Start working on ACP

2014-01-28 00:05:14 -06:00 · 2014-01-28 00:05:14 -06:00 · d0be588149
commit d0be588149
parent 5f3fa8922d
3 changed files with 110 additions and 0 deletions
--- a/lib/web/webserver.js
+++ b/lib/web/webserver.js
@ -7,6 +7,7 @@ var Server = require("../server");
 var $util = require("../utilities");
 var Logger = require("../logger");
 var Config = require("../config");
+var db = require("../database");

 var httplog = new Logger.Logger(path.join(__dirname, "..", "..", "http.log"));

@ -152,6 +153,38 @@ function handleIndex(req, res) {
    });
 }

+/**
+ * Handles a request for the ACP
+ */
+function handleAcp(req, res) {
+    logRequest(req);
+
+    var auth = req.cookies.auth || "";
+    db.users.verifyAuth(auth, function (err, user) {
+        if (err) {
+            if (err === "Invalid auth string" ||
+                err === "Auth string does not match an existing user") {
+                res.send(403);
+            } else {
+                res.send(500);
+            }
+            return;
+        }
+
+        if (user.global_rank < 255) {
+            res.send(403);
+            Logger.eventlog.log("[acp] Attempted GET /acp from non-admin " + user.name +
+                                "@" + ipForRequest(req));
+            return;
+        }
+
+        sendJade(res, "acp", {
+            loginName: user.name,
+            loggedIn: true
+        });
+    });
+}
+
 /**
 * Handles a request for the socket.io information
 */
@ -187,6 +220,7 @@ module.exports = {
        app.get("/r/:channel", handleChannel);
        app.get("/", handleIndex);
        app.get("/sioconfig", handleSocketConfig);
+        app.get("/acp", handleAcp);
        app.all("*", function (req, res, next) {
            if (isSuspicious(req)) {
                logRequest(req, 403);