Merge pull request 'Switch to using the actual database instead of bans.db' (#20) from bansdb into develop

Reviewed-on: #20
pull/21/head
knotteye 2021-01-10 12:34:19 -06:00
commit cccdc8838d
6 changed files with 59 additions and 23 deletions

8
package-lock.json generated
View File

@ -1,6 +1,6 @@
{ {
"name": "satyr", "name": "satyr",
"version": "0.10.1", "version": "0.10.2",
"lockfileVersion": 1, "lockfileVersion": 1,
"requires": true, "requires": true,
"dependencies": { "dependencies": {
@ -1110,9 +1110,9 @@
"integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==" "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ=="
}, },
"ini": { "ini": {
"version": "1.3.5", "version": "1.3.8",
"resolved": "https://registry.npmjs.org/ini/-/ini-1.3.5.tgz", "resolved": "https://registry.npmjs.org/ini/-/ini-1.3.8.tgz",
"integrity": "sha512-RZY5huIKCMRWDUqZlEi72f/lmXKMvuszcMBduliQ3nnWbx9X/ZBQO7DijMEYS9EhHBb2qacRUMtC7svLwe0lcw==" "integrity": "sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew=="
}, },
"ipaddr.js": { "ipaddr.js": {
"version": "1.9.0", "version": "1.9.0",

View File

@ -10,6 +10,7 @@
"setup": "sh install/setup.sh", "setup": "sh install/setup.sh",
"migrate": "ts-node src/migrate.ts", "migrate": "ts-node src/migrate.ts",
"invite": "ts-node src/cli.ts --invite", "invite": "ts-node src/cli.ts --invite",
"v3-manual": "ts-node src/v3manual.ts",
"make-templates": "nunjucks-precompile -i [\"\\.html$\",\"\\.njk$\"] templates > site/templates.js" "make-templates": "nunjucks-precompile -i [\"\\.html$\",\"\\.njk$\"] templates > site/templates.js"
}, },
"repository": { "repository": {

View File

@ -40,6 +40,7 @@ async function rmUser(name: string){
await query('delete from user_meta where username='+raw.escape(name)+' limit 1'); await query('delete from user_meta where username='+raw.escape(name)+' limit 1');
await query('delete from chat_integration where username='+raw.escape(name)+' limit 1'); await query('delete from chat_integration where username='+raw.escape(name)+' limit 1');
await query('delete from twitch_mirror where username='+raw.escape(name)+' limit 1'); await query('delete from twitch_mirror where username='+raw.escape(name)+' limit 1');
await query('delete from ch_bans where channel='+raw.escape(name));
return true; return true;
} }

21
src/db/3.ts Normal file
View File

@ -0,0 +1,21 @@
import * as db from "../database";
import * as dirty from "dirty";
async function run () {
await db.query('CREATE TABLE IF NOT EXISTS ch_bans(channel VARCHAR(25), target VARCHAR(45), time BIGINT, length INT DEFAULT 30)');
console.log('!!! This migration has a race condition when run from the `npm run migrate` command. If thats how this was called, please re-run this migration manually.\n!!! Run `npm run v3-manual` to do so');
var bansdb = new dirty('./config/bans.db')
bansdb.on('load', async () => {
bansdb.forEach(async (key, val) => {
let ips = Object.keys(val);
for(var i=0;i<ips.length;i++){
await db.query('INSERT INTO ch_bans (channel, target, time, length) VALUES ('+db.raw.escape(key)+', '+db.raw.escape(ips[i])+', '+val[ips[i]].time+', '+val[ips[i]].length+')');
}
});
await db.query('INSERT INTO db_meta (version) VALUES (3)');
console.log('Done migrating bans.db');
console.log('If this was a manual migration, you can kill the process now.');
});
}
export { run }

View File

@ -17,7 +17,6 @@ const app = express();
const server = http.createServer(app); const server = http.createServer(app);
const io = socketio(server); const io = socketio(server);
const store = dirty(); const store = dirty();
var banlist;
var jwkey; var jwkey;
try{ try{
jwkey = JWK.asKey(readFileSync('./config/jwt.pem')); jwkey = JWK.asKey(readFileSync('./config/jwt.pem'));
@ -77,7 +76,7 @@ async function init(){
else res.status(404).render('404.njk', njkconf); else res.status(404).render('404.njk', njkconf);
//res.status(404).render('404.njk', njkconf); //res.status(404).render('404.njk', njkconf);
}); });
banlist = new dirty('./config/bans.db').on('load', () => {initChat()}); await initChat();
server.listen(config['http']['port']); server.listen(config['http']['port']);
} }
@ -254,6 +253,7 @@ async function initAPI() {
api.register(req.body.username, req.body.password, req.body.confirm, true).then((result) => { api.register(req.body.username, req.body.password, req.body.confirm, true).then((result) => {
if(result[0]) return genToken(req.body.username).then((t) => { if(result[0]) return genToken(req.body.username).then((t) => {
res.cookie('Authorization', t, {maxAge: 604800000, httpOnly: true, sameSite: 'Lax'}); res.cookie('Authorization', t, {maxAge: 604800000, httpOnly: true, sameSite: 'Lax'});
res.cookie('X-Auth-As', req.body.username, {maxAge: 604800000, httpOnly: false, sameSite: 'Lax'})
res.json(result); res.json(result);
api.useInvite(req.body.invite); api.useInvite(req.body.invite);
return; return;
@ -268,6 +268,7 @@ async function initAPI() {
api.register(req.body.username, req.body.password, req.body.confirm).then( (result) => { api.register(req.body.username, req.body.password, req.body.confirm).then( (result) => {
if(result[0]) return genToken(req.body.username).then((t) => { if(result[0]) return genToken(req.body.username).then((t) => {
res.cookie('Authorization', t, {maxAge: 604800000, httpOnly: true, sameSite: 'Lax'}); res.cookie('Authorization', t, {maxAge: 604800000, httpOnly: true, sameSite: 'Lax'});
res.cookie('X-Auth-As', req.body.username, {maxAge: 604800000, httpOnly: false, sameSite: 'Lax'})
res.json(result); res.json(result);
return; return;
}); });
@ -589,9 +590,10 @@ async function initChat() {
socket.on('JOINROOM', async (data) => { socket.on('JOINROOM', async (data) => {
let t: any = await db.query('select username from users where username='+db.raw.escape(data)); let t: any = await db.query('select username from users where username='+db.raw.escape(data));
if(t[0]){ if(t[0]){
if(banlist.get(data) && banlist.get(data)[socket['handshake']['address']]){ let b = await db.query('select * from ch_bans where target='+db.raw.escape(socket['handshake']['address'])+' and channel='+db.raw.escape(data));
if(Math.floor(banlist.get(data)[socket['handshake']['address']]['time'] + (banlist.get(data)[socket['handshake']['address']]['length'] * 60)) < Math.floor(Date.now() / 1000)){ if(b[0]){
banlist.set(data, Object.assign({}, banlist.get(data), {[socket['handshake']['address']]: null})); if(Math.floor(b[0].time + (b[0].length * 60)) < Math.floor(Date.now() / 1000)){
await db.query('delete from ch_bans where target='+db.raw.escape(b[0].target)+'and channel='+db.raw.escape(b[0].channel)+' and time='+db.raw.escape(b[0].time)+' and length='+db.raw.escape(b[0].length));
} }
else { else {
socket.emit('ALERT', 'You are banned from that room'); socket.emit('ALERT', 'You are banned from that room');
@ -680,23 +682,27 @@ async function initChat() {
} }
else socket.emit('ALERT', 'Not authorized to do that.'); else socket.emit('ALERT', 'Not authorized to do that.');
}); });
socket.on('BAN', (data: Object) => { socket.on('BAN', async (data: Object) => {
if(socket.nick === data['room']){ if(socket.nick === data['room']){
let id: string = store.get(data['nick']); let id: string = store.get(data['nick']);
if(id){ if(id){
if(Array.isArray(id)) { if(Array.isArray(id)) {
for(let i=0;i<id.length;i++){ for(let i=0;i<id.length;i++){
let target = io.sockets.connected[id[i]]; let target = io.sockets.connected[id[i]];
if(typeof(data['time']) === 'number' && (data['time'] !== 0 && data['time'] !== NaN)) banlist.set(data['room'], Object.assign({}, banlist.get(data['room']), {[target.ip]: {time: Math.floor(Date.now() / 1000), length: data['time']}})); if(typeof(data['time']) === 'number' && (data['time'] !== 0 && data['time'] !== NaN))
else banlist.set(data['room'], Object.assign({}, banlist.get(data['room']), {[target.ip]: {time: Math.floor(Date.now() / 1000), length: 30}})); await db.query('insert into ch_bans (channel, target, time, length) VALUES ('+db.raw.escape(data['room'])+', '+db.raw.escape(target.ip)+', '+db.raw.escape(Math.floor(Date.now() / 1000))+', '+db.raw.escape(data['time'])+')');
else
await db.query('insert into ch_bans (channel, target, time, length) VALUES ('+db.raw.escape(data['room'])+', '+db.raw.escape(target.ip)+', '+db.raw.escape(Math.floor(Date.now() / 1000))+', '+db.raw.escape(30)+')');
target.leave(data['room']); target.leave(data['room']);
} }
io.to(data['room']).emit('ALERT', data['nick']+' was banned.'); io.to(data['room']).emit('ALERT', data['nick']+' was banned.');
return; return;
} }
let target = io.sockets.connected[id]; let target = io.sockets.connected[id];
if(typeof(data['time']) === 'number' && (data['time'] !== 0 && data['time'] !== NaN)) banlist.set(data['room'], Object.assign({}, banlist.get(data['room']), {[target.ip]: {time: Math.floor(Date.now() / 1000), length: data['time']}})); if(typeof(data['time']) === 'number' && (data['time'] !== 0 && data['time'] !== NaN))
else banlist.set(data['room'], Object.assign({}, banlist.get(data['room']), {[target.ip]: {time: Math.floor(Date.now() / 1000), length: 30}})); await db.query('insert into ch_bans (channel, target, time, length) VALUES ('+db.raw.escape(data['room'])+', '+db.raw.escape(target.ip)+', '+db.raw.escape(Math.floor(Date.now() / 1000))+', '+db.raw.escape(data['time'])+')');
else
await db.query('insert into ch_bans (channel, target, time, length) VALUES ('+db.raw.escape(data['room'])+', '+db.raw.escape(target.ip)+', '+db.raw.escape(Math.floor(Date.now() / 1000))+', '+db.raw.escape(30)+')');
target.leave(data['room']); target.leave(data['room']);
io.to(data['room']).emit('ALERT', target.nick+' was banned.'); io.to(data['room']).emit('ALERT', target.nick+' was banned.');
} }
@ -704,10 +710,11 @@ async function initChat() {
} }
else socket.emit('ALERT', 'Not authorized to do that.'); else socket.emit('ALERT', 'Not authorized to do that.');
}); });
socket.on('UNBAN', (data: Object) => { socket.on('UNBAN', async (data: Object) => {
if(socket.nick === data['room']){ if(socket.nick === data['room']){
if(banlist.get(data['room']) && banlist.get(data['room'])[data['ip']]){ let b = await db.query('select * from ch_bans where channel='+db.raw.escape(data['room'])+' and target='+db.raw.escape(data['ip']));
banlist.set(data['room'], Object.assign({}, banlist.get(data['room']), {[data['ip']]: null})); if(b[0]){
await db.query('delete from ch_bans where channel='+db.raw.escape(data['room'])+' and target='+db.raw.escape(data['ip']));
socket.emit('ALERT', data['ip']+' was unbanned.'); socket.emit('ALERT', data['ip']+' was unbanned.');
} }
else else
@ -715,13 +722,13 @@ async function initChat() {
} }
else socket.emit('ALERT', 'Not authorized to do that.'); else socket.emit('ALERT', 'Not authorized to do that.');
}); });
socket.on('LISTBAN', (data: Object) => { socket.on('LISTBAN', async (data: Object) => {
if(socket.nick === data['room']){ if(socket.nick === data['room']){
if(banlist.get(data['room'])) { let b = await db.query('select target from ch_bans where channel='+db.raw.escape(data['room']));
let bans = Object.keys(banlist.get(data['room'])); if(b[0]) {
let str = ''; let str = '';
for(let i=0;i<bans.length;i++){ for(let i=0;i<b.length;i++){
str += bans[i]+', '; str += b[i].target+', ';
} }
socket.emit('ALERT', 'Banned IP adresses: '+str.substring(0, str.length - 2)); socket.emit('ALERT', 'Banned IP adresses: '+str.substring(0, str.length - 2));
return; return;

6
src/v3manual.ts Normal file
View File

@ -0,0 +1,6 @@
import * as db from "./database";
async function main() {
await db.init();
await require('./db/3.ts').run();
}
main();