From 947790c55aa38e24b8beb4afd3460d77d9ab3ec9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn-Michael=20Miehe?= Date: Sun, 16 Dec 2018 02:40:01 +0100 Subject: [PATCH] move user mgmt to express (AJAX); redis session store --- docker-compose.yml | 4 +++ inc/fftcgsession.coffee | 22 ++++++++++++++ inc/fftcgsocket.coffee | 51 ++++++-------------------------- package.json | 2 ++ server.coffee | 64 +++++++++++++++++++++++++++-------------- src/index.coffee | 14 ++++++--- 6 files changed, 88 insertions(+), 69 deletions(-) create mode 100644 inc/fftcgsession.coffee diff --git a/docker-compose.yml b/docker-compose.yml index 7376059..d77837d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -14,3 +14,7 @@ services: # - "${PWD}/fftcg.db:/app/fftcg.db" ports: - "3000:3000" + + redis: + image: redis:alpine + restart: "no" diff --git a/inc/fftcgsession.coffee b/inc/fftcgsession.coffee new file mode 100644 index 0000000..fc48414 --- /dev/null +++ b/inc/fftcgsession.coffee @@ -0,0 +1,22 @@ +# node libraries +expressSession = (require 'express-session') +RedisStore = require('connect-redis')(expressSession) + +module.exports = (app) -> + session = + secret: 'keyboard cat' + store: new RedisStore + host: 'redis' + port: 6379 + cookie: + httpOnly: true + sameSite: 'strict' + proxy: true + resave: true + saveUninitialized: true + + if app.get 'env' == 'production' + app.set 'trust proxy', 1 + session.cookie.secure = true + + expressSession session diff --git a/inc/fftcgsocket.coffee b/inc/fftcgsocket.coffee index e2320de..f5d7aee 100644 --- a/inc/fftcgsocket.coffee +++ b/inc/fftcgsocket.coffee @@ -3,61 +3,26 @@ socketio = (require 'socket.io') path = (require 'path') # my libraries -FFTCGDB = (require './fftcgdb') -FFTCGSOCKET = (http, dbfile, session) -> +FFTCGSOCKET = (http, session) -> that = @ # create server socket @io = socketio http @io.use session - # open fftcg db - @db = new FFTCGDB dbfile - # on new connection @io.on 'connection', (socket) -> - that.__connection socket + @session = socket.handshake.session + console.log "session '#{@session.id}' connected" + console.log "is user '#{@session.userID}'" if @session.userID + + socket.on 'disconnect', -> + console.log "session '#{that.session.id}' disconnected" + console.log "is user '#{that.session.userID}'" if that.session.userID return -FFTCGSOCKET::__connection = (socket) -> - that = @ - - @session = socket.handshake.session - console.log "session '#{@session.id}' connected" - console.log "is user '#{@session.userID}'" if @session.userID - - socket.on 'disconnect', -> - console.log "session '#{that.session.id}' disconnected" - console.log "is user '#{that.session.userID}'" if that.session.userID - - socket.on 'register', (login, password) -> - that.__register login, password - - socket.on 'login', (login, password) -> - that.__login login, password - -FFTCGSOCKET::__login = (login, password) -> - that = @ - - console.log '__login:', login, password - @db.login login, password - .then (login) -> - that.session.userID = login - that.session.save() - console.log 'Login OK "%s"', login - .catch (err) -> - console.error 'error: "%s"', err - -FFTCGSOCKET::__register = (login, password) -> - console.log '__register:', login, password - @db.register login, password - .then (login) -> - console.log 'registered "%s"', login - .catch (err) -> - console.error 'error: "%s"', err - FFTCGSOCKET::close = -> console.log '[FFTCGSOCKET] shutting down' if @db diff --git a/package.json b/package.json index bdf51a6..caf1445 100644 --- a/package.json +++ b/package.json @@ -41,7 +41,9 @@ "dependencies": { "bcrypt": "^3.0.2", + "body-parser": "^1.18.3", "coffeescript": "^2.3.2", + "connect-redis": "^3.4.0", "express": "^4.16.4", "express-session": "^1.15.6", "express-socket.io-session": "^1.3.5", diff --git a/server.coffee b/server.coffee index a6533bd..55da027 100644 --- a/server.coffee +++ b/server.coffee @@ -1,6 +1,6 @@ # node libraries +bodyParser = (require 'body-parser') express = (require 'express') -expressSession = (require 'express-session') sharedSession = (require 'express-socket.io-session') helmet = (require 'helmet') http = (require 'http') @@ -8,36 +8,60 @@ path = (require 'path') # my libraries FFTCGSOCKET = (require './inc/fftcgsocket') +FFTCGDB = (require './inc/fftcgdb') +FFTCGSESSION = (require './inc/fftcgsession') # express framework app = express() app.use helmet() +app.use bodyParser.urlencoded + extended: true # sessions -session = - secret: 'keyboard cat' - cookie: - httpOnly: true - sameSite: 'strict' - proxy: true - resave: true - saveUninitialized: true - -if app.get 'env' == 'production' - app.set 'trust proxy', 1 - session.cookie.secure = true - -sessionMiddleware = expressSession session +sessionMiddleware = FFTCGSESSION(app) app.use sessionMiddleware +# open fftcg db +fftcgdb = new FFTCGDB path.resolve(__dirname, './fftcg.db') + +app.post '/register', (req, res) -> + fftcgdb.register req.body.login, req.body.password + .then (userid) -> + console.log "registered '#{req.body.login}'" + res.json + status: 'ok' + uid: userid + text: req.body.login + .catch (err) -> + console.log "failed to register '#{req.body.login}'" + res.json + status: 'fail' + text: err + +app.post '/login', (req, res) -> + fftcgdb.login req.body.login, req.body.password + .then (userid) -> + req.session.userID = userid + req.session.save() + console.log "logged in '#{req.body.login}'" + res.json + status: 'ok' + uid: userid + text: req.body.login + .catch (err) -> + console.log "failed to login '#{req.body.login}'" + res.json + status: 'fail' + text: err + # Static content app.use express.static path.resolve(__dirname, 'public_html') - - # Templates app.set 'view engine', 'pug' app.get '/:template.html', (req, res) -> + if req.session + console.log "logged in as '#{req.session.userID}'" res.render (req.params.template + '.pug') # Create server @@ -46,11 +70,7 @@ web.listen 3000, -> console.log '[FFTCG] Listening on port 3000 ...' # socket.io -socket = new FFTCGSOCKET( - web, - path.resolve(__dirname, 'fftcg.db'), - sharedSession sessionMiddleware -) +socket = new FFTCGSOCKET web, sharedSession sessionMiddleware # Handle termination process.on 'SIGINT', -> diff --git a/src/index.coffee b/src/index.coffee index ee9d349..9461f00 100644 --- a/src/index.coffee +++ b/src/index.coffee @@ -31,8 +31,11 @@ $ -> password = $('input[name="password"]', @) # transmit form data - socket.emit 'login', uname.val(), password.val() - console.log 'emitted "login", "%s", "%s"', uname.val(), password.val() + $.post '/login', + login: login.val() + password: password.val() + .done (data) -> + alert "#{data.status}, #{data.uid}, #{data.text}" # reset form @fullReset() @@ -51,8 +54,11 @@ $ -> if password.val() == confirm.val() # transmit form data - socket.emit 'register', uname.val(), password.val() - console.log 'emitted "register", "%s", "%s"', uname.val(), password.val() + $.post '/register', + login: login.val() + password: password.val() + .done (data) -> + alert "#{data.status}, #{data.uid}, #{data.text}" # reset form @fullReset()