diff --git a/package-lock.json b/package-lock.json
index e9cd86e..19e3706 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -150,6 +150,16 @@
}
}
},
+ "@types/express-session": {
+ "version": "1.17.0",
+ "resolved": "https://registry.npmjs.org/@types/express-session/-/express-session-1.17.0.tgz",
+ "integrity": "sha512-OQEHeBFE1UhChVIBhRh9qElHUvTp4BzKKHxMDkGHT7WuYk5eL93hPG7D8YAIkoBSbhNEY0RjreF15zn+U0eLjA==",
+ "dev": true,
+ "requires": {
+ "@types/express": "*",
+ "@types/node": "*"
+ }
+ },
"@types/json-schema": {
"version": "7.0.6",
"resolved": "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.6.tgz",
@@ -613,6 +623,14 @@
"integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=",
"dev": true
},
+ "connect-mongo": {
+ "version": "3.2.0",
+ "resolved": "https://registry.npmjs.org/connect-mongo/-/connect-mongo-3.2.0.tgz",
+ "integrity": "sha512-0Mx88079Z20CG909wCFlR3UxhMYGg6Ibn1hkIje1hwsqOLWtL9HJV+XD0DAjUvQScK6WqY/FA8tSVQM9rR64Rw==",
+ "requires": {
+ "mongodb": "^3.1.0"
+ }
+ },
"content-disposition": {
"version": "0.5.3",
"resolved": "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.3.tgz",
@@ -959,6 +977,33 @@
"busboy": "^0.3.1"
}
},
+ "express-session": {
+ "version": "1.17.1",
+ "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.17.1.tgz",
+ "integrity": "sha512-UbHwgqjxQZJiWRTMyhvWGvjBQduGCSBDhhZXYenziMFjxst5rMV+aJZ6hKPHZnPyHGsrqRICxtX8jtEbm/z36Q==",
+ "requires": {
+ "cookie": "0.4.0",
+ "cookie-signature": "1.0.6",
+ "debug": "2.6.9",
+ "depd": "~2.0.0",
+ "on-headers": "~1.0.2",
+ "parseurl": "~1.3.3",
+ "safe-buffer": "5.2.0",
+ "uid-safe": "~2.1.5"
+ },
+ "dependencies": {
+ "depd": {
+ "version": "2.0.0",
+ "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz",
+ "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw=="
+ },
+ "safe-buffer": {
+ "version": "5.2.0",
+ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz",
+ "integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg=="
+ }
+ }
+ },
"fast-deep-equal": {
"version": "3.1.3",
"resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz",
@@ -1421,6 +1466,30 @@
"minimist": "^1.2.5"
}
},
+ "mongodb": {
+ "version": "3.6.2",
+ "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.6.2.tgz",
+ "integrity": "sha512-sSZOb04w3HcnrrXC82NEh/YGCmBuRgR+C1hZgmmv4L6dBz4BkRse6Y8/q/neXer9i95fKUBbFi4KgeceXmbsOA==",
+ "requires": {
+ "bl": "^2.2.1",
+ "bson": "^1.1.4",
+ "denque": "^1.4.1",
+ "require_optional": "^1.0.1",
+ "safe-buffer": "^5.1.2",
+ "saslprep": "^1.0.0"
+ },
+ "dependencies": {
+ "bl": {
+ "version": "2.2.1",
+ "resolved": "https://registry.npmjs.org/bl/-/bl-2.2.1.tgz",
+ "integrity": "sha512-6Pesp1w0DEX1N550i/uGV/TqucVL4AM/pgThFSN/Qq9si1/DF9aIHs1BxD8V/QU0HoeHO6cQRTAuYnLPKq1e4g==",
+ "requires": {
+ "readable-stream": "^2.3.5",
+ "safe-buffer": "^5.1.1"
+ }
+ }
+ }
+ },
"mongoose": {
"version": "5.10.2",
"resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.10.2.tgz",
@@ -1530,6 +1599,11 @@
"ee-first": "1.1.1"
}
},
+ "on-headers": {
+ "version": "1.0.2",
+ "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.0.2.tgz",
+ "integrity": "sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA=="
+ },
"once": {
"version": "1.4.0",
"resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz",
@@ -1641,6 +1715,11 @@
"resolved": "https://registry.npmjs.org/qs/-/qs-6.7.0.tgz",
"integrity": "sha512-VCdBRNFTX1fyE7Nb6FYoURo/SPe62QCaAyzJvUjwRaIsc+NePBEniHlvxFmmX56+HZphIGtV0XeCirBtpDrTyQ=="
},
+ "random-bytes": {
+ "version": "1.0.0",
+ "resolved": "https://registry.npmjs.org/random-bytes/-/random-bytes-1.0.0.tgz",
+ "integrity": "sha1-T2ih3Arli9P7lYSMMDJNt11kNgs="
+ },
"range-parser": {
"version": "1.2.1",
"resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz",
@@ -2010,6 +2089,14 @@
"resolved": "https://registry.npmjs.org/typescript/-/typescript-4.0.2.tgz",
"integrity": "sha512-e4ERvRV2wb+rRZ/IQeb3jm2VxBsirQLpQhdxplZ2MEzGvDkkMmPglecnNDfSUBivMjP93vRbngYYDQqQ/78bcQ=="
},
+ "uid-safe": {
+ "version": "2.1.5",
+ "resolved": "https://registry.npmjs.org/uid-safe/-/uid-safe-2.1.5.tgz",
+ "integrity": "sha512-KPHm4VL5dDXKz01UuEd88Df+KzynaohSL9fBh096KWAxSKZQDI2uBrVqtvRM4rwrIrRRKsdLNML/lnaaVSRioA==",
+ "requires": {
+ "random-bytes": "~1.0.0"
+ }
+ },
"unpipe": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz",
@@ -2034,6 +2121,11 @@
"resolved": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz",
"integrity": "sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM="
},
+ "uuid": {
+ "version": "8.3.1",
+ "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.1.tgz",
+ "integrity": "sha512-FOmRr+FmWEIG8uhZv6C2bTgEVXsHk08kE7mPlrBbEe+c3r9pjceVPgupIfNIhc4yx55H69OXANrUaSuu9eInKg=="
+ },
"v8-compile-cache": {
"version": "2.1.1",
"resolved": "https://registry.npmjs.org/v8-compile-cache/-/v8-compile-cache-2.1.1.tgz",
diff --git a/package.json b/package.json
index cbac83e..e8a8f15 100644
--- a/package.json
+++ b/package.json
@@ -14,16 +14,20 @@
"@types/express": "github:types/express",
"@types/mongoose": "^5.7.36",
"axios": "^0.20.0",
+ "connect-mongo": "^3.2.0",
"dotenv": "^8.2.0",
"express": "^4.17.1",
"express-fileupload": "^1.2.0",
+ "express-session": "^1.17.1",
"mongoose": "^5.10.2",
"mongoose-int32": "^0.4.1",
"node-stream-zip": "^1.11.3",
"typescript": "^4.0.2",
+ "uuid": "^8.3.1",
"winston": "^3.3.3"
},
"devDependencies": {
+ "@types/express-session": "^1.17.0",
"@typescript-eslint/eslint-plugin": "^4.0.1",
"@typescript-eslint/parser": "^4.0.1",
"eslint": "^7.8.1"
diff --git a/public/list.html b/public/list.html
index 258bb27..fe689c2 100644
--- a/public/list.html
+++ b/public/list.html
@@ -18,7 +18,7 @@
const el = document.getElementById('doc-list');
for (const doc of data) {
let p = document.createElement('p');
- p.innerHTML = `${doc.artist} - ${doc.title} by ${doc.credit} download`;
+ p.innerHTML = `${doc.artist} - ${doc.title} by ${doc.credit}\nuploaded by ${doc.uploader} ${doc.uploaderJSON.username}#${doc.uploaderJSON.discriminator}\ndownload`;
el.insertAdjacentElement('beforeend', p);
let charts = document.createElement('ul');
diff --git a/src/auth.ts b/src/auth.ts
index 61ba49d..5780721 100644
--- a/src/auth.ts
+++ b/src/auth.ts
@@ -1,3 +1,6 @@
+import { User } from './schema';
+import * as uuid from 'uuid';
+
const API_ENDPOINT = 'https://discord.com/api/v6';
const axios = require('axios').default;
@@ -28,7 +31,30 @@ export function run(app) {
authorization: `${postRes.data.token_type} ${postRes.data.access_token}`
}
});
- res.send(`hi ${userInfo.data.username}#${userInfo.data.discriminator}
`);
+
+ const users = await User.find({id: userInfo.id});
+ let userUuid = '';
+ if (users.length === 0) {
+ const newUser = new User({
+ id: userInfo.id,
+ createdAt: new Date(),
+
+ username: userInfo.data.username,
+ discriminator: userInfo.data.discriminator,
+ avatar: userInfo.data.avatar,
+
+ uuid: uuid.v4(),
+ });
+
+ userUuid = newUser.get('uuid');
+ newUser.save();
+ } else {
+ userUuid = users[0].get('uuid');
+ }
+
+ req.session!.discord = userInfo.data;
+ req.session!.uuid = userUuid;
+ res.send(`hi ${userInfo.data.username}#${userInfo.data.discriminator}
ur useruuid is ${userUuid}`);
} catch(err) {
res.send(`whoooops
${err}`);
}
diff --git a/src/index.ts b/src/index.ts
index b4cf6ee..9bc0964 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -3,9 +3,11 @@ import * as mongoose from 'mongoose';
import * as fs from 'fs';
import * as winston from 'winston';
import * as fileUpload from 'express-fileupload';
+import * as session from 'express-session';
+const MongoStore = require('connect-mongo')(session);
import * as format from './lib/format';
-import { File } from './schema';
+import { File, User } from './schema';
import * as upload from './upload';
import * as auth from './auth';
@@ -55,6 +57,18 @@ db.then(() => {
app.use(fileUpload({limits: { fileSize: 50 * 1024 * 1024 }}));
app.use(express.static('public', {extensions: ['html', 'htm']}));
app.use(express.static('storage', {extensions: ['zip']}));
+ app.use(session({
+ name: 'funnyuserdata',
+ secret: 'wenis',
+ store: new MongoStore({ mongooseConnection: mongoose.connection }),
+ cookie: {
+ maxAge: 1000 * 60 * 60 * 24 * 365 * 10, // 10 years
+ httpOnly: true,
+ sameSite: 'lax',
+ },
+ resave: false,
+ saveUninitialized: true
+ }));
app.use('/assets', express.static('assets'));
app.set('db', db);
@@ -65,7 +79,16 @@ db.then(() => {
auth.run(app);
app.get('/api/list', async (req, res) => { // only for testing
- const docs = await File.find({});
+ const files = await File.find({});
+
+ const docs = [];
+ for (const doc of files) {
+ const d = doc.toJSON();
+ const user = await User.find({uuid: d.uploader});
+ d.uploaderJSON = user[0].toJSON(); // this is built upon 20 layers of metajank and i despise it
+ docs.push(d);
+ }
+
// TODO: filter out _id and __v? possibly more
res.send(docs);
});
diff --git a/src/schema.ts b/src/schema.ts
index e902248..da7b4a2 100644
--- a/src/schema.ts
+++ b/src/schema.ts
@@ -88,7 +88,7 @@ export const File = mongoose.model('File', FileSchema);
const UserSchema = new Schema({ // this is pretty much just a discord user lol
id: String, // discord id, cus longass number
- createdAt: Number,
+ createdAt: Date,
// caching
username: {type: String, default: 'User'},
diff --git a/src/upload.ts b/src/upload.ts
index 1a57841..5718dcf 100644
--- a/src/upload.ts
+++ b/src/upload.ts
@@ -10,6 +10,8 @@ export function run(app) {
app.post('/api/upload', async (req, res) => { // only for testing, very abusable
if (!req.files) return res.status(400).send('No files were given');
+ if (!req.session.uuid) return res.status(401).send('Not authorized');
+
const file = req.files.file;
if (file.mimetype !== 'application/zip' && file.mimetype !== 'application/x-zip-compressed') return res.status(400).send('Invalid filetype');
@@ -42,6 +44,8 @@ export function run(app) {
}
chart.id = id + 1;
+ chart.uploader = req.session.uuid;
+
chart.createdAt = new Date();
fs.writeFile('./storage/files/' + (id + 1) + '.zip', file.data, (err) => {