freya/xssbook
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
xssbook/index.js
Tyler Murphy cf7e1653cb switch to auto reload console
2023-01-22 16:34:07 -05:00

96 lines
2.4 KiB
JavaScript
Raw Blame History

const express = require('express')
const cookie = require('cookie-parser')
const app = express()
const port = 8080
app.set('trust proxy', true)
app.use(cookie())
app.use(express.json());
app.use(express.static('public'))
const database = require('./src/database.js')
const con = require('./src/console.js')
const api = require('./src/api.js')
app.use((req, res, next) => {
var ip = req.headers['x-real-ip'] || req.connection.remoteAddress;
if (req.path !== '/console') {
const public = { ... req.body }
if (public.password !== undefined) {
public.password = '********'
}
console.log(ip, req.method, req.path, public)
con.requests.push({ip: ip, method: req.method, path: req.path, body: public})
}
next()
})
app.get('/', (req, res) => {
const cookies = req.cookies;
if (cookies === undefined || cookies.auth === undefined) {
res.redirect('/login')
return
}
const user = database.auth(req.cookies.auth)
if (user === undefined) {
res.redirect('/login')
return
}
res.redirect('/home')
})
app.get('/login', (req, res) => {
const cookies = req.cookies;
if (cookies === undefined || cookies.auth === undefined) {
res.sendFile('login.html', { root: './public' })
return
}
const user = database.auth(req.cookies.auth)
if (user === undefined) {
res.sendFile('login.html', { root: './public' })
return
}
res.redirect('/home')
})
app.get('/home', (req, res) => {
const cookies = req.cookies;
if (cookies === undefined || cookies.auth === undefined) {
res.redirect('/login')
return
}
const user = database.auth(req.cookies.auth)
if (user === undefined) {
res.redirect('/login')
return
}
res.sendFile('home.html', { root: './public' })
})
app.get('/people', (req, res) => {
res.sendFile('people.html', { root: './public' })
})
app.get('/profile', (req, res) => {
res.sendFile('profile.html', { root: './public' })
})
app.use('/api', api);
app.use('/console', con.router);
app.use((req, res, next) => {
res.status(404).sendFile('404.html', { root: './public' })
})
app.use((err, req, res, next) => {
if (err instanceof SyntaxError && err.status === 400 && 'body' in err) {
res.status(400).send({msg: 'Invalid json body'})
return
}
console.error(err)
res.status(500).send({msg: 'Internal server error'})
})
app.listen(port, () => {
console.log(`App listening on port http://127.0.0.1:${port}`)
})
Reference in a new issue View git blame Copy permalink