Skip to content

Commit

Permalink
fixed rest of errors due adding schedules slides, also logout was bro…
Browse files Browse the repository at this point in the history 
…ken due update of dependency library, works now
  • Loading branch information
@reaby
reaby committed Sep 19, 2022
1 parent beaf0bc commit 84874a5
Show file tree
Hide file tree
Showing 7 changed files with 147 additions and 130 deletions.
12 changes: 10 additions & 2 deletions modules/admin.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -341,6 +341,8 @@ export default class admin {
zoom: parseFloat(data.zoom) || 1.0,
index: bundle.allSlides.length,
transition: null,
epochStart: -1,
epochEnd: -1
};

let obj = bundle.findSlideByUuid(filename);
Expand All @@ -353,6 +355,8 @@ export default class admin {
obj.displayTime = data.displayTime;
obj.zoom = parseFloat(data.zoom) || 1.0;
obj.transition = null;
obj.epochStart = -1;
obj.epochEnd = -1;
}

bundle.save();
Expand Down Expand Up @@ -402,11 +406,13 @@ export default class admin {
enabled: true,
displayTime: data.displayTime,
type: "video",
webUrl: data.url,
url: data.url,
mute: data.mute,
loop: data.loop,
index: bundle.allSlides.length,
transition: null
transition: null,
epochStart: -1,
epochEnd: -1
};

let obj = bundle.findSlideByUuid(filename);
Expand All @@ -420,6 +426,8 @@ export default class admin {
obj.mute = data.mute;
obj.loop = data.loop;
obj.transition = null;
obj.epochEnd = -1;
obj.epochStart = -1;
}

bundle.save();
Expand Down
130 changes: 66 additions & 64 deletions routes/auth.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,80 +27,82 @@ export default function (websocket, dispatcher) {
});

router.post('/login',
function (req, res, next) {
passport.authenticate('local', async function (err, user, info) {
const ipAddr = req.ip;
const usernameIPkey = getUsernameIPkey(req.body.username, ipAddr);

const [resUsernameAndIP, resSlowByIP] = await Promise.all([
limiterConsecutiveFailsByUsernameAndIP.get(usernameIPkey),
limiterSlowBruteByIP.get(ipAddr),
]);

let retrySecs = 0;

// Check if IP or Username + IP is already blocked
if (resSlowByIP !== null && resSlowByIP.consumedPoints > maxWrongAttemptsByIPperDay) {
retrySecs = Math.round(resSlowByIP.msBeforeNext / 1000) || 1;
} else if (resUsernameAndIP !== null && resUsernameAndIP.consumedPoints > maxConsecutiveFailsByUsernameAndIP) {
retrySecs = Math.round(resUsernameAndIP.msBeforeNext / 1000) || 1;
}

if (retrySecs > 0) {
console.log(`Blocked ${req.ip}, due too many requests`);
res.status(429).end('Too Many Requests');
return;
} else {
if (!user) {
// Consume 1 point from limiters on wrong attempt and block if limits reached
try {
const promises = [limiterSlowBruteByIP.consume(ipAddr)];
// Count failed attempts by Username + IP only for registered users
promises.push(limiterConsecutiveFailsByUsernameAndIP.consume(usernameIPkey));
await Promise.all(promises);

return res.redirect('/login');
} catch (rlRejected) {
if (rlRejected instanceof Error) {
throw rlRejected;
} else {
console.log(`Blocked ${req.ip}, due too many requests`);
res.status(429).end('Too Many Requests');
return;
}
function (req, res, next) {
passport.authenticate('local', async function (err, user, info) {
const ipAddr = req.ip;
const usernameIPkey = getUsernameIPkey(req.body.username, ipAddr);

const [resUsernameAndIP, resSlowByIP] = await Promise.all([
limiterConsecutiveFailsByUsernameAndIP.get(usernameIPkey),
limiterSlowBruteByIP.get(ipAddr),
]);

let retrySecs = 0;

// Check if IP or Username + IP is already blocked
if (resSlowByIP !== null && resSlowByIP.consumedPoints > maxWrongAttemptsByIPperDay) {
retrySecs = Math.round(resSlowByIP.msBeforeNext / 1000) || 1;
} else if (resUsernameAndIP !== null && resUsernameAndIP.consumedPoints > maxConsecutiveFailsByUsernameAndIP) {
retrySecs = Math.round(resUsernameAndIP.msBeforeNext / 1000) || 1;
}

if (retrySecs > 0) {
console.log(`Blocked ${req.ip}, due too many requests`);
res.status(429).end('Too Many Requests');
return;
} else {
if (!user) {
// Consume 1 point from limiters on wrong attempt and block if limits reached
try {
const promises = [limiterSlowBruteByIP.consume(ipAddr)];
// Count failed attempts by Username + IP only for registered users
promises.push(limiterConsecutiveFailsByUsernameAndIP.consume(usernameIPkey));
await Promise.all(promises);

return res.redirect('/login');
} catch (rlRejected) {
if (rlRejected instanceof Error) {
throw rlRejected;
} else {
console.log(`Blocked ${req.ip}, due too many requests`);
res.status(429).end('Too Many Requests');
return;
}

}

req.logIn(user, async function (err) {
if (err) {
return next(err);
}

if (resUsernameAndIP !== null && resUsernameAndIP.consumedPoints > 0) {
// Reset on successful authorisation
await limiterConsecutiveFailsByUsernameAndIP.delete(usernameIPkey);
}

if (req.session.location) {
return res.redirect(req.session.location);
}
return res.redirect("/");
});
}

req.logIn(user, async function (err) {
if (err) {

return next(err);
}

if (resUsernameAndIP !== null && resUsernameAndIP.consumedPoints > 0) {
// Reset on successful authorisation
await limiterConsecutiveFailsByUsernameAndIP.delete(usernameIPkey);
}

if (req.session.location) {
return res.redirect(req.session.location);
}
return res.redirect("/");
});

if (err) {

return next(err);
}
})(req, res, next);
});
}
})(req, res, next);
});

router.get('/logout',
function (req, res) {
req.logout();
res.redirect('/');
});
function (req, res) {
req.logout({}, (err) => {
res.redirect('/')
}
);
});

router.get('/empty', function (req, res, next) {
res.render('empty');
Expand Down
8 changes: 4 additions & 4 deletions views/admin/editBundleSlides.twig
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,11 +25,11 @@
<button class="ui small basic inverted icon button"
onclick="editSlide('{{ slide.uuid }}', '{{ slide.type }}');"><i
class="edit outline icon"></i></button>
<div onclick="duplicateSlide('{{bundle.name}}','{{slide.uuid}}')" class="ui small basic inverted icon button"><i class="ui copy icon"></i></div>
<div onclick="duplicateSlide('{{bundle.name}}','{{slide.uuid}}')" class="ui small basic inverted icon button"><i class="ui copy icon"></i></div>
<button class="ui small basic inverted icon button"
onclick="remove('{{ slide.uuid }}');"><i class="delete icon"></i>
</button>

</div>
<div class="content">
<div class="editable">{{ slide.name }} </div>
Expand All @@ -42,7 +42,7 @@
</div>
</div>
<script>
var socket = io.connect("{{ config.serverUrl }}:{{ config.serverListenPort }}/admin");
var socket = io("{{ config.serverUrl }}/admin");
var bundleName = "{{ bundle.name }}";
</script>

Expand Down Expand Up @@ -104,7 +104,7 @@
}
}
socket.on("callback.updateBundleData", function() {
socket.on("callback.updateBundleData", function() {
document.location.reload(true);
});
Expand Down
Loading

0 comments on commit 84874a5

Please sign in to comment.