From 06c9ab54111a2b7fbde02a00ca9519a36a15b430 Mon Sep 17 00:00:00 2001 From: Flummi Date: Thu, 18 Aug 2016 10:17:23 +0200 Subject: [PATCH] ip-whitelist --- src/main.js | 341 ++++++++++++++++++++++++++-------------------------- 1 file changed, 172 insertions(+), 169 deletions(-) diff --git a/src/main.js b/src/main.js index b1646be..c3d7f78 100644 --- a/src/main.js +++ b/src/main.js @@ -165,7 +165,7 @@ var loadUser = (cb) => { }).on('error', () => { cb(false); });; -} +}; var dl = (url, dest, cb) => { var request = (url.match(/^https/)?https:http).get(url, (response) => { // type:1=post,type:2=stfu @@ -231,178 +231,184 @@ var getCheckSum = (file, cbcs) => { // Webserver http.createServer((req, res) => { - var filePath = '.' + req.url; - var url = req.url.split("/")[1]; - if(filePath == './') - filePath = './index.html'; - var extname = String(path.extname(filePath)).toLowerCase(); - var contentType = 'text/html'; - var mimeTypes = { - '.html': 'text/html', - '.js': 'text/javascript', - '.css': 'text/css', - '.png': 'image/png', - '.jpg': 'image/jpg', - '.gif': 'image/gif', - '.mp3': 'audio/mpeg', - '.mp4': 'video/mp4', - '.webm': 'video/webm', - '.css': 'text/css', - '.ogg': 'audio/ogg' - }; - if(filePath == "./index.html") { // mainpage - var tpl = swig.compile(templates.index); - var data = { items: [] }; - sql.query("select * from `f0ck`.`items` order by `id` desc", (err, rows, fields) => { - rows.forEach((e,i,a) => { - data.items.push( e.id ); - }); - res.writeHead(200, { 'Content-Type': 'text/html' }); - res.end(tpl(data), 'utf-8'); - }); - } - else if(Number.isInteger(parseInt(url))) { // itempage - sql.query("select * from `f0ck`.`items` where `id` = ? limit 1; select `id` from `f0ck`.`items` where `id` = (select min(`id`) from `f0ck`.`items` where `id` > ?); select `id` from `f0ck`.`items` where `id` = (select max(`id`) from `f0ck`.`items` where `id` < ?)", [url, url, url], (err, rows, fields) => { - var tpl = swig.compile(templates.item); - var data = { - id: '', - username: '', - item: '', - src: '', - dest: '', - mime: '', - size: '', - userchannel: '', - usernetwork: '', - next: null, - prev: null - }; - if(rows[0].length) { - var e = rows[0][0]; - switch(e.mime) { - case "image/png": - case "image/jpeg": - case "image/gif": - data.item = 'image'; - break; - case "video/webm": - case "video/mp4": - data.item = 'video'; - break; - case "audio/mpeg": - case "audio/ogg": - data.item = 'audio'; - break; - } - data.id = e.id; - data.username = e.username; - data.src = e.src; - data.dest = e.dest; - data.mime = e.mime; - data.size = formatSize(e.size); - data.userchannel = e.userchannel; - data.usernetwork = e.usernetwork; - - if(rows[1].length) - data.next = rows[1][0].id; - if(rows[2].length) - data.prev = rows[2][0].id; - } - res.writeHead(200, { 'Content-Type': 'text/html' }); - res.end(tpl(data), 'utf-8'); - }); - } - else if(filePath == "./random") { - sql.query("select `id` from `f0ck`.`items` order by rand() limit 1", (err, rows, fields) => { - res.writeHead(301, { - 'Cache-Control': 'no-cache, public', - 'Location': '/' + rows[0].id - }); - res.end(); - }); - } - else if(filePath == "./how") { - var tpl = swig.compile(templates.how); - res.writeHead(200, { 'Content-Type': 'text/html' }); - res.end(tpl(), 'utf-8'); - } - else if(filePath == "./contact") { - var tpl = swig.compile(templates.contact); - res.writeHead(200, { 'Content-Type': 'text/html' }); - res.end(tpl(), 'utf-8'); - } - else if(filePath == "./scripts") { - var tpl = swig.compile(templates.scripts); - res.writeHead(200, { 'Content-Type': 'text/html' }); - res.end(tpl(), 'utf-8'); - } - else if(filePath.match(/^\.\/(b|s|t)\/.*/)) { // file - contentType = mimeTypes[extname]; - switch(contentType) { - case "video/webm": - case "video/mp4": - case "audio/mpeg": - case "audio/ogg": - var start = 0; - var end = 0; - var range = req.headers['range']; - var stat = fs.statSync(filePath); - if(range != null) { - start = parseInt(range.slice(range.indexOf('bytes=')+6, range.indexOf('-'))); - end = parseInt(range.slice(range.indexOf('-')+1, range.length)); - } - if(isNaN(end) || end == 0) end = stat.size-1; - if(start > end) return; - res.writeHead(206, { - 'Connection':'close', - 'Content-Type':contentType, - 'Content-Length':end - start, - 'Content-Range':'bytes '+start+'-'+end+'/'+stat.size, - 'Transfer-Encoding':'chunked' + if(cfg.wlip.hasOwnProperty(req.connection.remoteAddress)) { + var filePath = '.' + req.url; + var url = req.url.split("/")[1]; + if(filePath == './') + filePath = './index.html'; + var extname = String(path.extname(filePath)).toLowerCase(); + var contentType = 'text/html'; + var mimeTypes = { + '.html': 'text/html', + '.js': 'text/javascript', + '.css': 'text/css', + '.png': 'image/png', + '.jpg': 'image/jpg', + '.gif': 'image/gif', + '.mp3': 'audio/mpeg', + '.mp4': 'video/mp4', + '.webm': 'video/webm', + '.css': 'text/css', + '.ogg': 'audio/ogg' + }; + if(filePath == "./index.html") { // mainpage + var tpl = swig.compile(templates.index); + var data = { items: [] }; + sql.query("select * from `f0ck`.`items` order by `id` desc", (err, rows, fields) => { + rows.forEach((e,i,a) => { + data.items.push( e.id ); }); - var stream = fs.createReadStream(filePath, { flags: 'r', start: start, end: end}); - stream.pipe(res); - break; - default: - fs.readFile(filePath, (error, content) => { - if(error) { - if(error.code == 'ENOENT') { - res.writeHead(200, { 'Content-Type': contentType }); - res.end('404 - f0ck you', 'utf-8'); + res.writeHead(200, { 'Content-Type': 'text/html' }); + res.end(tpl(data), 'utf-8'); + }); + } + else if(Number.isInteger(parseInt(url))) { // itempage + sql.query("select * from `f0ck`.`items` where `id` = ? limit 1; select `id` from `f0ck`.`items` where `id` = (select min(`id`) from `f0ck`.`items` where `id` > ?); select `id` from `f0ck`.`items` where `id` = (select max(`id`) from `f0ck`.`items` where `id` < ?)", [url, url, url], (err, rows, fields) => { + var tpl = swig.compile(templates.item); + var data = { + id: '', + username: '', + item: '', + src: '', + dest: '', + mime: '', + size: '', + userchannel: '', + usernetwork: '', + next: null, + prev: null + }; + if(rows[0].length) { + var e = rows[0][0]; + switch(e.mime) { + case "image/png": + case "image/jpeg": + case "image/gif": + data.item = 'image'; + break; + case "video/webm": + case "video/mp4": + data.item = 'video'; + break; + case "audio/mpeg": + case "audio/ogg": + data.item = 'audio'; + break; + } + data.id = e.id; + data.username = e.username; + data.src = e.src; + data.dest = e.dest; + data.mime = e.mime; + data.size = formatSize(e.size); + data.userchannel = e.userchannel; + data.usernetwork = e.usernetwork; + + if(rows[1].length) + data.next = rows[1][0].id; + if(rows[2].length) + data.prev = rows[2][0].id; + } + res.writeHead(200, { 'Content-Type': 'text/html' }); + res.end(tpl(data), 'utf-8'); + }); + } + else if(filePath == "./random") { + sql.query("select `id` from `f0ck`.`items` order by rand() limit 1", (err, rows, fields) => { + res.writeHead(301, { + 'Cache-Control': 'no-cache, public', + 'Location': '/' + rows[0].id + }); + res.end(); + }); + } + else if(filePath == "./how") { + var tpl = swig.compile(templates.how); + res.writeHead(200, { 'Content-Type': 'text/html' }); + res.end(tpl(), 'utf-8'); + } + else if(filePath == "./contact") { + var tpl = swig.compile(templates.contact); + res.writeHead(200, { 'Content-Type': 'text/html' }); + res.end(tpl(), 'utf-8'); + } + else if(filePath == "./scripts") { + var tpl = swig.compile(templates.scripts); + res.writeHead(200, { 'Content-Type': 'text/html' }); + res.end(tpl(), 'utf-8'); + } + else if(filePath.match(/^\.\/(b|s|t)\/.*/)) { // file + contentType = mimeTypes[extname]; + switch(contentType) { + case "video/webm": + case "video/mp4": + case "audio/mpeg": + case "audio/ogg": + var start = 0; + var end = 0; + var range = req.headers['range']; + var stat = fs.statSync(filePath); + if(range != null) { + start = parseInt(range.slice(range.indexOf('bytes=')+6, range.indexOf('-'))); + end = parseInt(range.slice(range.indexOf('-')+1, range.length)); + } + if(isNaN(end) || end == 0) end = stat.size-1; + if(start > end) return; + res.writeHead(206, { + 'Connection':'close', + 'Content-Type':contentType, + 'Content-Length':end - start, + 'Content-Range':'bytes '+start+'-'+end+'/'+stat.size, + 'Transfer-Encoding':'chunked' + }); + var stream = fs.createReadStream(filePath, { flags: 'r', start: start, end: end}); + stream.pipe(res); + break; + default: + fs.readFile(filePath, (error, content) => { + if(error) { + if(error.code == 'ENOENT') { + res.writeHead(200, { 'Content-Type': contentType }); + res.end('404 - f0ck you', 'utf-8'); + } + else { + res.writeHead(500); + res.end('Sorry, check with the site admin for error: '+error.code+' ..\n'); + res.end(); + } } else { - res.writeHead(500); - res.end('Sorry, check with the site admin for error: '+error.code+' ..\n'); - res.end(); + res.writeHead(200, { 'Content-Type': contentType, 'Content-Length': content.length, 'Cache-Control': 'max-age=2592000, public' }); + res.end(content, 'utf-8'); } + }); + break; + } + fs.readFile(filePath, (error, content) => { + if(error) { + if(error.code == 'ENOENT') { + res.writeHead(200, { 'Content-Type': contentType }); + res.end('404 - f0ck you', 'utf-8'); } else { - res.writeHead(200, { 'Content-Type': contentType, 'Content-Length': content.length, 'Cache-Control': 'max-age=2592000, public' }); - res.end(content, 'utf-8'); + res.writeHead(500); + res.end('Sorry, check with the site admin for error: '+error.code+' ..\n'); + res.end(); } - }); - break; - } - fs.readFile(filePath, (error, content) => { - if(error) { - if(error.code == 'ENOENT') { - res.writeHead(200, { 'Content-Type': contentType }); - res.end('404 - f0ck you', 'utf-8'); } else { - res.writeHead(500); - res.end('Sorry, check with the site admin for error: '+error.code+' ..\n'); - res.end(); + } - } - else { - - } - }); + }); + } + else { // errorpage + res.writeHead(404); + res.end('404 - f0ck you', 'utf-8'); + } } - else { // errorpage - res.writeHead(404); - res.end('404 - f0ck you', 'utf-8'); + else { + res.writeHead(403); + res.end('403 - forbidden'); } }).listen(cfg.webserver.port); @@ -415,12 +421,6 @@ var getTpls = () => { "scripts": fs.readFileSync("./s/scripts.tpl.html", "utf-8") }; }; -getTpls(); - -// Thumbnailbackgroundworker - -setInterval(()=>{generateThumbs();}, 60000); // 1 minute -setTimeout(()=>{generateThumbs();}, 5000); // 5 seconds (start) var generateThumbs = () => { var outdir = './t/'; @@ -441,4 +441,7 @@ var generateThumbs = () => { }); }; -loadUser((cb)=>{}); \ No newline at end of file +loadUser((cb)=>{ + console.log((cb)?"Admins wurden geladen":"Admins konnten nicht geladen werden"); +}); +getTpls(); \ No newline at end of file