freya/xssbook
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
xssbook/index.js

135 lines
2.6 KiB
JavaScript
Raw Permalink Normal View History

login page
2023-01-20 04:50:15 +00:00
const express = require('express')
const app = express()
i changed a lot of shit
2023-01-24 02:40:41 +00:00
const cache = require('./src/cache')
const con = require('./src/console')
const auth = require('./src/api/auth')
const pages = require('./src/api/pages')
const posts = require('./src/api/posts')
const users = require('./src/api/users')
login page
2023-01-20 04:50:15 +00:00
finish
2023-01-22 19:41:39 +00:00
app.set('trust proxy', true)
login page
2023-01-20 04:50:15 +00:00
app.use(express.static('public'))
i changed a lot of shit
2023-01-24 02:40:41 +00:00
app.use(require('cookie-parser')())
app.use(express.json());
login page
2023-01-20 04:50:15 +00:00
console
2023-01-22 21:00:31 +00:00
finish
2023-01-22 19:41:39 +00:00
app.use((req, res, next) => {
i changed a lot of shit
2023-01-24 02:40:41 +00:00
var ip = req.headers['x-real-ip'] || req.socket.remoteAddress;
if (req.path !== '/console') {
let body = { ...req.body }
if (body.password !== undefined) {
body.password = '********'
}
con.log(
ip,
req.method,
req.path,
body
)
switch to auto reload console
2023-01-22 21:34:07 +00:00
}
finish
2023-01-22 19:41:39 +00:00
i changed a lot of shit
2023-01-24 02:40:41 +00:00
next()
finish
2023-01-22 19:41:39 +00:00
})
login page
2023-01-20 04:50:15 +00:00
i changed a lot of shit
2023-01-24 02:40:41 +00:00
app.use((req, res, next) => {
if (req.path.startsWith('/api/auth')) {
next()
return
}
const cookies = req.cookies
if (cookies === undefined || cookies.auth === undefined) {
if (req.method !== 'GET' && req.path.startsWith('/api')) {
res.status(401).send({msg: 'Unauthorized'})
return
}
next()
return
}
const user = cache.auth(req.cookies.auth)
if (user !== undefined) {
res.locals.user = user
} else if (req.method !== 'GET' && req.path.startsWith('/api')) {
res.status(401).send({msg: 'Unauthorized'})
return
}
next()
more shit
2023-01-20 17:26:51 +00:00
})
i changed a lot of shit
2023-01-24 02:40:41 +00:00
app.use('/api/auth', auth)
app.use('/api/posts', posts)
app.use('/api/users', users)
app.use('/', pages)
app.get('/console', (req, res) => {
res.send(con.render())
start backend
2023-01-21 14:08:22 +00:00
})
finish
2023-01-22 19:41:39 +00:00
more shit
2023-01-20 17:26:51 +00:00
app.use((req, res, next) => {
i changed a lot of shit
2023-01-24 02:40:41 +00:00
res.status(404).sendFile('404.html', { root: './public' })
more shit
2023-01-20 17:26:51 +00:00
})
i changed a lot of shit
2023-01-24 02:40:41 +00:00
finish
2023-01-22 19:41:39 +00:00
app.use((err, req, res, next) => {
i changed a lot of shit
2023-01-24 02:40:41 +00:00
if (err instanceof SyntaxError && err.status === 400 && 'body' in err) {
res.status(400).send({ msg: 'Invalid json body' })
return
}
console.error(err)
res.status(500).send({ msg: 'Internal server error' })
})
const cron = require('node-cron').schedule('*/5 * * * *', () => {
con.msg('Writing cache to database')
cache.dump()
finish
2023-01-22 19:41:39 +00:00
})
i changed a lot of shit
2023-01-24 02:40:41 +00:00
const port = 8080
const server = app.listen(port, () => {
console.log(`App listening on port http://127.0.0.1:${port}`)
})
const close = () => {
console.log('Writing cache to database')
cache.dump()
console.log('Stopping cron jobs')
cron.stop()
server.close(() => {
console.log('HTTP server closed')
})
}
process.on('SIGINT', close)
process.on('SIGTERM', close)
process.on('SIGQUIT', close)
Reference in a new issue Copy permalink