push auths

merge-requests/4/head
Matthew 2020-08-30 21:36:17 -04:00
parent 8feb9dddb9
commit 22c5c3548d
No known key found for this signature in database
GPG Key ID: 210AF32ADE3B5C4B
5 changed files with 103 additions and 1 deletions

View File

@ -1,6 +1,8 @@
import os from 'os';
import jwt from 'jsonwebtoken';
import { TextChannel } from 'eris';
import { Server } from '..';
import { Route } from '../../class';
import { RichEmbed, Route } from '../../class';
export default class Root extends Route {
constructor(server: Server) {
@ -48,5 +50,25 @@ export default class Root extends Route {
this.handleError(error, res);
}
});
// eslint-disable-next-line consistent-return
this.router.get('/verify', async (req, res) => {
if (req.query.t) {
try {
res.setHeader('Access-Control-Allow-Origin', '*');
const token = <any> jwt.verify(req.query.t.toString(), this.server.client.config.keyPair.privateKey);
const embed = new RichEmbed();
embed.setTitle('Referral Authorization');
embed.addField('Referred User', token.referredUserAndDiscrim, true);
embed.addField('Referrer User', token.referrerUsername, true);
embed.addField('Referral Code', token.referralCode, true);
const channel = <TextChannel> this.server.client.guilds.get('446067825673633794').channels.get('580950455581147146');
res.sendStatus(200);
return channel.createMessage({ content: `<@${token.staffUserID}>`, embed });
} catch {
return res.sendStatus(401);
}
}
});
}
}

View File

@ -0,0 +1,43 @@
<!DOCTYPE html>
<head>
<title>Referral Verification</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
<script src="https://code.jquery.com/jquery-3.2.1.slim.min.js" integrity="sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js" integrity="sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q" crossorigin="anonymous"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js" integrity="sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl" crossorigin="anonymous"></script>
<script>
async function submit() {
try {
const input = document.getElementsByClassName('form-control')[0];
const response = await fetch(`https://api.cloud.libraryofcode.org/verify?t=${input.value}`);
if (response.status === 200) alert('Request authorized. You may now close this tab.');
if (response.status === 401) alert('Authorization Token incorrect, try again.');
if (response.status >= 500) alert('INTERNAL SERVER ERROR');
alert('Authentication Complete.');
} catch (err) {
alert(err);
}
}
</script>
</head>
<body>
<h2>Referral Authorization Form</h2>
<p style="font-style: italic;">This form is for authorizing referral requests that you've provided to other users. If you've received this request from someone you don't recognize, please let us know right away.</p>
<div class="input-group mb-3">
<input id="auth" type="text" class="form-control" placeholder="Authorization Token" aria-label="Authorization Token" aria-describedby="basic-addon2">
<div class="input-group-append">
<button class="btn btn-outline-secondary" type="submit" onclick=submit()>Submit</button>
</div>
</div>
<script>
function listener(event) {
const input = document.getElementById('auth');
input.addEventListener('keydown', ({ key }) => {
if (key.toLowerCase() === "enter") submit();
});
}
listener();
</script>
</body>

View File

@ -29,6 +29,7 @@ export default class Server {
}
private async loadRoutes(): Promise<void> {
this.app.use('/static', express.static(`${__dirname}/../api/static`));
const routes = await fs.readdir(`${__dirname}/../api/routes`);
routes.forEach(async (routeFile) => {
if (routeFile === 'index.js') return;

View File

@ -0,0 +1,35 @@
import jwt from 'jsonwebtoken';
import { Message } from 'eris';
import { Client, Command } from '../class';
export default class AuthReferral extends Command {
constructor(client: Client) {
super(client);
this.name = 'authreferral';
this.description = 'Requests authorization for a referral.';
this.permissions = { roles: ['662163685439045632', '701454780828221450'] };
this.enabled = true;
this.aliases = ['auth'];
this.usage = `${this.client.config.prefix}authreferral <referral code | referring user> <referred member id>`;
}
public async run(message: Message, args: string[]) { // eslint-disable-line
try {
if (!args.length) return this.client.commands.get('help').run(message, [this.name]);
const referrer = await this.client.db.Account.findOne({ $or: [{ username: args[0] }, { referralCode: args[0] }, { userID: args[0].replace(/[<@!>]/gi, '') }] });
if (!referrer) return this.error(message.channel, 'Cannot find referrer.');
const referred = await this.client.getRESTGuildMember('446067825673633794', args[1]);
if (!referred) return this.error(message.channel, 'Cannot find referred member.');
const token = jwt.sign({ staffUserID: message.author.id, referralCode: referrer.referralCode, referrerUserID: referrer.userID, referrerUsername: referrer.username, referredUserID: referred.id, referredUserAndDiscrim: `${referred.username}#${referred.discriminator}` }, this.client.config.keyPair.privateKey, { expiresIn: '24 hours', issuer: 'Library of Code sp-us | Cloud Services Daemon' });
this.client.getDMChannel(referrer.userID).then((chan) => {
chan.createMessage(`__**Referral Request Authorization**__\nYour referral code has been used in an application recently submitted to us. We need to authorize this request, please visit https://loc.sh/rv and enter the authorization token below. This token expires in 24 hours. If you did not authorize this request, please contact us immediately by DMing Ramirez or opening a ticket at https://loc.sh/cs-help.\n\n\`${token}\``);
}).catch(() => {
this.error(message.channel, 'Could not DM referrer.');
});
return this.success(message.channel, `Sent authorization token to ${referrer.username}\n\`${token}\``);
} catch (error) {
return this.client.util.handleError(error, message, this);
}
}
}

View File

@ -1,5 +1,6 @@
export { default as addreferral } from './addreferral';
export { default as announce } from './announce';
export { default as authreferral } from './authreferral';
export { default as bearer } from './bearer';
export { default as cloudflare } from './cloudflare';
export { default as createaccount } from './createaccount';