fix line endings
This commit is contained in:
anarch3
parent
b261b4fc4b
commit
4bcacd4d7c
3 changed files with 103 additions and 101 deletions
2
.gitignore
vendored
2
.gitignore
vendored
|
|
@ -8,3 +8,5 @@ npm-debug.log*
|
||||||
|
|
||||||
# Mac OS X
|
# Mac OS X
|
||||||
.DS_Store
|
.DS_Store
|
||||||
|
|
||||||
|
.vscode
|
||||||
66
db.js
66
db.js
|
|
@ -1,33 +1,33 @@
|
||||||
const sqlite3 = require("sqlite3");
|
const sqlite3 = require("sqlite3");
|
||||||
const mkdirp = require("mkdirp");
|
const mkdirp = require("mkdirp");
|
||||||
const crypto = require("crypto");
|
const crypto = require("crypto");
|
||||||
|
|
||||||
mkdirp.sync("./var/db");
|
mkdirp.sync("./var/db");
|
||||||
|
|
||||||
let db = new sqlite3.Database("./var/db/media.db");
|
let db = new sqlite3.Database("./var/db/media.db");
|
||||||
|
|
||||||
db.serialize(function() {
|
db.serialize(function() {
|
||||||
// create the database schema for the todos app
|
// create the database schema for the todos app
|
||||||
db.run("CREATE TABLE IF NOT EXISTS users ( \
|
db.run("CREATE TABLE IF NOT EXISTS users ( \
|
||||||
id INTEGER PRIMARY KEY, \
|
id INTEGER PRIMARY KEY, \
|
||||||
username TEXT UNIQUE, \
|
username TEXT UNIQUE, \
|
||||||
hashed_password BLOB, \
|
hashed_password BLOB, \
|
||||||
salt BLOB \
|
salt BLOB \
|
||||||
)");
|
)");
|
||||||
|
|
||||||
db.run("CREATE TABLE IF NOT EXISTS media ( \
|
db.run("CREATE TABLE IF NOT EXISTS media ( \
|
||||||
id INTEGER PRIMARY KEY, \
|
id INTEGER PRIMARY KEY, \
|
||||||
path TEXT NOT NULL, \
|
path TEXT NOT NULL, \
|
||||||
expire INTEGER \
|
expire INTEGER \
|
||||||
)");
|
)");
|
||||||
|
|
||||||
// create an initial user (username: alice, password: letmein)
|
// create an initial user (username: alice, password: letmein)
|
||||||
var salt = crypto.randomBytes(16);
|
var salt = crypto.randomBytes(16);
|
||||||
db.run("INSERT OR IGNORE INTO users (username, hashed_password, salt) VALUES (?, ?, ?)", [
|
db.run("INSERT OR IGNORE INTO users (username, hashed_password, salt) VALUES (?, ?, ?)", [
|
||||||
"admin",
|
"admin",
|
||||||
crypto.pbkdf2Sync(process.env.EBPASS || "changeme", salt, 310000, 32, "sha256"),
|
crypto.pbkdf2Sync(process.env.EBPASS || "changeme", salt, 310000, 32, "sha256"),
|
||||||
salt
|
salt
|
||||||
]);
|
]);
|
||||||
});
|
});
|
||||||
|
|
||||||
module.exports = db;
|
module.exports = db;
|
||||||
|
|
|
||||||
136
routes/auth.js
136
routes/auth.js
|
|
@ -1,68 +1,68 @@
|
||||||
let crypto = require("crypto");
|
let crypto = require("crypto");
|
||||||
let express = require("express");
|
let express = require("express");
|
||||||
let passport = require("passport");
|
let passport = require("passport");
|
||||||
let LocalStrategy = require("passport-local");
|
let LocalStrategy = require("passport-local");
|
||||||
|
|
||||||
let db = require("../db");
|
let db = require("../db");
|
||||||
|
|
||||||
let router = express.Router();
|
let router = express.Router();
|
||||||
|
|
||||||
passport.use(new LocalStrategy(function verify(username, password, cb) {
|
passport.use(new LocalStrategy(function verify(username, password, cb) {
|
||||||
db.get("SELECT * FROM users WHERE username = ?", [username], function(err, row) {
|
db.get("SELECT * FROM users WHERE username = ?", [username], function(err, row) {
|
||||||
if (err) {
|
if (err) {
|
||||||
return cb(err);
|
return cb(err);
|
||||||
}
|
}
|
||||||
if (!row) {
|
if (!row) {
|
||||||
return cb(null, false, {
|
return cb(null, false, {
|
||||||
message: "Incorrect username or password."
|
message: "Incorrect username or password."
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
crypto.pbkdf2(password, row.salt, 310000, 32, "sha256", function(err, hashedPassword) {
|
crypto.pbkdf2(password, row.salt, 310000, 32, "sha256", function(err, hashedPassword) {
|
||||||
if (err) {
|
if (err) {
|
||||||
return cb(err);
|
return cb(err);
|
||||||
}
|
}
|
||||||
if (!crypto.timingSafeEqual(row.hashed_password, hashedPassword)) {
|
if (!crypto.timingSafeEqual(row.hashed_password, hashedPassword)) {
|
||||||
return cb(null, false, {
|
return cb(null, false, {
|
||||||
message: "Incorrect username or password."
|
message: "Incorrect username or password."
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
return cb(null, row);
|
return cb(null, row);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
}));
|
}));
|
||||||
|
|
||||||
passport.serializeUser(function(user, cb) {
|
passport.serializeUser(function(user, cb) {
|
||||||
process.nextTick(function() {
|
process.nextTick(function() {
|
||||||
cb(null, {
|
cb(null, {
|
||||||
id: user.id,
|
id: user.id,
|
||||||
username: user.username
|
username: user.username
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
passport.deserializeUser(function(user, cb) {
|
passport.deserializeUser(function(user, cb) {
|
||||||
process.nextTick(function() {
|
process.nextTick(function() {
|
||||||
return cb(null, user);
|
return cb(null, user);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
router.get("/login", function(req, res) {
|
router.get("/login", function(req, res) {
|
||||||
res.render("login");
|
res.render("login");
|
||||||
});
|
});
|
||||||
|
|
||||||
router.post("/login/password", passport.authenticate("local", {
|
router.post("/login/password", passport.authenticate("local", {
|
||||||
successRedirect: "/",
|
successRedirect: "/",
|
||||||
failureRedirect: "/login"
|
failureRedirect: "/login"
|
||||||
}));
|
}));
|
||||||
|
|
||||||
router.post("/logout", function(req, res, next) {
|
router.post("/logout", function(req, res, next) {
|
||||||
req.logout(function(err) {
|
req.logout(function(err) {
|
||||||
if (err) {
|
if (err) {
|
||||||
return next(err);
|
return next(err);
|
||||||
}
|
}
|
||||||
res.redirect("/");
|
res.redirect("/");
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
module.exports = router;
|
module.exports = router;
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue