allow staff logins

pull/29/head
Matthew 2020-09-20 23:52:35 -04:00
parent 375ea3a963
commit 46eabc6194
No known key found for this signature in database
GPG Key ID: 210AF32ADE3B5C4B
1 changed files with 15 additions and 4 deletions

View File

@ -1,3 +1,4 @@
/* eslint-disable no-shadow */
import { Route, Server } from '../../../class';
// import acknowledgements from '../../../configs/acknowledgements.json';
@ -35,16 +36,26 @@ export default class Internal extends Route {
this.router.get('/score', async (req, res) => {
try {
res.setHeader('Access-Control-Allow-Origin', '*');
if (this.timeout.has(req.ip)) return res.status(429).json({ code: this.constants.codes.PERMISSION_DENIED, message: this.constants.messages.PERMISSION_DENIED });
if (!req.query.pin) return res.status(400).json({ code: this.constants.codes.CLIENT_ERROR });
if (this.timeout.has(req.ip)) return res.status(401).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED });
if (!req.query.pin) return res.status(401).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED });
const args = req.query.pin.toString();
this.timeout.add(req.ip);
setTimeout(() => this.timeout.delete(req.ip), 1800000);
let score = await this.server.client.db.Score.findOne({ pin: [Number(args.split('-')[0]), Number(args.split('-')[1]), Number(args.split('-')[2])] }).lean().exec();
if (!score) return res.status(401).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED });
const member = await this.server.client.getRESTGuildMember(this.constants.discord.SERVER_ID, score.userID);
if (!member) return res.status(404).json({ code: this.constants.codes.ACCOUNT_NOT_FOUND });
if (!member) return res.status(401).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED });
if (req.query.staff) {
const args = req.query.staff.toString();
const staffScore = await this.server.client.db.Score.findOne({ pin: [Number(args.split('-')[0]), Number(args.split('-')[1]), Number(args.split('-')[2])] }).lean().exec();
if (!staffScore) return res.status(401).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED });
if (!staffScore.staff) return res.status(401).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED });
this.timeout.delete(req.ip);
await this.server.client.db.Score.updateOne({ userID: staffScore.userID }, { $addToSet: { softInquiries: { name: 'Library of Code sp-us | Staff Team via report.libraryofcode.org', date: new Date() } } });
} else {
await this.server.client.db.Score.updateOne({ userID: score.userID }, { $addToSet: { softInquiries: { name: `${member.username} via report.libraryofcode.org @ IP ${req.ip}`, date: new Date() } } });
}
score = await this.server.client.db.Score.findOne({ pin: [Number(args.split('-')[0]), Number(args.split('-')[1]), Number(args.split('-')[2])] }).lean().exec();
let totalScore = '0';