Commit fb9f17d3 authored by Matthieu - Greep's avatar Matthieu - Greep

removing tokenCheck correctly

parent c8385bb1
...@@ -26,44 +26,6 @@ connection.connect((err)=>{ ...@@ -26,44 +26,6 @@ connection.connect((err)=>{
} }
}) })
/**
* Get the authorization token from the request header
* @param {import('express').Request} req
* @param {import('express').Response} res
* @param {import('mysql').Connection} sql
* @param {Function} cb the callback function to call only if the token is valid. There are no parameters.
*/
function checkToken(req, res, sql, cb){
var auth = req.get('Authorization')
if (!auth){
renderError(res, 403, 'No authorization token provided');
return false;
} else {
if (auth.includes('Basic ')){
var token = auth.replace('Basic ', '')
sql.query("SELECT * FROM Auth WHERE token = ?", token, async (err, result)=>{
if (err){
console.error(err)
renderError(res, 500, "Internal Server Error")
} else {
if (result.length < 1){
renderError(res, 401, "Authorization Token not found.")
} else {
if (result[0].validate == 0){
renderError(res, 403, "Authorization Token not validated.")
} else {
console.log('Connexion from '+ result[0].description);
cb();
}
}
}
});
} else {
renderError(res, 403, "Token not found in Authorization header, please set a Token in Authorization header like this: 'Authorization: Basic [token]'.")
}
}
}
/** /**
* Render a JSON response for an error * Render a JSON response for an error
* @param {import('express').Response} res * @param {import('express').Response} res
...@@ -121,7 +83,7 @@ app.get('/', (req, res) => { ...@@ -121,7 +83,7 @@ app.get('/', (req, res) => {
}) })
fs.readdirSync(path.join(__dirname, 'route')).filter(file => file.endsWith('.js')).forEach(function(file) { fs.readdirSync(path.join(__dirname, 'route')).filter(file => file.endsWith('.js')).forEach(function(file) {
require(path.join(__dirname, 'route', file))(app, connection, checkToken, renderError) require(path.join(__dirname, 'route', file))(app, connection, renderError)
}); });
// catch 404 and forward to error handler // catch 404 and forward to error handler
......
...@@ -5,7 +5,7 @@ const path = require('path'), ...@@ -5,7 +5,7 @@ const path = require('path'),
* @param {import('express').Express} app * @param {import('express').Express} app
* @param {import('mysql').Connection} sql * @param {import('mysql').Connection} sql
*/ */
module.exports = function(app, sql, token, errorHandler) { module.exports = function(app, sql, errorHandler) {
app.get('/'+scriptName, function(req, res) { app.get('/'+scriptName, function(req, res) {
const mapId = req.query.map || req.body.map, const mapId = req.query.map || req.body.map,
player = req.query.player || req.body.player; player = req.query.player || req.body.player;
......
...@@ -5,7 +5,7 @@ const path = require('path'), ...@@ -5,7 +5,7 @@ const path = require('path'),
* @param {import('express').Express} app * @param {import('express').Express} app
* @param {import('mysql').Connection} sql * @param {import('mysql').Connection} sql
*/ */
module.exports = function(app, sql, token, errorHandler) { module.exports = function(app, sql, errorHandler) {
app.get('/'+scriptName, function(req, res) { app.get('/'+scriptName, function(req, res) {
const mapId = req.query.map || req.body.map; const mapId = req.query.map || req.body.map;
if (!mapId) { if (!mapId) {
......
...@@ -5,7 +5,7 @@ const path = require('path'), ...@@ -5,7 +5,7 @@ const path = require('path'),
* @param {import('express').Express} app * @param {import('express').Express} app
* @param {import('mysql').Connection} sql * @param {import('mysql').Connection} sql
*/ */
module.exports = function(app, sql, token, errorHandler) { module.exports = function(app, sql, errorHandler) {
app.get('/'+scriptName, function(req, res) { app.get('/'+scriptName, function(req, res) {
sql.query('SELECT player, COUNT(*) AS votes FROM votes GROUP BY player ORDER BY votes DESC', (err, sqlRes)=>{ sql.query('SELECT player, COUNT(*) AS votes FROM votes GROUP BY player ORDER BY votes DESC', (err, sqlRes)=>{
if (err) { if (err) {
......
...@@ -5,7 +5,7 @@ const path = require('path'), ...@@ -5,7 +5,7 @@ const path = require('path'),
* @param {import('express').Express} app * @param {import('express').Express} app
* @param {import('mysql').Connection} sql * @param {import('mysql').Connection} sql
*/ */
module.exports = function(app, sql, token, errorHandler) { module.exports = function(app, sql, errorHandler) {
app.get('/'+scriptName, function(req, res) { app.get('/'+scriptName, function(req, res) {
sql.query('SELECT map, COUNT(*) AS votes FROM votes GROUP BY map ORDER BY votes DESC', (err, sqlRes)=>{ sql.query('SELECT map, COUNT(*) AS votes FROM votes GROUP BY map ORDER BY votes DESC', (err, sqlRes)=>{
if (err) { if (err) {
......
...@@ -7,61 +7,59 @@ const path = require('path'), ...@@ -7,61 +7,59 @@ const path = require('path'),
* @param {import('express').Express} app * @param {import('express').Express} app
* @param {import('mysql').Connection} sql * @param {import('mysql').Connection} sql
*/ */
module.exports = function(app, sql, tokenCheck, errorHandler) { module.exports = function(app, sql, errorHandler) {
app.post('/'+scriptName, function(req, res) { app.post('/'+scriptName, function(req, res) {
//tokenCheck(req, res, sql, ()=>{ const mapId = req.query.map || req.body.map,
const mapId = req.query.map || req.body.map, player = req.query.player || req.body.player,
player = req.query.player || req.body.player, vote = Number(req.query.vote || req.body.vote);
vote = Number(req.query.vote || req.body.vote); if (!mapId) return errorHandler(res, 400, 'Missing map id');
if (!mapId) return errorHandler(res, 400, 'Missing map id'); if (!player) return errorHandler(res, 400, 'Missing player login');
if (!player) return errorHandler(res, 400, 'Missing player login'); if (!vote) return errorHandler(res, 400, 'Missing vote');
if (!vote) return errorHandler(res, 400, 'Missing vote'); if (isNaN(vote)) return errorHandler(res, 400, 'Invalid vote');
if (isNaN(vote)) return errorHandler(res, 400, 'Invalid vote'); if (vote < 0 || vote > 100) return errorHandler(res, 400, 'Vote must be between 0 and 100');
if (vote < 0 || vote > 100) return errorHandler(res, 400, 'Vote must be between 0 and 100');
// check if player exists (tmio API check) // check if player exists (tmio API check)
tmioPlayer.player(player).then(()=>{ tmioPlayer.player(player).then(()=>{
sql.query('SELECT * FROM votes WHERE map = ? AND player = ?', [mapId,player], (err, sqlRes)=>{ sql.query('SELECT * FROM votes WHERE map = ? AND player = ?', [mapId,player], (err, sqlRes)=>{
if (err) { if (err) {
console.log(err); console.log(err);
errorHandler(res, 500, 'Internal server error'); errorHandler(res, 500, 'Internal server error');
} else { } else {
const voteDate = new Date(); const voteDate = new Date();
if (sqlRes.length === 0) { // Create a new vote for this player if (sqlRes.length === 0) { // Create a new vote for this player
sql.query('INSERT INTO votes (map, player, vote, date) VALUES (?, ?, ?, ?)', [mapId, player, vote, voteDate], (err)=>{ sql.query('INSERT INTO votes (map, player, vote, date) VALUES (?, ?, ?, ?)', [mapId, player, vote, voteDate], (err)=>{
if (err) { if (err) {
console.error(err); console.error(err);
errorHandler(res, 500, 'Internal server error'); errorHandler(res, 500, 'Internal server error');
} else { } else {
res.json({ res.json({
mapUid: mapId, mapUid: mapId,
player: player, player: player,
vote: vote, vote: vote,
date: voteDate, date: voteDate,
type: "new" type: "new"
}); });
} }
}); });
} else { // Update the vote for this player } else { // Update the vote for this player
sql.query('UPDATE votes SET vote = ?, date = ? WHERE map = ? AND player = ?', [vote, voteDate, mapId, player], (err)=>{ sql.query('UPDATE votes SET vote = ?, date = ? WHERE map = ? AND player = ?', [vote, voteDate, mapId, player], (err)=>{
if (err) { if (err) {
console.error(err); console.error(err);
errorHandler(res, 500, 'Internal server error'); errorHandler(res, 500, 'Internal server error');
} else { } else {
res.json({ res.json({
mapUid: mapId, mapUid: mapId,
player: player, player: player,
vote: vote, vote: vote,
date: voteDate, date: voteDate,
type: "update" type: "update"
}); });
} }
}); });
}
} }
}); }
}) });
.catch((err)=>errorHandler(res, 400, err)); // player not found })
//}); .catch((err)=>errorHandler(res, 400, err)); // player not found
}); });
}; };
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment