who decided that was a good way to do tripcodes

5 years ago · 5172ffc251
parent 9d83260d22
commit 5172ffc251
6 changed files with 15 additions and 51 deletions
--- a/configs/main.json.example
+++ b/configs/main.json.example
@ -1,11 +1,12 @@
 {
-    "dbURL": "mongodb://username:password@localhost:27017",
+    "dbURL": "mongodb://username:password@host:port",
    "port": 7000,
-    "sessionSecret": "CHANGE ME",
+    "sessionSecret": "long random string",
+	"tripcodeSecret": "long random string",
 	"cacheTemplates": true,
-	"refererRegex": "^https?:\\/\\/(?:www\\.)?DOMAIN\\.TLD\\/",
+	"refererRegex": "^https?:\\/\\/(?:www\\.)?domain\\.com\\/",
 	"openGraph": {
-		"siteName": "CHANGE ME",
-		"url": "https://DOMAIN.TLD"
+		"siteName": "site name",
+		"url": "https://domain.com"
 	}
 }
--- a/db/trips.js
+++ b/db/trips.js
@ -1,20 +0,0 @@
-'use strict';
-
-const Mongo = require(__dirname+'/db.js')
-	, db = Mongo.client.db('jschan').collection('tripcodes');
-
-module.exports = {
-
-	findOne: (password) => {
-		return db.findOne({ '_id': password });
-	},
-
-	insertOne: (password, trip) => {
-		return db.insertOne({ '_id': password, 'code': trip });
-	},
-
-	deleteAll: () => {
-		return db.deleteMany({});
-	},
-
-}
--- a/helpers/render.js
+++ b/helpers/render.js
@ -1,13 +1,13 @@
 'use strict';

-const configs = require(__dirname+'/../configs/main.json')
-	, outputFile = require('fs-extra').outputFile
+const { cacheTemplates, openGraph }= require(__dirname+'/../configs/main.json')
+	, { outputFile } = require('fs-extra')
 	, pug = require('pug')
 	, path = require('path')
 	, uploadDirectory = require(__dirname+'/uploadDirectory.js')
 	, templateDirectory = path.join(__dirname+'/../views/pages/');

 module.exports = async (htmlName, templateName, options) => {
-	const html = pug.renderFile(`${templateDirectory}${templateName}`, { ...options, renderStart: Date.now(), cache: configs.cacheTemplates, openGraph: configs.openGraph });
+	const html = pug.renderFile(`${templateDirectory}${templateName}`, { ...options, renderStart: Date.now(), cache: cacheTemplates, openGraph: openGraph });
 	return outputFile(`${uploadDirectory}html/${htmlName}`, html);
 };
--- a/helpers/tripcode.js
+++ b/helpers/tripcode.js
@ -1,23 +1,12 @@
 'use strict';

-const Tripcodes = require(__dirname+'/../db/trips.js')
-    , util = require('util')
-    , crypto = require('crypto')
-    , randomBytes = util.promisify(crypto.randomBytes);
+const { tripcodeSecret } = require(__dirname+'/../configs/main.json')
+    , { createHash } = require('crypto')

 module.exports = async (password) => {

-	//return existing trip if exists
-	let existing = await Tripcodes.findOne(password);
-	if (existing) {
-		return existing.code;
-	}
-
-	//fix, not sure how secure
-	const salt = (await randomBytes(128)).toString('hex');
-	const fullTripCodeHash = crypto.createHash('sha256').update(password + salt).digest('base64');
-	const trip = fullTripCodeHash.substring(fullTripCodeHash.length-10);
-	await Tripcodes.insertOne(password, trip);
-	return trip;
+	const tripcodeHash = createHash('sha256').update(password + tripcodeSecret).digest('base64');
+	const tripcode = tripcodeHash.substring(tripcodeHash.length-10);
+	return tripcode;

 }
--- a/models/pages/captcha.js
+++ b/models/pages/captcha.js
@ -1,16 +1,12 @@
 'use strict';

-const { randomBytes } = require('crypto')
-	, Captchas = require(__dirname+'/../../db/captchas.js')
+const Captchas = require(__dirname+'/../../db/captchas.js')
 	, generateCaptcha = require(__dirname+'/../../helpers/captchagenerate.js');

 module.exports = async (req, res, next) => {

-	// if we got here, they dont have a cookie so we need to
-	// gen a captcha, set their cookie and redirect to the captcha
 	let captchaId;
 	try {
-//		const text = await randomBytes(3).toString('hex').substring(0,6);
 		const text = Math.random().toString(36).substr(2,6);
 		captchaId = await Captchas.insertOne(text).then(r => r.insertedId); //get id of document as filename and captchaid
 		await generateCaptcha(text, captchaId);
--- a/wipe.js
+++ b/wipe.js
@ -14,7 +14,6 @@ const Mongo = require(__dirname+'/db/db.js')
 	const Boards = require(__dirname+'/db/boards.js')
 		, Posts = require(__dirname+'/db/posts.js')
 		, Bans = require(__dirname+'/db/bans.js')
-		, Trips = require(__dirname+'/db/trips.js')
 		, Captchas = require(__dirname+'/db/captchas.js')
 		, Accounts = require(__dirname+'/db/accounts.js');
 	console.log('deleting captchas')
@ -30,7 +29,6 @@ const Mongo = require(__dirname+'/db/db.js')
 	await Boards.deleteIncrement('b');
 	await Boards.deleteIncrement('t');
 	await Boards.deleteAll();
-	await Trips.deleteAll();
 	console.log('deleting bans');
 	await Bans.deleteAll();
 	console.log('adding boards')