rainbownapkin/fore.st
1
0
Fork 0
Code Issues 13 Pull requests Projects Releases Packages Wiki Activity Actions

Fixes

Browse source
This commit is contained in:
calzoneman 2014-02-24 18:25:49 -06:00
parent cc241da5cf
commit 5d9a8a1a3f
10 changed files with 54 additions and 43 deletions
Download patch file Download diff file Expand all files Collapse all files

14
lib/web/auth.js
View file

@ -8,6 +8,7 @@ var jade = require("jade");
var fs = require("fs");
var path = require("path");
var webserver = require("./webserver");
var cookieall = webserver.cookieall;
var sendJade = require("./jade").sendJade;
var Logger = require("../logger");
var $util = require("../utilities");
@ -39,25 +40,16 @@ function handleLogin(req, res) {
loginError: err
});
} else {
res.cookie("auth", user.name + ":" + user.hash, {
cookieall(res, "auth", user.name + ":" + user.hash, {
expires: new Date(Date.now() + 7*24*60*60*1000),
httpOnly: true
});
res.cookie("auth", user.name + ":" + user.hash, {
domain: Config.get("http.domain"),
cookieall(res, "rank", user.global_rank, {
expires: new Date(Date.now() + 7*24*60*60*1000),
httpOnly: true
});
if (Config.get("https.enabled")) {
res.cookie("auth", user.name + ":" + user.hash, {
domain: Config.get("https.domain"),
expires: new Date(Date.now() + 7*24*60*60*1000),
httpOnly: true
});
}
// Try to find an appropriate redirect
var ref = req.header("referrer");
if (!ref) {

51
lib/web/webserver.js
View file

@ -55,12 +55,22 @@ function logRequest(req, status) {
httplog.log([
ipForRequest(req),
req.route.method.toUpperCase(),
req.method,
req.path,
req.header("user-agent")
].join(" "));
}
function cookieall(res, name, val, opts) {
res.cookie(name, val, opts);
opts.domain = Config.get("http.domain");
res.cookie(name, val, opts);
if (Config.get("https.enabled")) {
opts.domain = Config.get("https.domain");
res.cookie(name, val, opts);
}
}
/**
* Redirects a request to HTTPS if the server supports it
*/
@ -87,7 +97,6 @@ function redirectHttp(req, res) {
if (port !== 80) {
domain += ":" + port;
}
console.log(domain);
res.redirect(domain + req.path);
return true;
}
@ -232,9 +241,25 @@ function handleContactPage(req, res) {
function static(dir) {
dir = path.join(__dirname, dir);
return function (req, res) {
if (isSuspicious(req)) {
logRequest(req, 403);
res.status(403);
if (typeof req.header("user-agent") === "string" &&
req.header("user-agent").toLowerCase() === "zmeu") {
res.send("This server disallows requests from ZmEu.");
} else {
res.send("The request " + req.route.method.toUpperCase() + " " +
req.path + " looks pretty fishy to me. Double check that " +
"you typed it correctly.");
}
return;
}
res.sendfile(req.path.replace(/^\//, ""), {
maxAge: Config.get("http.cache-ttl") * 1000,
root: dir
}, function (err) {
logRequest(req);
});
};
}
@ -266,24 +291,6 @@ module.exports = {
require("./auth").init(app);
require("./account").init(app);
require("./acp").init(app);
app.all("*", function (req, res, next) {
if (isSuspicious(req)) {
logRequest(req, 403);
res.status(403);
if (typeof req.header("user-agent") === "string" &&
req.header("user-agent").toLowerCase() === "zmeu") {
res.send("This server disallows requests from ZmEu.");
} else {
res.send("The request " + req.route.method.toUpperCase() + " " +
req.path + " looks pretty fishy to me. Double check that " +
"you typed it correctly.");
}
return;
}
logRequest(req);
next();
});
//app.use(express.static("www"));
app.use(static(path.join("..", "..", "www")));
},
@ -293,5 +300,7 @@ module.exports = {
redirectHttps: redirectHttps,
redirectHttp: redirectHttp
redirectHttp: redirectHttp,
cookieall: cookieall
};