth.auth(u.query.username, u.query.password, "pre_dashboard", "pre_dashboard")) {
+    if (!await auth.auth(u.query.username, u.query.password, "pre_dashboard", "pre_dashboard")) {
        res.writeHead(403);
        res.end("Auth Failed.");
        return;
@@ -505,7 +505,7 @@ function requestListener(req, res) {
    else if (u.pathname === '/api/load_db') {
        res.writeHead(200);
        res.end(u.query.callback+'({"message":"开始加载数据库。"});');
-        loadAllDbs(() => { });
+        await util.promisify(loadAllDbs)();
    }
    else if (u.pathname === '/api/fetch_datas') {
        res.writeHead(200);
@@ -514,23 +514,23 @@ function requestListener(req, res) {
    }
    else if (u.pathname === '/api/push_datas') {
        res.writeHead(200);
-        res.end(u.query.callback+'({"message":"开始上传数据。"});');
+        res.end(u.query.callback + '({"message":"开始上传数据。"});');
-        pushDatas(() => { });
+        await util.promisify(pushDatas)();
    }
    else if (u.pathname === '/api/write_to_file') {
        res.writeHead(200);
        res.end(u.query.callback+'({"message":"开始写列表页。"});');
-        writeToFile(u.query.message, () => { });
+        await util.promisify(writeToFile)(u.query.message);
    }
    else if (u.pathname === '/api/copy_to_ygopro') {
        res.writeHead(200);
        res.end(u.query.callback+'({"message":"开始更新到服务器。"});');
-        copyToYGOPRO(() => { });
+        await util.promisify(copyToYGOPRO)();
    }
    else if (u.pathname === '/api/pack_data') {
        res.writeHead(200);
        res.end(u.query.callback+'({"message":"开始生成更新包。"});');
-        packDatas(() => { });
+        await util.promisify(packDatas)();
    }
    else {
        res.writeHead(400);

--- a/ygopro-server.coffee
+++ b/ygopro-server.coffee
@@ -80,6 +80,8 @@ merge = require 'deepmerge'
 loadJSON = require('load-json-file').sync
+util = require("util")
 #heapdump = require 'heapdump'
 # 配置
@@ -1756,6 +1758,7 @@ net.createServer (client) ->
          b = stoc_buffer.slice(3, stoc_message_length - 1 + 3)
          info = null
          struct = ygopro.structs[ygopro.proto_structs.STOC[ygopro.constants.STOC[stoc_proto]]]
          if struct and !cancel
            struct._setBuff(b)
            info = _.clone(struct.fields)
@@ -3598,7 +3601,7 @@ if settings.modules.http
    #console.log(u.query.username, u.query.pass)
    if u.pathname == '/api/getrooms'
-      pass_validated = auth.auth(u.query.username, u.query.pass, "get_rooms", "get_rooms", true)
+      pass_validated = await auth.auth(u.query.username, u.query.pass, "get_rooms", "get_rooms", true)
      if !settings.modules.http.public_roomlist and !pass_validated
        response.writeHead(200)
        response.end(addCallback(u.query.callback, '{"rooms":[{"roomid":"0","roomname":"密码错误","needpass":"true"}]}'))
@@ -3634,7 +3637,7 @@ if settings.modules.http
    else if u.pathname == '/api/duellog' and settings.modules.tournament_mode.enabled
-      if !auth.auth(u.query.username, u.query.pass, "duel_log", "duel_log")
+      if !await auth.auth(u.query.username, u.query.pass, "duel_log", "duel_log")
        response.writeHead(200)
        response.end(addCallback(u.query.callback, "[{name:'密码错误'}]"))
        return
@@ -3644,7 +3647,7 @@ if settings.modules.http
        response.end(addCallback(u.query.callback, duellog))
    else if u.pathname == '/api/archive.zip' and settings.modules.tournament_mode.enabled
-      if !auth.auth(u.query.username, u.query.pass, "download_replay", "download_replay_archive")
+      if !await auth.auth(u.query.username, u.query.pass, "download_replay", "download_replay_archive")
        response.writeHead(403)
        response.end("Invalid password.")
        return
@@ -3687,7 +3690,7 @@ if settings.modules.http
          response.end("Failed reading replays. " + error)
    else if u.pathname == '/api/clearlog' and settings.modules.tournament_mode.enabled
-      if !auth.auth(u.query.username, u.query.pass, "clear_duel_log", "clear_duel_log")
+      if !await auth.auth(u.query.username, u.query.pass, "clear_duel_log", "clear_duel_log")
        response.writeHead(200)
        response.end(addCallback(u.query.callback, "[{name:'密码错误'}]"))
        return
@@ -3703,7 +3706,7 @@ if settings.modules.http
        response.end(addCallback(u.query.callback, "[{name:'Success'}]"))
    else if _.startsWith(u.pathname, '/api/replay') and settings.modules.tournament_mode.enabled
-      if !auth.auth(u.query.username, u.query.pass, "download_replay", "download_replay")
+      if !await auth.auth(u.query.username, u.query.pass, "download_replay", "download_replay")
        response.writeHead(403)
        response.end("密码错误")
        return
@@ -3734,7 +3737,7 @@ if settings.modules.http
      #  return
      if u.query.shout
-        if !auth.auth(u.query.username, u.query.pass, "shout", "shout")
+        if !await auth.auth(u.query.username, u.query.pass, "shout", "shout")
          response.writeHead(200)
          response.end(addCallback(u.query.callback, "['密码错误', 0]"))
          return
@@ -3744,35 +3747,32 @@ if settings.modules.http
        response.end(addCallback(u.query.callback, "['shout ok', '" + u.query.shout + "']"))
      else if u.query.stop
-        if !auth.auth(u.query.username, u.query.pass, "stop", "stop")
+        if !await auth.auth(u.query.username, u.query.pass, "stop", "stop")
          response.writeHead(200)
          response.end(addCallback(u.query.callback, "['密码错误', 0]"))
          return
        if u.query.stop == 'false'
          u.query.stop = false
-        setting_change(settings, 'modules:stop', u.query.stop, (err)->
+        response.writeHead(200)
-          response.writeHead(200)
+        try
-          if(err)
+          await util.promisfy(setting_change)(settings, 'modules:stop', u.query.stop)
-            response.end(addCallback(u.query.callback, "['stop fail', '" + u.query.stop + "']"))
+          response.end(addCallback(u.query.callback, "['stop ok', '" + u.query.stop + "']"))
-          else
+        catch err
-            response.end(addCallback(u.query.callback, "['stop ok', '" + u.query.stop + "']"))
+          response.end(addCallback(u.query.callback, "['stop fail', '" + u.query.stop + "']"))
-        )
      else if u.query.welcome
-        if !auth.auth(u.query.username, u.query.pass, "change_settings", "change_welcome")
+        if !await auth.auth(u.query.username, u.query.pass, "change_settings", "change_welcome")
          response.writeHead(200)
          response.end(addCallback(u.query.callback, "['密码错误', 0]"))
          return
-        setting_change(settings, 'modules:welcome', (err)->
+        try
-          response.writeHead(200)
+          await util.promisfy(setting_change)(settings, 'modules:stop', u.query.welcome)
-          if(err)
+          response.end(addCallback(u.query.callback, "['welcome ok', '" + u.query.welcome + "']"))
-            response.end(addCallback(u.query.callback, "['welcome fail', '" + u.query.welcome + "']"))
+        catch err
-          else
+          response.end(addCallback(u.query.callback, "['welcome fail', '" + u.query.welcome + "']"))
-            response.end(addCallback(u.query.callback, "['welcome ok', '" + u.query.welcome + "']"))
-        )
      else if u.query.getwelcome
-        if !auth.auth(u.query.username, u.query.pass, "change_settings", "get_welcome")
+        if !await auth.auth(u.query.username, u.query.pass, "change_settings", "get_welcome")
          response.writeHead(200)
          response.end(addCallback(u.query.callback, "['密码错误', 0]"))
          return
@@ -3780,7 +3780,7 @@ if settings.modules.http
        response.end(addCallback(u.query.callback, "['get ok', '" + settings.modules.welcome + "']"))
      else if u.query.loadtips
-        if !auth.auth(u.query.username, u.query.pass, "change_settings", "change_tips")
+        if !await auth.auth(u.query.username, u.query.pass, "change_settings", "change_tips")
          response.writeHead(200)
          response.end(addCallback(u.query.callback, "['密码错误', 0]"))
          return
@@ -3793,7 +3793,7 @@ if settings.modules.http
        )
      else if u.query.loaddialogues
-        if !auth.auth(u.query.username, u.query.pass, "change_settings", "change_dialogues")
+        if !await auth.auth(u.query.username, u.query.pass, "change_settings", "change_dialogues")
          response.writeHead(200)
          response.end(addCallback(u.query.callback, "['密码错误', 0]"))
          return
@@ -3806,7 +3806,7 @@ if settings.modules.http
        )
      else if u.query.ban
-        if !auth.auth(u.query.username, u.query.pass, "ban_user", "ban_user")
+        if !await auth.auth(u.query.username, u.query.pass, "ban_user", "ban_user")
          response.writeHead(200)
          response.end(addCallback(u.query.callback, "['密码错误', 0]"))
          return
@@ -3819,7 +3819,7 @@ if settings.modules.http
        )
      else if u.query.kick
-        if !auth.auth(u.query.username, u.query.pass, "kick_user", "kick_user")
+        if !await auth.auth(u.query.username, u.query.pass, "kick_user", "kick_user")
          response.writeHead(200)
          response.end(addCallback(u.query.callback, "['密码错误', 0]"))
          return
@@ -3835,7 +3835,7 @@ if settings.modules.http
      else if u.query.death
-        if !auth.auth(u.query.username, u.query.pass, "start_death", "start_death")
+        if !await auth.auth(u.query.username, u.query.pass, "start_death", "start_death")
          response.writeHead(200)
          response.end(addCallback(u.query.callback, "['密码错误', 0]"))
          return
@@ -3857,7 +3857,7 @@ if settings.modules.http
        )
      else if u.query.deathcancel
-        if !auth.auth(u.query.username, u.query.pass, "start_death", "cancel_death")
+        if !await auth.auth(u.query.username, u.query.pass, "start_death", "cancel_death")
          response.writeHead(200)
          response.end(addCallback(u.query.callback, "['密码错误', 0]"))
          return
@@ -3878,7 +3878,7 @@ if settings.modules.http
        )
      else if u.query.reboot
-        if !auth.auth(u.query.username, u.query.pass, "stop", "reboot")
+        if !await auth.auth(u.query.username, u.query.pass, "stop", "reboot")
          response.writeHead(200)
          response.end(addCallback(u.query.callback, "['密码错误', 0]"))
          return

--- a/ygopro-server.js
+++ b/ygopro-server.js
--- a/ygopro-update.js
+++ b/ygopro-update.js
@@ -210,10 +210,10 @@ var pushHTMLs = function() {
 //建立一个http服务器，接收API操作
-function requestListener(req, res) {
+async function requestListener(req, res) {
    var u = url.parse(req.url, true);
-    if (!auth.auth(u.query.username, u.query.password, "update_dashboard", "update_dashboard")) {
+    if (!await auth.auth(u.query.username, u.query.password, "update_dashboard", "update_dashboard")) {
        res.writeHead(403);
        res.end("Auth Failed.");
        return;