Personal blog written from scratch using Node.js, Bootstrap, and MySQL. https://jrtechs.net
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

147 lines
3.5 KiB

  1. //file io
  2. const utils = require('../utils/utils.js');
  3. //update db
  4. const sql = require('../utils/sql');
  5. const qs = require('querystring');
  6. const DEBUG = false;
  7. /**
  8. * Processes post data to see if the user has successfully
  9. * logged in. If the user has logged in successfully, a session
  10. * variable is set and the page is refreshed.
  11. *
  12. * @param request
  13. * @returns {Promise}
  14. */
  15. const processLogin = function(request, clientAddress, templateContext)
  16. {
  17. return new Promise(function(resolve, reject)
  18. {
  19. if(DEBUG)
  20. {
  21. //logs in as first user in DB
  22. request.session.user = 1;
  23. console.log("user has logged in");
  24. templateContext.goodLoginAttempt = true;
  25. resolve();
  26. }
  27. utils.getPostData(request).then(function(postData)
  28. {
  29. const post = qs.parse(postData);
  30. if(!post.username && !post.password)
  31. {
  32. resolve("");
  33. return(false); // no login attempted
  34. }
  35. return sql.checkLogin(postData);
  36. }).then(function(loginResult)
  37. {
  38. if(loginResult !== false)
  39. {
  40. if(loginResult.pass)
  41. {
  42. //what actually logs in the user
  43. request.session.user = loginResult.user;
  44. console.log("user has logged in");
  45. templateContext.goodLoginAttempt = true;
  46. resolve();
  47. }
  48. else
  49. {
  50. templateContext.invalid = true;
  51. banIP(clientAddress);
  52. console.log("Invader!");
  53. resolve("Wrong!");
  54. }
  55. }
  56. }).catch(function(err)
  57. {
  58. reject(err);
  59. })
  60. });
  61. };
  62. /** Global Containing Ban Data **/
  63. var banData = {};
  64. /** Number of incorrect login attempts permitted per ip */
  65. const LOGIN_LIMIT = 5;
  66. /**
  67. * Determines if a client is banned from the server
  68. * or not.
  69. *
  70. * @param clientAddress
  71. */
  72. const isBanned = function(clientAddress)
  73. {
  74. if(clientAddress in banData)
  75. {
  76. user = banData[clientAddress];
  77. return user.incorrectLogins > LOGIN_LIMIT;
  78. }
  79. return false;
  80. };
  81. /**
  82. * Increments the user's incorrect login attempt
  83. * counter.
  84. *
  85. * @param clientAddress
  86. */
  87. const banIP = function(clientAddress)
  88. {
  89. if(clientAddress in banData)
  90. {
  91. user = banData[clientAddress];
  92. user.incorrectLogins++;
  93. }
  94. else
  95. {
  96. var newUser = new Object();
  97. newUser.incorrectLogins = 1;
  98. banData[clientAddress] = newUser;
  99. }
  100. };
  101. module.exports=
  102. {
  103. /**
  104. * Renders the contents of the login page of the website
  105. *
  106. * @param request express request containing post data
  107. * @returns {Promise} resolves html of login page
  108. */
  109. main: function(request, clientAddress, templateContext)
  110. {
  111. return new Promise(function(resolve, reject)
  112. {
  113. if(isBanned(clientAddress))
  114. {
  115. templateContext.banned = true;
  116. resolve();
  117. }
  118. else
  119. {
  120. processLogin(request, clientAddress, templateContext).then(function()
  121. {
  122. resolve();
  123. }).catch(function(err)
  124. {
  125. reject(err);
  126. })
  127. }
  128. });
  129. },
  130. };