diff --git a/.env.example b/.env.example index 8048631..3a850e3 100644 --- a/.env.example +++ b/.env.example @@ -1,2 +1,3 @@ MONGO_DB_URL = mongodb://localhost:27017/akf-forum -DISCORD_CLIENT = discord_app_id \ No newline at end of file +DISCORD_CLIENT = discord_app_id +SECRET = secret \ No newline at end of file diff --git a/index.js b/index.js index d000fdf..392fa05 100644 --- a/index.js +++ b/index.js @@ -1,8 +1,4 @@ -const { urlencoded: BP } = require('body-parser'), - { mw: IP } = require('request-ip'), - RL = require('express-rate-limit'), - SES = require('express-session'); - +require("dotenv").config(); const { def_theme, forum_name, description, limits, global_ratelimit: RLS, discord_auth, host } = require("./config.json"), { UserModel, BanModel } = require("./models"), @@ -10,19 +6,25 @@ const mongoose = require("mongoose"), express = require('express'), fs = require("fs"), - app = express(); + app = express(), + { urlencoded: BP } = require('body-parser'), + { mw: IP } = require('request-ip'), + RL = require('express-rate-limit'), + SES = require('express-session'), + MS = require("connect-mongo"), + DB = mongoose.connect(process.env.MONGO_DB_URL) + .then(async m => { + console.log("Database is connected with", (app.ips = await BanModel.find({})).length, "banned IPs"); + return m.connection.getClient() + }); app.ips = []; -require("dotenv").config(); -mongoose.connect(process.env.MONGO_DB_URL, - async () => console.log("Database is connected with", (app.ips = await BanModel.find({})).length, "banned IPs")); - app.set("view engine", "ejs"); app.set("limits", limits); -app.use(express.static("public"), express.json(), IP(), - SES({ secret: 'secret', resave: true, saveUninitialized: true }), +app.use(express.static("public"), express.json(), IP(), BP({ extended: true }), + SES({ secret: process.env.SECRET, store: MS.create({ clientPromise: DB, stringify: false }), resave: true, saveUninitialized: true }), async (req, res, next) => { if (app.ips.includes(req.clientIp)) return res.status(403).send("You are banned from this forum."); @@ -39,7 +41,7 @@ app.use(express.static("public"), express.json(), IP(), return res.error(403, "Your account has been deleted."); } next(); - }, BP({ extended: true }) + } ); if (discord_auth) diff --git a/package-lock.json b/package-lock.json index 54648bc..a4c86b5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -11,6 +11,7 @@ "dependencies": { "bcrypt": "^5.0.1", "body-parser": "^1.19.2", + "connect-mongo": "^4.6.0", "dotenv": "^16.0.1", "ejs": "^3.1.6", "express": "^4.18.1", @@ -161,6 +162,17 @@ "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz", "integrity": "sha512-PCVAQswWemu6UdxsDFFX/+gVeYqKAod3D3UVm91jHwynguOwAvYPhx8nNlM++NqRcK6CxxpUafjmhIdKiHibqg==" }, + "node_modules/asn1.js": { + "version": "5.4.1", + "resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-5.4.1.tgz", + "integrity": "sha512-+I//4cYPccV8LdmBLiX8CYvf9Sp3vQsrqu2QNXRcrbiWvcx/UdlFiqUJJzxRQxgsZmvhXhn4cSKeSmoFjVdupA==", + "dependencies": { + "bn.js": "^4.0.0", + "inherits": "^2.0.1", + "minimalistic-assert": "^1.0.0", + "safer-buffer": "^2.1.0" + } + }, "node_modules/async": { "version": "3.2.4", "resolved": "https://registry.npmjs.org/async/-/async-3.2.4.tgz", @@ -203,6 +215,11 @@ "node": ">= 10.0.0" } }, + "node_modules/bn.js": { + "version": "4.12.0", + "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz", + "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==" + }, "node_modules/body-parser": { "version": "1.20.0", "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.0.tgz", @@ -398,6 +415,42 @@ "safe-buffer": "~5.1.0" } }, + "node_modules/connect-mongo": { + "version": "4.6.0", + "resolved": "https://registry.npmjs.org/connect-mongo/-/connect-mongo-4.6.0.tgz", + "integrity": "sha512-8new4Z7NLP3CGP65Aw6ls3xDBeKVvHRSh39CXuDZTQsvpeeU9oNMzfFgvqmHqZ6gWpxIl663RyoVEmCAGf1yOg==", + "dependencies": { + "debug": "^4.3.1", + "kruptein": "^3.0.0" + }, + "engines": { + "node": ">=10" + }, + "peerDependencies": { + "mongodb": "^4.1.0" + } + }, + "node_modules/connect-mongo/node_modules/debug": { + "version": "4.3.4", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", + "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", + "dependencies": { + "ms": "2.1.2" + }, + "engines": { + "node": ">=6.0" + }, + "peerDependenciesMeta": { + "supports-color": { + "optional": true + } + } + }, + "node_modules/connect-mongo/node_modules/ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + }, "node_modules/console-control-strings": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/console-control-strings/-/console-control-strings-1.1.0.tgz", @@ -924,6 +977,17 @@ "resolved": "https://registry.npmjs.org/kareem/-/kareem-2.4.1.tgz", "integrity": "sha512-aJ9opVoXroQUPfovYP5kaj2lM7Jn02Gw13bL0lg9v0V7SaUc0qavPs0Eue7d2DcC3NjqI6QAUElXNsuZSeM+EA==" }, + "node_modules/kruptein": { + "version": "3.0.5", + "resolved": "https://registry.npmjs.org/kruptein/-/kruptein-3.0.5.tgz", + "integrity": "sha512-c1pyg/HKep8y5l+AoiicTs94k4bnzBSiS1b8NQcnQDtv9Yh45rNLuDIUwEwawmuFYpcA5xqhG7k0LqiMhrBPXw==", + "dependencies": { + "asn1.js": "^5.4.1" + }, + "engines": { + "node": ">8" + } + }, "node_modules/lru-cache": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", @@ -1014,6 +1078,11 @@ "node": ">= 0.6" } }, + "node_modules/minimalistic-assert": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz", + "integrity": "sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==" + }, "node_modules/minimatch": { "version": "3.1.2", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", @@ -1894,6 +1963,17 @@ "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz", "integrity": "sha512-PCVAQswWemu6UdxsDFFX/+gVeYqKAod3D3UVm91jHwynguOwAvYPhx8nNlM++NqRcK6CxxpUafjmhIdKiHibqg==" }, + "asn1.js": { + "version": "5.4.1", + "resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-5.4.1.tgz", + "integrity": "sha512-+I//4cYPccV8LdmBLiX8CYvf9Sp3vQsrqu2QNXRcrbiWvcx/UdlFiqUJJzxRQxgsZmvhXhn4cSKeSmoFjVdupA==", + "requires": { + "bn.js": "^4.0.0", + "inherits": "^2.0.1", + "minimalistic-assert": "^1.0.0", + "safer-buffer": "^2.1.0" + } + }, "async": { "version": "3.2.4", "resolved": "https://registry.npmjs.org/async/-/async-3.2.4.tgz", @@ -1918,6 +1998,11 @@ "node-addon-api": "^3.1.0" } }, + "bn.js": { + "version": "4.12.0", + "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz", + "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==" + }, "body-parser": { "version": "1.20.0", "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.0.tgz", @@ -2067,6 +2152,30 @@ } } }, + "connect-mongo": { + "version": "4.6.0", + "resolved": "https://registry.npmjs.org/connect-mongo/-/connect-mongo-4.6.0.tgz", + "integrity": "sha512-8new4Z7NLP3CGP65Aw6ls3xDBeKVvHRSh39CXuDZTQsvpeeU9oNMzfFgvqmHqZ6gWpxIl663RyoVEmCAGf1yOg==", + "requires": { + "debug": "^4.3.1", + "kruptein": "^3.0.0" + }, + "dependencies": { + "debug": { + "version": "4.3.4", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", + "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", + "requires": { + "ms": "2.1.2" + } + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + } + } + }, "console-control-strings": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/console-control-strings/-/console-control-strings-1.1.0.tgz", @@ -2466,6 +2575,14 @@ "resolved": "https://registry.npmjs.org/kareem/-/kareem-2.4.1.tgz", "integrity": "sha512-aJ9opVoXroQUPfovYP5kaj2lM7Jn02Gw13bL0lg9v0V7SaUc0qavPs0Eue7d2DcC3NjqI6QAUElXNsuZSeM+EA==" }, + "kruptein": { + "version": "3.0.5", + "resolved": "https://registry.npmjs.org/kruptein/-/kruptein-3.0.5.tgz", + "integrity": "sha512-c1pyg/HKep8y5l+AoiicTs94k4bnzBSiS1b8NQcnQDtv9Yh45rNLuDIUwEwawmuFYpcA5xqhG7k0LqiMhrBPXw==", + "requires": { + "asn1.js": "^5.4.1" + } + }, "lru-cache": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", @@ -2528,6 +2645,11 @@ "mime-db": "1.52.0" } }, + "minimalistic-assert": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz", + "integrity": "sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==" + }, "minimatch": { "version": "3.1.2", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", diff --git a/package.json b/package.json index 436e452..35bc1d1 100644 --- a/package.json +++ b/package.json @@ -27,6 +27,7 @@ "dependencies": { "bcrypt": "^5.0.1", "body-parser": "^1.19.2", + "connect-mongo": "^4.6.0", "dotenv": "^16.0.1", "ejs": "^3.1.6", "express": "^4.18.1", diff --git a/routes/discord_auth.js b/routes/discord_auth.js index 9f5c2cc..f22eb10 100644 --- a/routes/discord_auth.js +++ b/routes/discord_auth.js @@ -3,6 +3,9 @@ const { UserModel } = require("../models"); const fetch = require("node-fetch"); const app = Router(); +app.use(async (req, res, next) => + req.app.get("discord_auth") ? next() : res.error(404,"Discord auth is disabled") +) app.get("/hash", (req, res) => res.send('')) app.get("/", async (req, res) => { @@ -33,7 +36,7 @@ app.get("/", async (req, res) => { req.session.userID = forum.id; return res.redirect("/"); } - + let name = discord.username + discord.discriminator; while (await UserModel.findOne({ name })) name += Math.floor(Math.random() * 2);