janishutz/libreevent
1
0
Fork 0
mirror of https://github.com/janishutz/libreevent.git synced 2026-04-28 13:59:23 +02:00
Code Issues Packages Projects Releases Wiki Activity

Revert "Restructuring for new way of installing libreevent"

Browse Source 
This reverts commit 688b0616cc.
This commit is contained in:
Janis Hutz
2024-08-26 11:21:52 +02:00
parent 688b0616cc
commit a68e42c4bb
223 changed files with 58 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/server/admin/2fa.js
+84
View File
@@ -0,0 +1,84 @@
/*
* libreevent - 2fa.js
*
* Created by Janis Hutz 07/11/2023, Licensed under the GPL V3 License
* https://janishutz.com, development@janishutz.com
*
*
*/
const token = require( '../backend/token.js' );
let createSSRApp = require( 'vue' ).createSSRApp;
let renderToString = require( 'vue/server-renderer' ).renderToString;
const fs = require( 'fs' );
const path = require( 'path' );
class TwoFA {
constructor () {
this.tokenStore = {};
this.references = {};
}
registerStandardAuthentication () {
let tok = token.generateToken( 60 );
while ( this.tokenStore[ tok ] ) {
tok = token.generateToken( 60 );
}
this.tokenStore[ tok ] = { 'mode': 'standard' };
return { 'token': tok };
}
registerEnhancedAuthentication () {
let tok = token.generateToken( 60 );
while ( this.tokenStore[ tok ] ) {
tok = token.generateToken( 60 );
}
let code = token.generateNumber( 6 );
this.tokenStore[ tok ] = { 'mode': 'enhanced', 'code': code };
return { 'code': code, 'token': tok };
}
storeTokenReference ( token, sessionID ) {
this.references[ token ] = sessionID;
}
getTokenReference ( token ) {
return this.references[ token ];
}
verifyEnhanced ( token, number = '' ) {
if ( this.tokenStore[ token ]?.mode === 'standard' ) return true;
else if ( this.tokenStore[ token ]?.mode === 'enhanced' ) {
if ( this.tokenStore[ token ].code == number ) {
delete this.tokenStore[ token ];
return true;
} else return false;
} else return false;
}
verifySimple ( token ) {
if ( this.tokenStore[ token ]?.mode === 'standard' ) {
delete this.tokenStore[ token ];
return 'standard';
} else if ( this.tokenStore[ token ]?.mode === 'enhanced' ) return 'enhanced';
else return 'invalid';
}
async generateTwoFAMail ( token, ip, domain, pageName ) {
const app = createSSRApp( {
data() {
return {
token: token,
ip: ip,
host: domain,
pageName: pageName,
};
},
template: '' + fs.readFileSync( path.join( __dirname + '/twoFAMail.html' ) )
} );
return await renderToString( app );
}
}
module.exports = TwoFA;
src/server/admin/adminAPIRoutes.js
+98
View File
@@ -0,0 +1,98 @@
/*
* libreevent - adminAPIRoutes.js
*
* Created by Janis Hutz 07/20/2023, Licensed under the GPL V3 License
* https://janishutz.com, development@janishutz.com
*
*
*/
const posth = require( './api/postHandler.js' );
const geth = require( './api/getHandler.js' );
const path = require( 'path' );
const bodyParser = require( 'body-parser' );
const mlt = require( 'multer' );
const pngToIco = require( 'png-to-ico' );
const multer = mlt();
const fs = require( 'fs' );
const settings = JSON.parse( fs.readFileSync( path.join( __dirname + '/../config/settings.config.json' ) ) );
const getHandler = new geth( settings );
const postHandler = new posth( settings );
// settings is missing in arguments which shouldn't pose any problem
module.exports = ( app ) => {
// Add specific routes here to have them be checked first to not get general handling
app.get( '/admin/getAPI/:call', ( req, res ) => {
if ( req.session.loggedInAdmin ) {
getHandler.handleCall( req.params.call, req.query ).then( data => {
res.send( data );
} ).catch( error => {
res.status( error.code ?? 500 ).send( error.error );
} );
} else {
res.status( 403 ).sendFile( path.join( __dirname + '/../ui/' + ( req.query.lang ?? 'en' ) + '/errors/403.html' ) );
}
} );
app.post( '/admin/API/:call', bodyParser.json( { limit: '20mb' } ), ( req, res ) => {
if ( req.session.loggedInAdmin ) {
postHandler.handleCall( req.params.call, req.body, req.query.lang ).then( data => {
res.send( data );
} ).catch( error => {
console.error( error );
res.status( error.code ?? 500 ).send( error.error );
} );
} else {
res.status( 403 ).sendFile( path.join( __dirname + '/../ui/' + ( req.query.lang ?? 'en' ) + '/errors/403.html' ) );
}
} );
app.post( '/admin/events/uploadImages', multer.array( 'image', 2 ), ( req, res ) => {
if ( req.session.loggedInAdmin ) {
if ( req.query.event.includes( '/' ) || req.query.event.includes( '.' ) ) {
res.status( 400 ).send( 'fp_wrong' );
} else {
for ( let file in req.files ) {
if ( req.files[ file ].originalname === req.body.logo ) {
fs.writeFileSync( path.join( __dirname + '/../assets/events/' + req.query.event + 'Logo.jpg' ), req.files[ file ].buffer );
} else {
fs.writeFileSync( path.join( __dirname + '/../assets/events/' + req.query.event + 'Banner.jpg' ), req.files[ file ].buffer );
}
}
res.send( 'ok' );
}
} else {
res.status( 403 ).send( 'unauthorized' );
}
} );
app.post( '/admin/pages/uploadImages', multer.array( 'image', 1 ), ( req, res ) => {
if ( req.session.loggedInAdmin ) {
if ( req.query.image.includes( '/' ) || req.query.image.includes( '.' ) || req.query.template.includes( '/' ) || req.query.template.includes( '.' ) ) {
res.status( 400 ).send( 'fp_wrong' );
} else {
fs.writeFileSync( path.join( __dirname + '/../ui/home/templates/' + req.query.template + '/assets/' + req.query.image + '.jpg' ), req.files[ 0 ].buffer );
res.send( 'ok' );
}
} else {
res.status( 403 ).send( 'unauthorized' );
}
} );
app.post( '/admin/logo/upload', multer.array( 'image', 1 ), ( req, res ) => {
if ( req.session.loggedInAdmin ) {
fs.writeFileSync( path.join( __dirname + '/../assets/logo.png' ), req.files[ 0 ].buffer );
pngToIco( path.join( __dirname + '/../assets/logo.png' ) ).then( buf => {
fs.writeFileSync( path.join( __dirname + '/../webapp/main/dist/favicon.ico' ), buf );
} ).catch( () => {
console.error( '[ ICON CONVERTER ] Failed to convert png to ico file' );
} );
res.send( 'ok' );
} else {
res.status( 403 ).send( 'unauthorized' );
}
} );
};
src/server/admin/adminRoutes.js
+128
View File
@@ -0,0 +1,128 @@
/*
* libreevent - routes.js (admin)
*
* Created by Janis Hutz 03/11/2023, Licensed under the GPL V3 License
* https://janishutz.com, development@janishutz.com
*
*
*/
// const db = require( './db/db.js' );
const pwdmanager = require( './pwdmanager.js' );
const db = require( '../backend/db/db.js' );
const auth = require( './2fa.js' );
const twoFA = new auth();
const path = require( 'path' );
const mail = require( '../backend/mail/mailSender.js' );
const mailManager = new mail();
const bodyParser = require( 'body-parser' );
let responseObjects = {};
let authOk = {};
module.exports = ( app, settings ) => {
/*
Admin login route that checks the password
*/
app.post( '/admin/auth', bodyParser.json(), ( request, response ) => {
if ( request.body.mail && request.body.password ) {
pwdmanager.checkpassword( request.body.mail, request.body.password ).then( data => {
request.session.username = request.body.mail;
if ( data.status ) {
request.session.username = request.body.mail;
if ( data.twoFA === 'simple' ) {
( async () => {
let tok = twoFA.registerStandardAuthentication()[ 'token' ];
let ipRetrieved = request.headers[ 'x-forwarded-for' ];
let ip = ipRetrieved ? ipRetrieved.split( /, / )[ 0 ] : request.connection.remoteAddress;
mailManager.sendMail( request.body.mail, await twoFA.generateTwoFAMail( tok, ip, settings.yourDomain, settings.name ), 'Verify admin account login', settings.mailSender );
request.session.token = tok;
response.send( { 'status': '2fa' } );
} )();
} else if ( data.twoFA === 'enhanced' ) {
( async () => {
let res = twoFA.registerEnhancedAuthentication();
let ipRetrieved = request.headers[ 'x-forwarded-for' ];
let ip = ipRetrieved ? ipRetrieved.split( /, / )[ 0 ] : request.connection.remoteAddress;
if ( request.body.mail === 'root' ) {
db.getJSONDataSimple( 'rootAccount', 'email' ).then( email => {
( async () => {
mailManager.sendMail( email, await twoFA.generateTwoFAMail( res.token, ip, settings.yourDomain, settings.name ), 'Verify admin account login', settings.mailSender );
} )();
} );
} else {
mailManager.sendMail( request.body.mail, await twoFA.generateTwoFAMail( res.token, ip, settings.yourDomain, settings.name ), 'Verify admin account login', settings.mailSender );
}
request.session.token = res.token;
response.send( { 'status': '2fa+', 'code': res.code } );
} )();
} else {
request.session.loggedInAdmin = true;
response.send( { 'status': 'ok' } );
}
} else {
response.send( { 'status': 'pwErr' } );
}
} );
} else {
response.send( 'missingCredentials' );
}
} );
app.get( '/admin/2fa', ( request, response ) => {
let tokType = twoFA.verifySimple( request.query.token );
if ( tokType === 'standard' ) {
request.session.loggedInAdmin = true;
responseObjects[ request.query.token ].write( 'data: authenticated\n\n' );
response.sendFile( path.join( __dirname + '/../ui/en/2fa/2faSimple.html' ) );
} else if ( tokType === 'enhanced' ) {
response.sendFile( path.join( __dirname + '/../ui/en/2fa/2faEnhancedAdmin.html' ) );
} else {
response.sendFile( path.join( __dirname + '/../ui/en/2fa/2faInvalid.html' ) );
}
} );
app.post( '/admin/2fa/verify', bodyParser.json(), ( request, response ) => {
let verified = twoFA.verifyEnhanced( request.body.token, request.body.code );
if ( verified ) {
request.session.loggedInAdmin = true;
responseObjects[ request.body.token ].write( 'data: authenticated\n\n' );
response.send( 'ok' );
} else response.send( 'wrong' );
} );
app.get( '/admin/2fa/check', ( request, response ) => {
response.writeHead( 200, {
'Content-Type': 'text/event-stream',
'Cache-Control': 'no-cache',
'Connection': 'keep-alive',
} );
response.status( 200 );
response.flushHeaders();
response.write( 'data: connected\n\n' );
responseObjects[ request.session.token ] = response;
} );
app.get( '/admin/2fa/ping', ( request, response ) => {
if ( authOk[ request.session.token ] === 'ok' ) {
response.send( { 'status': 'ok' } );
} else {
response.send( '' );
}
} );
// app.get( '/test/login', ( request, response ) => {
// request.session.loggedInAdmin = true;
// response.send( 'Logged in' );
// } );
app.get( '/admin/logout', ( request, response ) => {
request.session.loggedInAdmin = false;
response.send( 'logged out' );
} );
app.get( '/api/getAuth', ( request, response ) => {
response.send( { 'admin': request.session.loggedInAdmin ? true : false, 'user': request.session.loggedInUser ? true : false } );
} );
};
src/server/admin/api/getHandler.js
+136
View File
@@ -0,0 +1,136 @@
/*
* libreevent - getHandler.js
*
* Created by Janis Hutz 07/20/2023, Licensed under the GPL V3 License
* https://janishutz.com, development@janishutz.com
*
*
*/
const db = require( '../../backend/db/db.js' );
const pm = require( '../../backend/plugins/manager.js' );
const spm = require( '../startPageManager.js' );
class GETHandler {
constructor ( settings ) {
this.pluginManager = new pm( settings );
this.settings = settings;
this.startPageManager = new spm( settings );
}
handleCall ( call, query ) {
return new Promise( ( resolve, reject ) => {
if ( call === 'getSeatplan' ) {
db.getJSONDataSimple( 'seatplan', query.location ).then( data => {
if ( Object.keys( data ).length > 0 ) {
resolve( data[ 'save' ] );
} else {
reject( { 'code': 400, 'error': 'No data found for this location' } );
}
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} else if ( call === 'getSeatplanDraft' ) {
db.getJSONDataSimple( 'seatplan', query.location ).then( data => {
if ( Object.keys( data ).length > 0 ) {
if ( Object.keys( data[ 'draft' ] ).length > 0 ) {
resolve( data[ 'draft' ] );
} else {
resolve( data[ 'save' ] );
}
} else {
reject( { 'code': 400, 'error': 'No data found for this location' } );
}
} ).catch( error => {
reject( error );
} );
} else if ( call === 'getLocations' ) {
db.getJSONData( 'locations' ).then( data => {
resolve( data ?? {} );
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} else if ( call === 'getTicketTemplate' ) {
db.getJSONDataSimple( 'tickets', query.ticket ).then( data => {
resolve( data ?? {} );
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} else if ( call === 'getEvent' ) {
db.getJSONDataSimple( 'eventDrafts', query.event ).then( data => {
if ( Object.keys( data ).length > 1 ) {
resolve( data );
} else {
reject( { 'code': 404, 'error': 'EventNotFound' } );
}
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} else if ( call === 'getEventStatus' ) {
db.getJSONDataSimple( 'events', query.event ).then( data => {
if ( Object.keys( data ) ) {
resolve( true );
} else {
resolve( false );
}
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} else if ( call === 'getAllEvents' ) {
db.getJSONData( 'eventDrafts' ).then( data => {
db.getJSONData( 'events' ).then( dat => {
resolve( { 'live': dat ?? {}, 'drafts': data ?? {} } );
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} else if ( call === 'getCurrency' ) {
resolve( this.settings.currency );
} else if ( call === 'getAdminAccounts' ) {
db.getData( 'admin' ).then( data => {
if ( data[ 0 ] ) {
resolve( { 'data': data, 'status': 'ok' } );
} else {
resolve( { 'data': {}, 'status': 'empty' } );
}
} ).catch( err => {
reject( { 'code': 500, 'message': 'ERR_DB: ' + err } );
} );
} else if ( call === 'getRootAccountDetails' ) {
db.getJSONData( 'rootAccount' ).then( data => {
resolve( data );
} ).catch( err => {
reject( { 'code': 500, 'message': 'ERR_DB: ' + err } );
} );
} else if ( call === 'getPaymentGatewaySettings' ) {
this.pluginManager.loadPaymentGatewaySettings().then( dat => {
resolve( dat );
} ).catch( err => {
reject( { 'code': 500, 'error': err } );
} );
} else if ( call === 'getSettings' ) {
resolve( this.settings );
} else if ( call === 'getAllPlugins' ) {
resolve( this.pluginManager.getPlugins() );
} else if ( call === 'getStartPageSettings' ) {
resolve( this.startPageManager.loadStartPagePreferences( query.name ) );
} else if ( call === 'getAllStartPages' ) {
resolve( this.startPageManager.findAllStartPageTemplates() );
} else if ( call === 'buildStartPage' ) {
( async() => {
if ( await this.startPageManager.renderStartPage( query.page ) ) {
resolve( 'ok' );
} else {
reject( { 'code': 412, 'error': 'Missing entries' } );
}
} )();
} else {
reject( { 'code': 404, 'error': 'Route not found' } );
}
} );
}
}
module.exports = GETHandler;
src/server/admin/api/postHandler.js
+192
View File
@@ -0,0 +1,192 @@
/*
* libreevent - postHandler.js
*
* Created by Janis Hutz 07/20/2023, Licensed under the GPL V3 License
* https://janishutz.com, development@janishutz.com
*
*
*/
const db = require( '../../backend/db/db.js' );
const pwdmanager = require( '../pwdmanager.js' );
const pm = require( '../../backend/plugins/manager.js' );
const spm = require( '../startPageManager.js' );
const startPageManager = new spm();
class POSTHandler {
constructor ( settings ) {
this.pluginManager = new pm( settings );
this.settings = settings;
}
handleCall ( call, data, lang ) {
return new Promise( ( resolve, reject ) => {
console.log( lang );
if ( call === 'saveSeatplanDraft' ) {
db.getJSONDataSimple( 'seatplan', data.location ).then( res => {
let dat = res;
dat[ 'draft' ] = data.data;
db.writeJSONDataSimple( 'seatplan', data.location, dat ).then( resp => {
db.getJSONDataSimple( 'locations', data.location ).then( dat => {
let s = dat;
s[ 'totalSeats' ] = data.data.seatInfo.count;
db.writeJSONDataSimple( 'locations', data.location, s ).then( () => {
resolve( resp );
} );
} );
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} );
} else if ( call === 'saveSeatplan' ) {
db.writeJSONDataSimple( 'seatplan', data.location, { 'draft': {}, 'save': data.data } ).then( resp => {
db.getJSONDataSimple( 'locations', data.location ).then( dat => {
let s = dat;
s[ 'totalSeats' ] = data.data.seatInfo.count;
db.writeJSONDataSimple( 'locations', data.location, s ).then( () => {
resolve( resp );
} );
} );
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} else if ( call === 'saveLocations' ) {
db.getJSONData( 'seatplan' ).then( res => {
let dat = res;
for ( let loc in data.updated ) {
if ( res[ loc ] ) {
dat[ data.updated[ loc ] ] = res[ loc ];
delete dat[ loc ];
}
}
db.writeJSONData( 'seatplan', dat ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
db.writeJSONData( 'locations', data.data ).then( resp => {
resolve( resp );
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} else if ( call === 'deleteLocation' ) {
db.deleteJSONDataSimple( 'locations', data.location ).then( () => {
resolve( 'ok' );
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} else if ( call === 'createEvent' ) {
db.getJSONDataSimple( 'eventDrafts', data.event ).then( dat => {
if ( Object.keys( dat ).length < 1 ) {
db.writeJSONDataSimple( 'eventDrafts', data.event, { 'name': 'Unnamed event', 'description': '', 'location': '', 'date': '', 'categories': {}, 'ageGroups': { '1': { 'id': 1, 'name': 'Child', 'age': '0 - 15.99' }, '2': { 'id': 2, 'name': 'Adult' } }, 'maxTickets': 2, 'eventID': data.event } ).then( () => {
resolve( 'ok' );
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} else {
reject( { 'code': 409, 'error': 'ExistsAlready' } );
}
} );
} else if ( call === 'saveEvent' ) {
db.writeJSONDataSimple( 'eventDrafts', data.event, data.eventData ).then( () => {
resolve( 'ok' );
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} else if ( call === 'deployEvent' ) {
db.writeJSONDataSimple( 'events', data.event, data.eventData ).then( () => {
resolve( 'ok' );
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} else if ( call === 'deleteEvent' ) {
db.deleteJSONDataSimple( 'eventDrafts', data.event ).then( () => {
db.deleteJSONDataSimple( 'events', data.event ).then( () => {
resolve( 'ok' );
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} else if ( call === 'undeployEvent' ) {
db.deleteJSONDataSimple( 'events', data.event ).then( () => {
resolve( 'ok' );
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} else if ( call === 'saveTickets' ) {
db.writeJSONDataSimple( 'tickets', data.location, data.data ).then( resp => {
resolve( resp );
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} else if ( call === 'createAdminAccount' ) {
let dat = data;
pwdmanager.hashPassword( dat.pass ).then( hash => {
dat[ 'pass' ] = hash;
db.writeDataSimple( 'admin', 'email', data.email, dat ).then( resp => {
resolve( resp );
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} );
} else if ( call === 'updateAdminAccount' ) {
if ( data.pass ) {
let dat = data;
pwdmanager.hashPassword( data.pass ).then( hash => {
dat[ 'pass' ] = hash;
db.writeDataSimple( 'admin', 'email', data.email, dat ).then( resp => {
resolve( resp );
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} );
} else {
db.writeDataSimple( 'admin', 'email', data.email, data ).then( resp => {
resolve( resp );
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
}
} else if ( call === 'deleteAdminAccount' ) {
db.deleteDataSimple( 'admin', 'email', data.email ).then( resp => {
resolve( resp );
} ).catch( error => {
reject( { 'code': 500, 'error': error } );
} );
} else if ( call === 'updateSettings' ) {
this.settings[ 'twoFA' ] = data.twoFA;
this.settings[ 'currency' ] = data.currency;
this.settings[ 'payments' ] = data.payments;
this.settings[ 'ticketTimeout' ] = data.ticketTimeout;
db.saveSettings( this.settings );
db.getJSONData( 'events' ).then( dat => {
let updated = dat;
for ( let event in updated ) {
updated[ event ][ 'currency' ] = data.currency;
}
db.writeJSONData( 'events', updated );
} );
resolve( 'ok' );
} else if ( call === 'updatePaymentGatewaySettings' ) {
this.pluginManager.savePaymentGatewaySettings( data ).then( () => {
resolve( 'ok' );
} ).catch( err => {
reject( { 'code': 500, 'message': err } );
} );
} else if ( call === 'savePageSettings' ) {
startPageManager.saveStartPagePreferences( data.page, data.preferences );
resolve( 'ok' );
} else {
reject( { 'code': 404, 'error': 'Route not found' } );
}
} );
}
}
module.exports = POSTHandler;
src/server/admin/appApiRoutes.js
+84
View File
@@ -0,0 +1,84 @@
/*
* libreevent - appApiRoutes.js
*
* Created by Janis Hutz 08/19/2023, Licensed under the GPL V3 License
* https://janishutz.com, development@janishutz.com
*
*
*/
const bodyParser = require( 'body-parser' );
const db = require( '../backend/db/db.js' );
const pwHandler = require( './pwdmanager.js' );
module.exports = ( app ) => {
console.log( '[ APP API ] Loaded!' );
app.post( '/app/authenticate', bodyParser.json(), ( req, res ) => {
pwHandler.checkpassword( req.body.email, req.body.password ).then( status => {
if ( status ) {
if ( status.status ) {
res.send( 'authOk' );
} else {
res.send( 'wrong' );
}
} else {
res.send( 'wrong' );
}
} );
} );
app.post( '/app/ticketLookup', bodyParser.json(), ( req, res ) => {
pwHandler.checkpassword( req.body.email, req.body.password ).then( status => {
if ( status ) {
if ( status.status ) {
// extract order name
let indexOfOrderNameEnd = req.body.ticketID.lastIndexOf( '_' );
if ( indexOfOrderNameEnd > req.body.ticketID.length - 5 ) {
indexOfOrderNameEnd = req.body.ticketID.slice( 0, req.body.ticketID.length - 5 ).lastIndexOf( '_' );
}
db.getDataSimple( 'orders', 'order_name', req.body.ticketID.slice( 0, indexOfOrderNameEnd ) ).then( dat => {
if ( dat[ 0 ] ) {
let tickets = JSON.parse( dat[ 0 ][ 'tickets' ] );
const event = req.body.ticketID.slice( indexOfOrderNameEnd + 1, req.body.ticketID.lastIndexOf( '-' ) );
const ticket = req.body.ticketID.slice( req.body.ticketID.lastIndexOf( '-' ) + 1, req.body.ticketID.length );
if ( tickets[ event ] ) {
if ( tickets[ event ][ ticket ] ) {
if ( tickets[ event ][ ticket ][ 'count' ] ) {
if ( !tickets[ event ][ ticket ][ 'used' ] ) {
tickets[ event ][ ticket ][ 'used' ] = 0;
}
if ( tickets[ event ][ ticket ][ 'used' ] == tickets[ event ][ ticket ][ 'count' ] ) {
tickets[ event ][ ticket ][ 'used' ] += 1;
db.writeDataSimple( 'orders', 'order_name', req.body.ticketID.slice( 0, req.body.ticketID.lastIndexOf( '_' ) ), { 'tickets': JSON.stringify( tickets ) } );
res.send( 'ticketValid' );
} else {
res.send( 'ticketInvalid' );
}
} else {
if ( !tickets[ event ][ ticket ][ 'invalidated' ] ) {
tickets[ event ][ ticket ][ 'invalidated' ] = true;
db.writeDataSimple( 'orders', 'order_name', req.body.ticketID.slice( 0, req.body.ticketID.lastIndexOf( '_' ) ), { 'tickets': JSON.stringify( tickets ) } );
res.send( 'ticketValid' );
} else {
res.send( 'ticketInvalid' );
}
}
} else {
res.send( 'ticketInvalid' );
}
} else {
res.send( 'ticketInvalid' );
}
} else {
res.send( 'ticketInvalid' );
}
} );
} else {
res.send( 'wrong' );
}
} else {
res.send( 'wrong' );
}
} );
} );
};
src/server/admin/pwdmanager.js
+51
View File
@@ -0,0 +1,51 @@
/*
* libreevent - pwdmanager.js
*
* Created by Janis Hutz 03/26/2023, Licensed under the GPL V3 License
* https://janishutz.com, development@janishutz.com
*
*
*/
/*
These functions are required to verify user login and to create new users
and to hash new passwords (if user changes password.) This here is only
used for the admin panel, another one is used for the normal user accounts
to separate the two for additional security.
*/
// import and init
const bcrypt = require( 'bcrypt' );
const db = require( '../backend/db/db.js' );
module.exports.checkpassword = ( username, password ) => {
return new Promise( resolve => {
if ( username === 'root' ) {
db.getJSONData( 'rootAccount' ).then( account => {
bcrypt.compare( password, account.pass ).then( res => {
resolve( { 'status': res, 'twoFA': 'enhanced' } );
} );
} );
} else {
db.getDataSimple( 'admin', 'email', username ).then( data => {
if ( data ) {
if ( data[ 0 ] ) {
bcrypt.compare( password, data[ 0 ].pass ).then( res => {
resolve( { 'status': res, 'twoFA': data[ 0 ].two_fa } );
} );
} else {
resolve( false );
}
} else {
resolve( false );
}
} );
}
} );
};
module.exports.hashPassword = ( password ) => {
return new Promise( resolve => {
resolve( bcrypt.hashSync( password, 10 ) );
} );
};
src/server/admin/startPageManager.js
+67
View File
@@ -0,0 +1,67 @@
/*
* libreevent - startPageManager.js
*
* Created by Janis Hutz 09/04/2023, Licensed under the GPL V3 License
* https://janishutz.com, development@janishutz.com
*
*
*/
let createSSRApp = require( 'vue' ).createSSRApp;
let renderToString = require( 'vue/server-renderer' ).renderToString;
const fs = require( 'fs' );
const path = require( 'path' );
const db = require( '../backend/db/db.js' );
class StartPageManager {
constructor ( settings ) {
this.settings = settings;
}
saveStartPagePreferences( startPageName, preferences ) {
let conf = {};
for ( let setting in preferences ) {
conf[ setting ] = preferences[ setting ][ 'value' ];
}
fs.writeFileSync( path.join( __dirname + '/../ui/home/templates/' + startPageName + '/startPage.config.json' ), JSON.stringify( conf ) );
}
loadStartPagePreferences( startPageName ) {
let conf, options;
try {
options = JSON.parse( fs.readFileSync( path.join( __dirname + '/../ui/home/templates/' + startPageName + '/startPage.json' ) ) );
conf = JSON.parse( fs.readFileSync( path.join( __dirname + '/../ui/home/templates/' + startPageName + '/startPage.config.json' ) ) );
return { 'conf': conf, 'options': options };
} catch ( err ) {
return {};
}
}
findAllStartPageTemplates() {
return fs.readdirSync( path.join( __dirname + '/../ui/home/templates/' ) );
}
setActiveStartPage( startPageName ) {
this.settings[ 'startPage' ] = startPageName;
db.saveSettings( this.settings );
}
async renderStartPage( startPageName ) {
this.setActiveStartPage( startPageName );
let self = this;
const app = createSSRApp( {
data() {
return {
'data': self.loadStartPagePreferences( startPageName ),
'pageName': self.settings.pageName,
};
},
template: '' + fs.readFileSync( path.join( __dirname + '/../ui/home/templates/' + startPageName + '/index.html' ) )
} );
fs.writeFileSync( path.join( __dirname + '/../ui/home/active/en/index.html' ), await renderToString( app ) );
return true;
}
}
module.exports = StartPageManager;
src/server/admin/twoFAMail.html
+70
View File
@@ -0,0 +1,70 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Two-Factor Authentication</title>
<style>
body {
font-family: sans-serif;
width: 100%;
height: 800px;
margin: 0;
display: flex;
justify-content: center;
align-items: center;
flex-direction: column;
}
.content {
width: 80%;
height: 90%;
display: flex;
justify-content: center;
align-items: center;
flex-direction: column;
}
.ip {
color: rgb(94, 94, 94);
}
.logo {
width: 70vw;
}
.verify {
padding: 20px 30px;
background-color: rgb(0, 7, 87);
text-decoration: none;
color: white;
transition: 0.5s all;
border-radius: 5px;
margin-bottom: 20px;
}
.verify:hover {
background-color: rgb(0, 12, 139);
}
@media only screen and (min-width: 999px) {
.logo {
width: 20vw;
}
.content {
width: 40vw;
}
}
</style>
</head>
<body>
<div class="content">
<img :src="host + '/otherAssets/logo.png'" alt="Logo" class="logo">
<h1>Welcome back!</h1>
<p>It looks like someone is trying to sign in to your admin account at {{ pageName }}. If it was you, please click the button below to confirm the login. If not, please <a :href="host + '/admin/settings'">change</a> your password immediately or have it changed by the root account!</p>
<p class="ip">Logging in from IP {{ ip }}.</p>
<a :href="host + '/admin/2fa?token=' + token" class="verify">Verify</a>
</div>
</body>
</html>