removed reliance on dedicated tokens array

3 years ago · 089a530e3d
parent da262e5f17
commit 089a530e3d
3 changed files with 15 additions and 17 deletions
--- a/ass.js
+++ b/ass.js
@ -21,7 +21,7 @@ const { WebhookClient, MessageEmbed } = require('discord.js');
 const OpenGraph = require('./ogp');
 const Thumbnail = require('./thumbnails');
 const Vibrant = require('./vibrant');
-const { path, saveData, log, verify, generateToken, generateId, formatBytes, randomHexColour } = require('./utils');
+const { path, saveData, log, verify, generateToken, generateId, formatBytes, randomHexColour, arrayEquals } = require('./utils');
 //#endregion

 //#region Variables, module setup
@ -46,7 +46,6 @@ const storage = multer.diskStorage({
 });

 var upload = multer({ storage });
-var tokens = [];
 var users = {};
 var data = {};
 //#endregion
@ -63,20 +62,20 @@ function preStartup() {

 	// Make sure auth.json exists and generate the first key
 	if (!fs.existsSync(path('auth.json'))) {
-		tokens.push(generateToken());
-		fs.writeJsonSync(path('auth.json'), { tokens, users }, { spaces: 4 });
-		log(`File [auth.json] created\n!! Important: save this token in a secure spot: ${tokens[0]}\n`);
+		let token = generateToken();
+		users[token] = { username: 'ass', count: 0 };
+		fs.writeJsonSync(path('auth.json'), { users }, { spaces: 4 });
+		log(`File [auth.json] created\n!! Important: save this token in a secure spot: ${Object.keys(users)[0]}\n`);
 	} else log('File [auth.json] exists');

-	// Read tokens and data
-	tokens = fs.readJsonSync(path('auth.json')).tokens;
+	// Read users and data
 	users = fs.readJsonSync(path('auth.json')).users || {};
 	data = fs.readJsonSync(path('data.json'));
-	log('Tokens & data read from filesystem');
+	log('Users & data read from filesystem');

 	// Monitor auth.json for changes (triggered by running 'npm run new-token')
 	fs.watch(path('auth.json'), { persistent: false }, (eventType, _filename) => eventType === 'change' && fs.readJson(path('auth.json'))
-		.then((json) => (tokens.toString() != json.tokens.toString()) && (tokens = json.tokens) && (users = json.users) && log(`New token added: ${tokens[tokens.length - 1]}`))
+		.then((json) => !(arrayEquals(Object.keys(users), Object.keys(json.users))) && (users = json.users) && log(`New token added: ${Object.keys(users)[Object.keys(users).length - 1]}`))
 		.catch(console.error));

 	// Create thumbnails directory
@ -113,7 +112,7 @@ function startup() {
 	// Upload file
 	app.post('/', upload.single('file'), (req, res) => {
 		// Prevent uploads from unauthorized clients
-		if (!verify(req, tokens)) return res.sendStatus(401);
+		if (!verify(req, users)) return res.sendStatus(401);

 		// Load overrides
 		let trueDomain = getTrueDomain(req.headers["x-ass-domain"]);
@ -192,7 +191,7 @@ function startup() {
 							users[uploadToken] = { username, count: 0 };
 						}
 						users[uploadToken].count += 1;
-						fs.writeJsonSync(path('auth.json'), { tokens, users }, { spaces: 4 })
+						fs.writeJsonSync(path('auth.json'), { users }, { spaces: 4 })
 					});
 			});
 	});
@ -259,7 +258,7 @@ function startup() {
 		res.type('text').send('File has been deleted!');
 	})

-	app.listen(port, host, () => log(`Server started on [${host}:${port}]\nAuthorized tokens: ${tokens.length}\nAvailable files: ${Object.keys(data).length}`));
+	app.listen(port, host, () => log(`Server started on [${host}:${port}]\nAuthorized users: ${Object.keys(users).length}\nAvailable files: ${Object.keys(data).length}`));
 }

 function getTrueHttp() {
--- a/generators/token.js
+++ b/generators/token.js
@ -14,10 +14,8 @@ if (require.main === module) {

 	fs.readJson(authPath)
 		.then((auth) => {
-			auth.tokens.push(token);
-
 			// Generate the user
-			let username = process.argv[2] ? process.argv[2].replace(/[^\da-z]/gi, '').substring(0, MAX_USERNAME) : randomGen({ length: 20 });
+			let username = process.argv[2] ? process.argv[2].replace(/[^\da-z_]/gi, '').substring(0, MAX_USERNAME) : randomGen({ length: 20 });
 			if (!auth.users) auth.users = {};
 			if (Object.values(auth.users).findIndex((user) => user.username == username) != -1) {
 				console.log('Username already exists!');
--- a/utils.js
+++ b/utils.js
@ -21,7 +21,7 @@ module.exports = {
 	log: console.log,
 	path: (...paths) => Path.join(__dirname, ...paths),
 	saveData: (data) => fs.writeJsonSync(Path.join(__dirname, 'data.json'), data, { spaces: 4 }),
-	verify: (req, tokens) => req.headers.authorization && tokens.includes(req.headers.authorization),
+	verify: (req, users) => req.headers.authorization && users.hasOwnProperty(req.headers.authorization),
 	generateToken: () => token(),
 	generateId: (mode, length, gfyLength, originalName) => GENERATORS.has(mode) ? GENERATORS.get(mode)({ length, gfyLength }) : originalName,
 	formatBytes: (bytes, decimals = 2) => {
@ -36,5 +36,6 @@ module.exports = {
 		for (var i = 0; i < 6; i++)
 			colour += letters[(Math.floor(Math.random() * 16))];
 		return colour;
-	}
+	},
+	arrayEquals: (arr1, arr2) => arr1.length === arr2.length && arr1.slice().sort().every((value, index) => value === arr2.slice().sort()[index])
 }