From ac58a612a3fe928793b77c592551fdd962b69064 Mon Sep 17 00:00:00 2001
From: Tyler Murphy <tylermurphy534@gmail.com>
Date: Sun, 29 Jan 2023 19:28:48 -0500
Subject: admin page

---
 public/admin.html    |  32 +++++++++++++
 public/css/admin.css | 133 +++++++++++++++++++++++++++++++++++++++++++++++++++
 public/favicon.ico   | Bin 0 -> 38078 bytes
 public/js/admin.js   |  59 +++++++++++++++++++++++
 public/js/api.js     |  24 ++++++++++
 public/login.html    |   2 +-
 6 files changed, 249 insertions(+), 1 deletion(-)
 create mode 100644 public/admin.html
 create mode 100644 public/css/admin.css
 create mode 100644 public/favicon.ico
 create mode 100644 public/js/admin.js

(limited to 'public')

diff --git a/public/admin.html b/public/admin.html
new file mode 100644
index 0000000..fe8e38b
--- /dev/null
+++ b/public/admin.html
@@ -0,0 +1,32 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <link rel="stylesheet" href="/css/main.css">
+    <link rel="stylesheet" href="/css/header.css">
+    <link rel="stylesheet" href="/css/admin.css">
+    <title>XSSBook - Admin Panel</title>
+</head>
+<body>
+    <script src="/js/api.js"></script>
+    <script src="/js/admin.js"></script>
+    <div id="header">
+        <span class="logo"><a href="/">xssbook</a></span>
+    </div>
+    <div id="login" class="hidden">
+        <span class="gtext desc">Admin Login</span>
+        <form autocomplete="off" onsubmit="auth(event)">
+            <input autocomplete="new-password" type="password" name="adminpassword" id="adminpassword" placeholder="Login Secret">
+        </form>
+    </div>
+    <div id="admin" class="hidden">
+        <div id="queryinput">
+            <input type="text" name="query" id="query" placeholder="SQL Query">
+            <button class="submit" onclick="submit()">Submit</button>
+            <button class="view" onclick="posts()">View Posts</button>
+            <button class="view" onclick="users()">View Users</button>
+            <button class="view" onclick="sessions()">View Sessions</button>
+        </div>
+        <table id="table"></table>
+    </div>
+</body>
\ No newline at end of file
diff --git a/public/css/admin.css b/public/css/admin.css
new file mode 100644
index 0000000..1b6e2ac
--- /dev/null
+++ b/public/css/admin.css
@@ -0,0 +1,133 @@
+body {
+    margin: 0;
+    padding: 0;
+    background-color: #181818;
+}
+
+#header {
+    background-color: #242424;
+}
+
+#login {
+    display: flex;
+    justify-content: center;
+    align-items: center;
+    width: 100vw;
+    height: 100vh;
+    flex-direction: column;
+}
+
+#error .logo {
+    font-size: 100px;
+}
+
+.desc {
+    font-size: 40px;
+}
+
+input {
+    flex: 0;
+    background-color: #242424;
+    color: white;
+    border: 1px solid #606770;
+}
+
+input:focus {
+    outline: none;
+}
+
+#admin {
+    margin: 1.75em;
+    margin-top: 5em;
+    width: calc(100vw - 1.75em * 2);
+    height: calc(100vh - 5em - 1.75em);
+    display: flex;
+    flex-direction: column;
+}
+
+#queryinput {
+    display: flexbox;
+    width: 100%;
+}
+
+#queryinput #query {
+    width: 50em;
+    margin: 0;
+}
+
+form {
+    width: 100%;
+    display: flex;
+    justify-content: center;
+    align-content: center;
+}
+
+#queryinput .submit, .view {
+    all: unset;
+    font-family: sfpro;
+    margin: 0;
+    padding: 10px 30px;
+    background-color: #3bd16f;
+    border-radius: 5px;
+    font-size: 18px;
+    margin-left: 2em;
+    cursor: pointer;
+    border: 1px solid #606770;
+}
+
+#queryinput .submit:active {
+    background-color: #30ab5a;
+}
+
+#queryinput .view {
+    background-color: #242424;
+    color: #707882;
+    border: 1px solid #606770;
+}
+
+#queryinput .view:active {
+    background-color: #181818;
+}
+
+table {
+    margin-top: 3em;
+    border-collapse: separate;
+    border-spacing: 15px;
+}
+
+th, td {
+    font-family: sfpro;
+    color: white;
+    padding: 20px;
+    border-radius: 10px;
+    background-color: #242424;
+    border-radius: 10px;
+}
+
+th {
+    font-family: sfprobold;
+}
+
+.value {
+    color: white;
+}
+
+.bool {
+    color:  aqua;
+}
+
+.null {
+    color: blue;
+}
+
+.number {
+    color: yellow;
+}
+
+.string {
+    color: #4ae04a
+}
+
+.key .string {
+    color: white;
+}
\ No newline at end of file
diff --git a/public/favicon.ico b/public/favicon.ico
new file mode 100644
index 0000000..e023946
Binary files /dev/null and b/public/favicon.ico differ
diff --git a/public/js/admin.js b/public/js/admin.js
new file mode 100644
index 0000000..e4364ec
--- /dev/null
+++ b/public/js/admin.js
@@ -0,0 +1,59 @@
+async function auth(event) {
+    event.preventDefault();
+    const text = event.target.elements.adminpassword.value;
+    const response = await adminauth(text);
+    if (response.status !== 200) {
+        alert(response.msg)
+    } else {
+        document.getElementById("admin").classList.remove("hidden")
+        document.getElementById("login").classList.add("hidden")
+    }
+    return false;
+}
+
+async function submit() {
+    let text = document.getElementById("query").value
+    let response = await adminquery(text)
+    alert(response.msg)
+}
+
+async function posts() {
+    let response = await adminposts();
+    if (response.status !== 200) {
+        alert(response.msg)
+        return
+    }
+    let table = document.getElementById("table")
+    table.innerHTML = response.msg
+}
+
+async function users() {
+    let response = await adminusers();
+    if (response.status !== 200) {
+        alert(response.msg)
+        return
+    }
+    let table = document.getElementById("table")
+    table.innerHTML = response.msg
+}
+
+async function sessions() {
+    let response = await adminsessions();
+    if (response.status !== 200) {
+        alert(response.msg)
+        return
+    }
+    let table = document.getElementById("table")
+    table.innerHTML = response.msg
+}
+
+async function load() {
+    let check = await admincheck();
+    if (check.msg === "true") {
+        document.getElementById("admin").classList.remove("hidden")
+    } else {
+        document.getElementById("login").classList.remove("hidden")
+    }
+}
+
+load()
\ No newline at end of file
diff --git a/public/js/api.js b/public/js/api.js
index 77adff7..9845be5 100644
--- a/public/js/api.js
+++ b/public/js/api.js
@@ -64,4 +64,28 @@ const postlike = async (post_id, state) => {
 
 const createpost = async (content) => {
     return await request('/posts/create', {content})
+}
+
+const adminauth = async (secret) => {
+    return await request('/admin/auth', {secret})
+}
+
+const admincheck = async () => {
+    return await request('/admin/check', {})
+}
+
+const adminquery = async (query) => {
+    return await request('/admin/query', {query})
+}
+
+const adminposts = async () => {
+    return await request('/admin/posts', {})
+}
+
+const adminusers = async () => {
+    return await request('/admin/users', {})
+}
+
+const adminsessions = async () => {
+    return await request('/admin/sessions', {})
 }
\ No newline at end of file
diff --git a/public/login.html b/public/login.html
index 97398f9..e0428b9 100644
--- a/public/login.html
+++ b/public/login.html
@@ -164,7 +164,7 @@
         </div>
     </div>
     <footer>
-        Metashit © 2023  |  This website does not care about you
+        Tyler Murphy © 2023  |  tylerm.dev
     </footer>
 </body>
 </html>
\ No newline at end of file
-- 
cgit v1.2.3-freya