Personal blog written from scratch using Node.js, Bootstrap, and MySQL.
https://jrtechs.net
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
148 lines
3.5 KiB
148 lines
3.5 KiB
//file io
|
|
const utils = require('../utils/utils.js');
|
|
|
|
//update db
|
|
const sql = require('../utils/sql');
|
|
|
|
const qs = require('querystring');
|
|
|
|
const DEBUG = false;
|
|
|
|
|
|
/**
|
|
* Processes post data to see if the user has successfully
|
|
* logged in. If the user has logged in successfully, a session
|
|
* variable is set and the page is refreshed.
|
|
*
|
|
* @param request
|
|
* @returns {Promise}
|
|
*/
|
|
const processLogin = function(request, clientAddress, templateContext)
|
|
{
|
|
return new Promise(function(resolve, reject)
|
|
{
|
|
if(DEBUG)
|
|
{
|
|
//logs in as first user in DB
|
|
request.session.user = 1;
|
|
console.log("user has logged in");
|
|
templateContext.goodLoginAttempt = true;
|
|
resolve();
|
|
}
|
|
|
|
utils.getPostData(request).then(function(postData)
|
|
{
|
|
const post = qs.parse(postData);
|
|
if(!post.username && !post.password)
|
|
{
|
|
resolve("");
|
|
return(false); // no login attempted
|
|
}
|
|
return sql.checkLogin(postData);
|
|
}).then(function(loginResult)
|
|
{
|
|
if(loginResult !== false)
|
|
{
|
|
if(loginResult.pass)
|
|
{
|
|
//what actually logs in the user
|
|
request.session.user = loginResult.user;
|
|
console.log("user has logged in");
|
|
templateContext.goodLoginAttempt = true;
|
|
resolve();
|
|
}
|
|
else
|
|
{
|
|
templateContext.invalid = true;
|
|
banIP(clientAddress);
|
|
console.log("Invader!");
|
|
resolve("Wrong!");
|
|
}
|
|
}
|
|
}).catch(function(err)
|
|
{
|
|
reject(err);
|
|
})
|
|
});
|
|
};
|
|
|
|
|
|
/** Global Containing Ban Data **/
|
|
var banData = {};
|
|
|
|
/** Number of incorrect login attempts permitted per ip */
|
|
const LOGIN_LIMIT = 5;
|
|
|
|
|
|
/**
|
|
* Determines if a client is banned from the server
|
|
* or not.
|
|
*
|
|
* @param clientAddress
|
|
*/
|
|
const isBanned = function(clientAddress)
|
|
{
|
|
if(clientAddress in banData)
|
|
{
|
|
user = banData[clientAddress];
|
|
|
|
return user.incorrectLogins > LOGIN_LIMIT;
|
|
}
|
|
return false;
|
|
|
|
};
|
|
|
|
|
|
/**
|
|
* Increments the user's incorrect login attempt
|
|
* counter.
|
|
*
|
|
* @param clientAddress
|
|
*/
|
|
const banIP = function(clientAddress)
|
|
{
|
|
if(clientAddress in banData)
|
|
{
|
|
user = banData[clientAddress];
|
|
user.incorrectLogins++;
|
|
}
|
|
else
|
|
{
|
|
var newUser = new Object();
|
|
newUser.incorrectLogins = 1;
|
|
banData[clientAddress] = newUser;
|
|
}
|
|
};
|
|
|
|
|
|
module.exports=
|
|
{
|
|
/**
|
|
* Renders the contents of the login page of the website
|
|
*
|
|
* @param request express request containing post data
|
|
* @returns {Promise} resolves html of login page
|
|
*/
|
|
main: function(request, clientAddress, templateContext)
|
|
{
|
|
return new Promise(function(resolve, reject)
|
|
{
|
|
if(isBanned(clientAddress))
|
|
{
|
|
templateContext.banned = true;
|
|
resolve();
|
|
}
|
|
else
|
|
{
|
|
processLogin(request, clientAddress, templateContext).then(function()
|
|
{
|
|
resolve();
|
|
}).catch(function(err)
|
|
{
|
|
reject(err);
|
|
})
|
|
}
|
|
});
|
|
|
|
},
|
|
};
|