Select Git revision
hyperdrive-rest.js
Forked from
Développement Web Avancé / 2019_TP2
Source project has a limited visibility.
hyperdrive-rest.js 6.06 KiB
const CryptoJS = require("crypto-js")
const express = require('express')
const app = express()
const port = 8080
const sql = require('./sql-request');
///// JWT part /////
var valid_tokens = [];
String.prototype.hashCode = function() {
var hash = 0, i, chr;
if (this.length === 0) return hash;
for (i = 0; i < this.length; i++) {
chr = this.charCodeAt(i);
hash = ((hash << 5) - hash) + chr;
hash |= 0; // Convert to 32bit integer
}
return hash;
};
function tob64(elem){
return Buffer.from(elem.toString()).toString('base64').slice(0, -2);
}
function Header(typ, alg){
this.typ = typ;
this.alg = alg;
this.toString = function(){ return "{" + this.typ + "," + this.alg + "}"};
}
function Payload(user, pass_enc){
this.user = user;
this.pass_enc = pass_enc;
this.toString = function(){ return "{" + this.user + "," + this.pass_enc + "}"};
}
function Signature(token){
const secret = "our super hyperdrive secret";
return CryptoJS.HmacSHA512(token, secret);
}
function JWT(pl_user, pl_pass){
this.header = new Header("jwt", "HS512");
this.payload = new Payload(pl_user, pl_pass.hashCode());
token = tob64(this.header) + "." + tob64(this.payload);
signature = new Signature("token");
this.signedToken = token + "." + signature;
}
function add_token(token) {
if (valid_tokens.indexOf(token) === -1) {
valid_tokens.push(token.toString());
}
else {
console.log("Unable to add token to valid_tokens. (token already present)");
}
}
function remove_token(token) {
if (valid_tokens.indexOf(token) != -1) {
var index = valid_tokens.indexOf(token);
valid_tokens.splice(index, 1);
}
else {
console.log("Unable to remove token from valid_tokens. (Token not present)");
}
}
function verify_token(token) {
return (valid_tokens.indexOf(token) !== -1);
}
///// End JWT part /////
app.get('/', (req, res) => {
res.sendFile(__dirname + '/front/index.html');
});
/* Login
* param : pseudo
* param : password
*/
// resCode : [ 0: User now logged in, 1: False password, 2: Invalid username, 3: Empty user or pass ]
app.get('/login', (req, res) => {
const user = req.query['user'];
const pass = req.query['pass'];
userObject = sql.userExist(user, pass);
if (!user || !pass) {
res.send({
"route": "/login",
"resCode": 4,
"comment": "Please enter a username and a password."
})
}
else{
// mock for a SQL query
users = {
"noe": { "pass_enc": "my_pass".hashCode() },
"nicolas" : { "pass_enc": "your_pass".hashCode() }
}
/*
More like this :
{
login: "a",
passwd: "test"
}
*/
if (user in users){
if (users[user].pass_enc == pass.hashCode()) {
jwt = new JWT(user, pass);
res.send({
"route": "/login",
"resCode": 0,
"signedToken": jwt.signedToken,
"comment": `Password for user '${ user }' true.`
})
add_token(jwt.signedToken);
}
else {
res.send({
"route": "/login",
"resCode": 1,
"comment": `Password for user '${ user }' false.`
})
}
}
else {
res.send({
"route": "/login",
"resCode": 2,
"comment": `Username '${ user }' don't exist.`
})
}
}
})
// resCode : [ 0: Token is valid, 1: Token is not valid, 3: Empty token ]
app.get('/testmytoken', (req, res) => {
token = req.query['token'];
if (!token) {
res.send({
"resCode": 3,
"comment": "Please enter a token."
})
}
if (verify_token(token)){
res.send({
"resCode": 0,
"comment": "Your token is valid."
})
}
else {
res.send({
"resCode": 1,
"comment": "Your token is not valid."
})
}
})
// resCode : [ 0: Logout ok, 1: Already logged out, 3: Empty token ]
app.get('/logout/', (req, res) => {
token = req.query['token'];
if (!token) {
res.send({
"resCode": 3,
"comment": "Please enter a token."
})
}
else {
if (verify_token(token)){
remove_token(token);
res.send({
"resCode": 0,
"comment": "Your are now logged out."
})
}
else {
res.send({
"resCode": 1,
"comment": "Your are already logged out."
})
}
}
})
/**
* Request register
* param : pseudo
* param : password
*/
app.get('/register/', (req, res) => {
sql.addUser(req.query['login'], req.query['pass']);
res.send(`Request for a register (${req.query['login']}, ${req.query['pass']})`);
})
/**
* Request to share a file with a user
* param : file_id
* param : user1
* param : user2
* user1 share a file_id with user2
*/
app.get('/share/:file_id', (req, res) => {
res.send(`Request for a file sharing (id: ${req.params['file_id']})`)
})
/**
* Request to upload a file
*/
app.get('/upload/', (req, res) => {
res.send(`Request for an upload (${req.query['file']})`)
})
app.get('/download/:file_id', (req, res) => {
res.send(`Request for a download (${req.params['file_id']})`)
})
/**
* This function return the content of a new path
* param
*/
app.get('/change-path*', (req, res) => {
content = sql.changeDirectory('a', req.params['0'],
(content) => {
res.send(content);
});
// res.send(`Request for a change path (${req.params['0']})`)
})
app.get('/create-path*', (req, res) => {
res.send(`Request for a create path (${req.params['0']})`)
})
app.use(express.static('front'));
app.listen(port, () => console.log(`Hyperdrive listening on port ${port}!`))