jrtechs
/
jrtechs-HomeBrewPlex
mirror of https://github.com/jrtechs/HomeBrewPlex.git
1
0
Fork 0
Code Issues 0 Releases 1 Wiki Activity
Lightweight node app to use in place of plex to self host your video and movie collections. Running on just under 50MB of ram this is ideal for people looking to host videos on minimal hardware.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
17 Commits
1 Branch
187 KiB
Tree: 2314f8c836
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2314f8c836'
${ noResults }
jrtechs-HomeBrewPlex/user.js

212 lines
5.7 KiB
Raw Normal View History

Got a basic web page working with a login screen.
5 years ago
Updated system to keep track of administrator privileges and api keys for users.
5 years ago
Got a basic web page working with a login screen.
5 years ago
Updated system to keep track of administrator privileges and api keys for users.
5 years ago
Added functionality to view a video by using the user's api key.
5 years ago
Updated system to keep track of administrator privileges and api keys for users.
5 years ago
Updated site so non-admin users can edit their own profiles.
5 years ago
Revoke api key functionality added.
5 years ago
Got a basic web page working with a login screen.
5 years ago
Updated system to keep track of administrator privileges and api keys for users.
5 years ago
Got a basic web page working with a login screen.
5 years ago
Updated system to keep track of administrator privileges and api keys for users.
5 years ago
Got a basic web page working with a login screen.
5 years ago
Updated system to keep track of administrator privileges and api keys for users.
5 years ago
Got a basic web page working with a login screen.
5 years ago
Updated system to keep track of administrator privileges and api keys for users.
5 years ago
Implemented basic user manipulation functionality.
5 years ago
Got a basic web page working with a login screen.
5 years ago
Updated system to keep track of administrator privileges and api keys for users.
5 years ago
Got a basic web page working with a login screen.
5 years ago
Updated system to keep track of administrator privileges and api keys for users.
5 years ago
Got a basic web page working with a login screen.
5 years ago
Updated site so non-admin users can edit their own profiles.
5 years ago
Got a basic web page working with a login screen.
5 years ago
Updated site so non-admin users can edit their own profiles.
5 years ago
Got a basic web page working with a login screen.
5 years ago
Updated system to keep track of administrator privileges and api keys for users.
5 years ago
Got a basic web page working with a login screen.
5 years ago
Updated system to keep track of administrator privileges and api keys for users.
5 years ago
Got a basic web page working with a login screen.
5 years ago
 
  1. /** Crypto package used for hashing */
  2. const crypto = require('crypto');
  3. 

  4. /**
  5.  * Helper function to generate a hashed password
  6.  * from a given plain text password.
  7.  *
  8.  * This uses 64 bits of entropy as the random salt
  9.  * and uses sha256 hashing method to hash the password
  10.  * combined with the salt.
  11.  *
  12.  * @param password
  13.  * @returns {Object pass: hashedPassword, salt: salt used to hash}
  14.  */
  15. const createHashedPasswordObject = function(password)
  16. {
  17.     const randBuff = crypto.randomBytes(64);
  18. 

  19.     const salt = crypto.createHash('sha256').update(randBuff).digest('hex');
  20. 

  21.     const hashPass = hashPassword(password, salt);
  22. 

  23.     var hashPassObject = new Object();
  24.     hashPassObject.pass = hashPass;
  25.     hashPassObject.salt = salt;
  26.     return hashPassObject;
  27. };
  28. 

  29. 

  30. const generateRandomAPIKey = function()
  31. {
  32.     const randBuff = crypto.randomBytes(64);
  33.     return crypto.createHash('sha256').update(randBuff).digest('hex');
  34. };
  35. 

  36. 

  37. /**
  38.  * Hashes a pasword with a aprticular salt
  39.  * using the crypto library
  40.  *
  41.  * @param password
  42.  * @param salt
  43.  */
  44. const hashPassword = function(password, salt)
  45. {
  46.     return crypto.createHash('sha256')
  47.         .update(password + salt)
  48.         .digest('hex');
  49. };
  50. 

  51. /**
  52.  * Fetches the index of the user in the configuration. If the
  53.  * user does not exists a -1 is returned.
  54.  */
  55. const getIndexOfUser = function(username, configuration)
  56. {
  57.     for(var i = 0; i < configuration.users.length; i++)
  58.     {
  59.         if (username === configuration.users[i].username)
  60.         {
  61.             if(username === configuration.users[i].username)
  62.             {
  63.                 return i;
  64.             }
  65.         }
  66.     }
  67.     return -1;
  68. };
  69. 

  70. 

  71. module.exports =
  72.     {
  73. 

  74.         isValidAPI: function(apiKey, configuration)
  75.         {
  76.             for(var i = 0; i < configuration.users.length; i++)
  77.             {
  78.                 if(configuration.users[i].api === apiKey)
  79.                 {
  80.                     return true;
  81.                 }
  82.             }
  83.             return false;
  84.         },
  85. 

  86.         isAdmin: function(username, configuration)
  87.         {
  88.             var index = getIndexOfUser(username, configuration);
  89. 

  90.             if(index !== -1)
  91.             {
  92.                 return configuration.users[index].admin;
  93.             }
  94.             return false;
  95.         },
  96. 

  97. 

  98.         getID: function(username, configuration)
  99.         {
  100.             var index = getIndexOfUser(username, configuration);
  101.             return configuration.users[index].id;
  102.         },
  103. 

  104. 

  105.         revokeAPI: function(username, configuration)
  106.         {
  107.             var index = getIndexOfUser(username, configuration);
  108. 

  109.             if(index !== -1)
  110.             {
  111.                 configuration.users[index].api = generateRandomAPIKey();
  112.             }
  113.         },
  114. 

  115. 

  116.         getAPIKEY: function(username, configuration)
  117.         {
  118.             var index = getIndexOfUser(username, configuration);
  119.             if(index !== -1)
  120.                 return configuration.users[index].api;
  121.             return 0;
  122.         },
  123. 

  124.         /**
  125.          * Checks to see if there was a valid login attempt
  126.          *
  127.          * @param username
  128.          * @param password
  129.          * @param configuration
  130.          * @returns {boolean}
  131.          */
  132.         checkLogin: function(username, password, configuration)
  133.         {
  134.             const userIndex = getIndexOfUser(username, configuration);
  135.             if(userIndex === -1)
  136.                 return false;
  137. 

  138.             const hashedPassword = hashPassword(password, configuration.users[userIndex].salt);
  139.             return configuration.users[userIndex].password == hashedPassword;
  140.         },
  141. 

  142. 

  143.         /**
  144.          * Adds a user to the configuration
  145.          *
  146.          * @param username
  147.          * @param password
  148.          * @param configuration
  149.          * @returns {boolean}
  150.          */
  151.         addUser: function(username, password, admin, configuration)
  152.         {
  153.             const userIndex = getIndexOfUser(username, configuration);
  154.             if(userIndex !== -1)
  155.                 return false; // user already exists

  156. 

  157.             var newUser = new Object();
  158.             newUser.username = username;
  159.             newUser.api = generateRandomAPIKey();
  160.             if(configuration.users.length === 0)
  161.                 newUser.id = 1;
  162.             else
  163.                 newUser.id = configuration.users[configuration.users.length -1].id + 1;
  164. 

  165.             const passObject = createHashedPasswordObject(password);
  166.             newUser.salt = passObject.salt;
  167.             newUser.password = passObject.pass;
  168.             newUser.admin = admin;
  169.             configuration.users.push(newUser);
  170.             return true;
  171.         },
  172. 

  173. 

  174.         /**
  175.          * Edits a user based on their id
  176.          *
  177.          * @param id
  178.          * @param userName
  179.          * @param password
  180.          * @param configuration
  181.          */
  182.         editUser: function(id, userName, password, admin, configuration)
  183.         {
  184.             for(var i = 0; i < configuration.users.length; i++)
  185.             {
  186.                 if (configuration.users[i].id=== id)
  187.                 {
  188.                     console.log("User account updated.");
  189.                     configuration.users[i].username = userName;
  190.                     configuration.users[i].admin = admin;
  191. 

  192.                     var passObj = createHashedPasswordObject(password);
  193.                     configuration.users[i].salt = passObj.salt;
  194.                     configuration.users[i].password = passObj.pass;
  195.                 }
  196.             }
  197.         },
  198. 

  199. 

  200.         /**
  201.          * Removes a user account from the configuration
  202.          * @param id
  203.          * @param configuration
  204.          */
  205.         removeUser: function(id, configuration)
  206.         {
  207.             configuration.users = configuration.users.filter(function(value, index, arr)
  208.             {
  209.                 return value.id + "" !== id
  210.             });
  211.         }
  212.     };