diff --git a/.dockerignore b/.dockerignore index 712e87b..5460a86 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,8 +1,17 @@ +# node stuff node_modules npm-debug.log + +# big files **/*.xcf **/*.bundle.js +# docker stuff Dockerfile .dockerignore docker-compose.yml + +# container volumes +src +views +public_html diff --git a/docker-compose.yml b/docker-compose.yml index ce4ec78..b729c33 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -9,6 +9,6 @@ services: - "${PWD}/src:/app/src" - "${PWD}/views:/app/views:ro" - "${PWD}/public_html:/app/public_html" - - "${PWD}/fftcg.db:/app/fftcg.db" + # - "${PWD}/fftcg.db:/app/fftcg.db" ports: - "3000:3000" diff --git a/fftcg.db b/fftcg.db index 52522d0..b56f6e8 100644 Binary files a/fftcg.db and b/fftcg.db differ diff --git a/inc/fftcgdb.coffee b/inc/fftcgdb.coffee index 6b1f8fb..76b6422 100644 --- a/inc/fftcgdb.coffee +++ b/inc/fftcgdb.coffee @@ -2,38 +2,53 @@ bcrypt = (require 'bcrypt') sqlite3 = (require 'sqlite3').verbose() -FFTCGDB = - open: (filename) -> - @filename = filename +FFTCGDB = (filename) -> + @filename = filename - @db = new sqlite3.Database @filename, (err) -> - if err - console.error err.message - console.log 'Connected to', @filename + @db = new sqlite3.Database @filename, (err) -> + if err + console.error err.message - @db.run """ - CREATE TABLE IF NOT EXISTS users ( - nick text NOT NULL, - pwd text NOT NULL, - socket text - ); - """ + @db.run """ + CREATE TABLE IF NOT EXISTS users ( + login text NOT NULL, + nickname text, + pwd text NOT NULL, + socket text, + UNIQUE(login) + ); + """ + console.log 'Connected to', @filename + return - close: -> - db.close (err) -> - if err - console.error err.message - console.log 'Closed', @filename +FFTCGDB::close = -> + @db.close (err) -> + if err + console.error err.message + console.log 'Closed', @filename - adduser: (name, password) -> - saltRounds = 13 - that = @ +FFTCGDB::register = (login, password) -> + that = @ + # bruteforce countermeasure + saltRounds = 13 + new Promise (resolve, reject) -> + # validate username + login = login.toLowerCase() + # hash password bcrypt.hash password, saltRounds, (err, hash) -> - that.db.run "INSERT INTO users (nick, pwd) VALUES ('#{name}', '#{hash}');", (err, result) -> - if err - console.error err.message - console.log 'Result:', result + reject 'bcrypt fail' if err + # try creating row in users table + that.db.run "INSERT INTO users (login, pwd) VALUES ('#{login}', '#{hash}');", (err, result) -> + reject 'sqlite fail' if err + # registration successful + resolve login + +FFTCGDB::login = (login, password) -> + that = @ + + new Promise (resolve, reject) -> + module.exports = FFTCGDB diff --git a/server.coffee b/server.coffee index c47aa47..dc3765d 100644 --- a/server.coffee +++ b/server.coffee @@ -6,8 +6,9 @@ path = (require 'path') socketio = (require 'socket.io') # my libraries -fftcgdb = (require './inc/fftcgdb') -fftcgdb.open path.resolve(__dirname, 'fftcg.db') +FFTCGDB = (require './inc/fftcgdb') + +fftcgdb = new FFTCGDB path.resolve(__dirname, 'fftcg.db') # express + socket.io framework app = express() @@ -33,9 +34,21 @@ io.on 'connection', (socket) -> console.log 'a user disconnected' return + socket.on 'register', (login, password) -> + console.log 'message:', login, password + fftcgdb.register login, password + .then (login) -> + console.log 'registered "%s"', login + .catch (err) -> + console.error 'error: "%s"', err + socket.on 'login', (uname, password) -> console.log 'message:', uname, password - fftcgdb.adduser uname, password + fftcgdb.login uname, password + .then (login) -> + console.log 'Login OK "%s"', login + .catch (err) -> + console.error 'error: "%s"', err # Create server web.listen 3000, -> diff --git a/views/index.pug b/views/index.pug index be30e71..bee41f7 100644 --- a/views/index.pug +++ b/views/index.pug @@ -12,7 +12,7 @@ html h1 Hello World! h2 App under development, please don't send valuable data! - div.container + div.container.bg-light div.row div.col-md-6