hardlounge/src/server.js

258 lines
5.7 KiB
JavaScript
Raw Normal View History

var _ = require("lodash");
var pkg = require("../package.json");
2014-10-03 09:57:35 +00:00
var bcrypt = require("bcrypt-nodejs");
var Client = require("./client");
var ClientManager = require("./clientManager");
2014-09-26 22:12:53 +00:00
var express = require("express");
var fs = require("fs");
var io = require("socket.io");
2016-04-03 05:12:49 +00:00
var dns = require("dns");
var Helper = require("./helper");
2014-10-03 23:33:44 +00:00
var config = {};
2016-04-26 20:41:08 +00:00
var manager = null;
2014-10-11 12:35:28 +00:00
module.exports = function(options) {
2016-04-26 20:41:08 +00:00
manager = new ClientManager();
2014-10-03 23:33:44 +00:00
config = Helper.getConfig();
2014-10-11 12:35:28 +00:00
config = _.extend(config, options);
2014-09-26 22:12:53 +00:00
var app = express()
.use(allRequests)
.use(index)
2014-10-03 23:33:44 +00:00
.use(express.static("client"));
2014-09-26 23:26:21 +00:00
var server = null;
var https = config.https || {};
var protocol = https.enable ? "https" : "http";
2014-10-11 12:35:28 +00:00
var port = config.port;
var host = config.host;
2016-03-19 16:48:36 +00:00
var transports = config.transports || ["polling", "websocket"];
2014-09-26 23:26:21 +00:00
if (!https.enable) {
2014-09-26 23:26:21 +00:00
server = require("http");
server = server.createServer(app).listen(port, host);
} else {
2016-03-09 12:04:05 +00:00
server = require("spdy");
2014-09-26 23:26:21 +00:00
server = server.createServer({
key: fs.readFileSync(Helper.expandHome(https.key)),
cert: fs.readFileSync(Helper.expandHome(https.certificate))
2015-09-30 22:39:57 +00:00
}, app).listen(port, host);
2014-09-26 23:26:21 +00:00
}
2014-10-11 17:33:28 +00:00
if ((config.identd || {}).enable) {
if (manager.identHandler) {
log.warn("Using both identd and oidentd at the same time!");
}
2014-10-11 17:33:28 +00:00
require("./identd").start(config.identd.port);
}
var sockets = io(server, {
transports: transports
});
sockets.on("connect", function(socket) {
if (config.public) {
auth.call(socket);
} else {
init(socket);
}
});
2014-09-24 22:23:54 +00:00
manager.sockets = sockets;
log.info("The Lounge v" + pkg.version + " is now running on", protocol + "://" + config.host + ":" + config.port + "/");
2016-04-26 10:51:11 +00:00
log.info("Press ctrl-c to stop\n");
if (!config.public) {
2014-09-24 22:23:54 +00:00
manager.loadUsers();
if (config.autoload) {
manager.autoload();
}
}
};
2016-04-03 05:12:49 +00:00
function getClientIp(req) {
if (!config.reverseProxy) {
return req.connection.remoteAddress;
} else {
return req.headers["x-forwarded-for"] || req.connection.remoteAddress;
}
}
function allRequests(req, res, next) {
res.setHeader("X-Content-Type-Options", "nosniff");
return next();
}
function index(req, res, next) {
if (req.url.split("?")[0] !== "/") {
return next();
}
return fs.readFile("client/index.html", "utf-8", function(err, file) {
var data = _.merge(
pkg,
config
);
2016-02-14 17:09:51 +00:00
var template = _.template(file);
res.setHeader("Content-Security-Policy", "default-src *; style-src * 'unsafe-inline'; script-src 'self'; child-src 'none'; object-src 'none'; form-action 'none'; referrer no-referrer;");
res.setHeader("Content-Type", "text/html");
res.writeHead(200);
2016-02-14 17:09:51 +00:00
res.end(template(data));
});
}
2016-05-31 21:28:31 +00:00
function init(socket, client) {
if (!client) {
socket.emit("auth");
socket.on("auth", auth);
} else {
socket.on(
"input",
function(data) {
2014-09-09 19:31:23 +00:00
client.input(data);
}
);
socket.on(
2014-09-10 19:23:56 +00:00
"more",
function(data) {
2014-09-10 19:23:56 +00:00
client.more(data);
}
);
socket.on(
"conn",
function(data) {
2016-04-03 05:12:49 +00:00
// prevent people from overriding webirc settings
data.ip = null;
data.hostname = null;
client.connect(data);
}
);
if (!config.public) {
socket.on(
"change-password",
function(data) {
var old = data.old_password;
var p1 = data.new_password;
var p2 = data.verify_password;
if (typeof p1 === "undefined" || p1 === "") {
socket.emit("change-password", {
error: "Please enter a new password"
});
return;
}
if (p1 !== p2) {
socket.emit("change-password", {
error: "Both new password fields must match"
});
return;
}
if (!bcrypt.compareSync(old || "", client.config.password)) {
socket.emit("change-password", {
error: "The current password field does not match your account password"
});
return;
}
2016-05-31 21:28:31 +00:00
var salt = bcrypt.genSaltSync(8);
var hash = bcrypt.hashSync(p1, salt);
2016-05-31 21:28:31 +00:00
client.setPassword(hash, function(success) {
var obj = {};
if (success) {
obj.success = "Successfully updated your password, all your other sessions were logged out";
obj.token = client.config.token;
} else {
obj.error = "Failed to update your password";
}
socket.emit("change-password", obj);
});
}
);
}
socket.on(
"open",
function(data) {
client.open(data);
}
2014-09-24 19:42:36 +00:00
);
socket.on(
"sort",
function(data) {
client.sort(data);
}
);
socket.on(
"names",
function(data) {
client.names(data);
}
);
socket.join(client.id);
socket.emit("init", {
active: client.activeChannel,
2014-09-15 21:13:03 +00:00
networks: client.networks,
2016-05-31 21:28:31 +00:00
token: client.config.token
});
}
}
2016-05-31 21:28:31 +00:00
function reverseDnsLookup(socket, client) {
2016-04-03 05:12:49 +00:00
client.ip = getClientIp(socket.request);
dns.reverse(client.ip, function(err, host) {
if (!err && host.length) {
client.hostname = host[0];
} else {
client.hostname = client.ip;
}
2016-05-31 21:28:31 +00:00
init(socket, client);
2016-04-03 05:12:49 +00:00
});
}
function auth(data) {
var socket = this;
if (config.public) {
var client = new Client(manager);
manager.clients.push(client);
socket.on("disconnect", function() {
manager.clients = _.without(manager.clients, client);
client.quit();
});
2016-04-03 05:12:49 +00:00
if (config.webirc) {
reverseDnsLookup(socket, client);
} else {
init(socket, client);
}
} else {
2014-09-11 20:37:16 +00:00
var success = false;
_.each(manager.clients, function(client) {
2014-09-15 21:13:03 +00:00
if (data.token) {
2016-05-31 21:28:31 +00:00
if (data.token === client.config.token) {
2014-09-15 21:13:03 +00:00
success = true;
}
2015-09-30 22:39:57 +00:00
} else if (client.config.user === data.user) {
2014-09-14 19:13:34 +00:00
if (bcrypt.compareSync(data.password || "", client.config.password)) {
2014-09-11 20:37:16 +00:00
success = true;
}
}
2014-09-15 21:13:03 +00:00
if (success) {
2016-04-03 05:12:49 +00:00
if (config.webirc !== null && !client.config["ip"]) {
2016-05-31 21:28:31 +00:00
reverseDnsLookup(socket, client);
2016-04-03 05:12:49 +00:00
} else {
2016-05-31 21:28:31 +00:00
init(socket, client);
2016-04-03 05:12:49 +00:00
}
2014-09-16 17:42:49 +00:00
return false;
2014-09-15 21:13:03 +00:00
}
});
if (!success) {
2014-10-08 20:16:10 +00:00
socket.emit("auth");
}
}
}