move user mgmt to express (AJAX); redis session store

This commit is contained in:
Jörn-Michael Miehe 2018-12-16 02:40:01 +01:00
parent 19a1f628ca
commit 947790c55a
6 changed files with 88 additions and 69 deletions

View file

@ -14,3 +14,7 @@ services:
# - "${PWD}/fftcg.db:/app/fftcg.db" # - "${PWD}/fftcg.db:/app/fftcg.db"
ports: ports:
- "3000:3000" - "3000:3000"
redis:
image: redis:alpine
restart: "no"

22
inc/fftcgsession.coffee Normal file
View file

@ -0,0 +1,22 @@
# node libraries
expressSession = (require 'express-session')
RedisStore = require('connect-redis')(expressSession)
module.exports = (app) ->
session =
secret: 'keyboard cat'
store: new RedisStore
host: 'redis'
port: 6379
cookie:
httpOnly: true
sameSite: 'strict'
proxy: true
resave: true
saveUninitialized: true
if app.get 'env' == 'production'
app.set 'trust proxy', 1
session.cookie.secure = true
expressSession session

View file

@ -3,27 +3,16 @@ socketio = (require 'socket.io')
path = (require 'path') path = (require 'path')
# my libraries # my libraries
FFTCGDB = (require './fftcgdb')
FFTCGSOCKET = (http, dbfile, session) -> FFTCGSOCKET = (http, session) ->
that = @ that = @
# create server socket # create server socket
@io = socketio http @io = socketio http
@io.use session @io.use session
# open fftcg db
@db = new FFTCGDB dbfile
# on new connection # on new connection
@io.on 'connection', (socket) -> @io.on 'connection', (socket) ->
that.__connection socket
return
FFTCGSOCKET::__connection = (socket) ->
that = @
@session = socket.handshake.session @session = socket.handshake.session
console.log "session '#{@session.id}' connected" console.log "session '#{@session.id}' connected"
console.log "is user '#{@session.userID}'" if @session.userID console.log "is user '#{@session.userID}'" if @session.userID
@ -32,31 +21,7 @@ FFTCGSOCKET::__connection = (socket) ->
console.log "session '#{that.session.id}' disconnected" console.log "session '#{that.session.id}' disconnected"
console.log "is user '#{that.session.userID}'" if that.session.userID console.log "is user '#{that.session.userID}'" if that.session.userID
socket.on 'register', (login, password) -> return
that.__register login, password
socket.on 'login', (login, password) ->
that.__login login, password
FFTCGSOCKET::__login = (login, password) ->
that = @
console.log '__login:', login, password
@db.login login, password
.then (login) ->
that.session.userID = login
that.session.save()
console.log 'Login OK "%s"', login
.catch (err) ->
console.error 'error: "%s"', err
FFTCGSOCKET::__register = (login, password) ->
console.log '__register:', login, password
@db.register login, password
.then (login) ->
console.log 'registered "%s"', login
.catch (err) ->
console.error 'error: "%s"', err
FFTCGSOCKET::close = -> FFTCGSOCKET::close = ->
console.log '[FFTCGSOCKET] shutting down' console.log '[FFTCGSOCKET] shutting down'

View file

@ -41,7 +41,9 @@
"dependencies": { "dependencies": {
"bcrypt": "^3.0.2", "bcrypt": "^3.0.2",
"body-parser": "^1.18.3",
"coffeescript": "^2.3.2", "coffeescript": "^2.3.2",
"connect-redis": "^3.4.0",
"express": "^4.16.4", "express": "^4.16.4",
"express-session": "^1.15.6", "express-session": "^1.15.6",
"express-socket.io-session": "^1.3.5", "express-socket.io-session": "^1.3.5",

View file

@ -1,6 +1,6 @@
# node libraries # node libraries
bodyParser = (require 'body-parser')
express = (require 'express') express = (require 'express')
expressSession = (require 'express-session')
sharedSession = (require 'express-socket.io-session') sharedSession = (require 'express-socket.io-session')
helmet = (require 'helmet') helmet = (require 'helmet')
http = (require 'http') http = (require 'http')
@ -8,36 +8,60 @@ path = (require 'path')
# my libraries # my libraries
FFTCGSOCKET = (require './inc/fftcgsocket') FFTCGSOCKET = (require './inc/fftcgsocket')
FFTCGDB = (require './inc/fftcgdb')
FFTCGSESSION = (require './inc/fftcgsession')
# express framework # express framework
app = express() app = express()
app.use helmet() app.use helmet()
app.use bodyParser.urlencoded
extended: true
# sessions # sessions
session = sessionMiddleware = FFTCGSESSION(app)
secret: 'keyboard cat'
cookie:
httpOnly: true
sameSite: 'strict'
proxy: true
resave: true
saveUninitialized: true
if app.get 'env' == 'production'
app.set 'trust proxy', 1
session.cookie.secure = true
sessionMiddleware = expressSession session
app.use sessionMiddleware app.use sessionMiddleware
# open fftcg db
fftcgdb = new FFTCGDB path.resolve(__dirname, './fftcg.db')
app.post '/register', (req, res) ->
fftcgdb.register req.body.login, req.body.password
.then (userid) ->
console.log "registered '#{req.body.login}'"
res.json
status: 'ok'
uid: userid
text: req.body.login
.catch (err) ->
console.log "failed to register '#{req.body.login}'"
res.json
status: 'fail'
text: err
app.post '/login', (req, res) ->
fftcgdb.login req.body.login, req.body.password
.then (userid) ->
req.session.userID = userid
req.session.save()
console.log "logged in '#{req.body.login}'"
res.json
status: 'ok'
uid: userid
text: req.body.login
.catch (err) ->
console.log "failed to login '#{req.body.login}'"
res.json
status: 'fail'
text: err
# Static content # Static content
app.use express.static path.resolve(__dirname, 'public_html') app.use express.static path.resolve(__dirname, 'public_html')
# Templates # Templates
app.set 'view engine', 'pug' app.set 'view engine', 'pug'
app.get '/:template.html', (req, res) -> app.get '/:template.html', (req, res) ->
if req.session
console.log "logged in as '#{req.session.userID}'"
res.render (req.params.template + '.pug') res.render (req.params.template + '.pug')
# Create server # Create server
@ -46,11 +70,7 @@ web.listen 3000, ->
console.log '[FFTCG] Listening on port 3000 ...' console.log '[FFTCG] Listening on port 3000 ...'
# socket.io # socket.io
socket = new FFTCGSOCKET( socket = new FFTCGSOCKET web, sharedSession sessionMiddleware
web,
path.resolve(__dirname, 'fftcg.db'),
sharedSession sessionMiddleware
)
# Handle termination # Handle termination
process.on 'SIGINT', -> process.on 'SIGINT', ->

View file

@ -31,8 +31,11 @@ $ ->
password = $('input[name="password"]', @) password = $('input[name="password"]', @)
# transmit form data # transmit form data
socket.emit 'login', uname.val(), password.val() $.post '/login',
console.log 'emitted "login", "%s", "%s"', uname.val(), password.val() login: login.val()
password: password.val()
.done (data) ->
alert "#{data.status}, #{data.uid}, #{data.text}"
# reset form # reset form
@fullReset() @fullReset()
@ -51,8 +54,11 @@ $ ->
if password.val() == confirm.val() if password.val() == confirm.val()
# transmit form data # transmit form data
socket.emit 'register', uname.val(), password.val() $.post '/register',
console.log 'emitted "register", "%s", "%s"', uname.val(), password.val() login: login.val()
password: password.val()
.done (data) ->
alert "#{data.status}, #{data.uid}, #{data.text}"
# reset form # reset form
@fullReset() @fullReset()