SyedM/infinsweeper
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Store signin data in DB and use random codes

Browse Source
This commit is contained in:
Syed Daanish
2025-06-22 09:06:33 +03:00
parent 708ca49a35
commit ccbb317189
5 changed files with 95 additions and 82 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -1,4 +1,3 @@
*.db *.db
db.json
tmp.* tmp.*
*.log *.log

3
dev.fish
View File

@@ -3,9 +3,6 @@ set oldsum (cat (find . \( -name '*.rb' -o -name '*.js' \) | sort) | md5sum)
if not test -e infinsweeper.db if not test -e infinsweeper.db
sqlite3 infinsweeper.db < schema.sql sqlite3 infinsweeper.db < schema.sql
end end
if not test -e db.json
echo "{\"account_num\":0,\"pass_num\":0,\"signed_in_users\":{}}" > db.json
end
pkill ruby pkill ruby
ruby main.rb -p8080 & ruby main.rb -p8080 &
echo "" > $pipe_path echo "" > $pipe_path

123
main.rb
View File

@@ -4,8 +4,38 @@ require "json"
require_relative "players" require_relative "players"
require_relative "session" require_relative "session"
json_path = File.expand_path("db.json") ALPHANUM = [*"0".."9", *"A".."Z", *"a".."z", "-", "_"].freeze
signed_in_users = JSON.parse(File.read(json_path))["signed_in_users"]
db_file = File.expand_path("infinsweeper.db")
DB = Sequel.connect("sqlite:///#{db_file}", single_threaded: false)
DB.run("PRAGMA foreign_keys = ON;")
signed_in_users = DB[:SignedInUsers].all.map { |x| [x[:code], x[:player]] }.to_h
Thread.new do
loop do
now = Time.now
fifteen_days_ago = now - (60 * 60 * 24 * 15)
six_days_ago = now - (60 * 60 * 24 * 6)
old_sessions = (DB[:SignedInUsers].where { created_at < fifteen_days_ago }.all +
DB[:SignedInUsers].where { last_used_at < six_days_ago }.all).uniq { |s| s[:code] }
old_sessions.each do |session|
begin
DB[:SignedInUsers].where(code: session[:code]).delete
rescue StandardError => e
File.write("log/main.log",
"[#{Time.now}] Thread DB error: #{e.message} on #{session[:code]} for #{session[:player]}\n",
mode: "a")
end
signed_in_users.delete(session[:code])
puts "Auto-logged out: #{session[:player]} (expired session)"
end
rescue StandardError => e
File.write("log/main.log", "[#{Time.now}] Thread error: #{e.message}\n", mode: "a")
ensure
sleep 60 * 60 * 24
end
end
set :public_folder, "public" set :public_folder, "public"
@@ -21,37 +51,35 @@ post "/new_player" do
data = JSON.parse(request.body.read) data = JSON.parse(request.body.read)
if data["email"].nil? || data["pass"].nil? || data["username"].nil? if data["email"].nil? || data["pass"].nil? || data["username"].nil?
status 400 status 400
return '{"message": "Bad request made!"}' return { "message" => "Bad request made!" }.to_json
end end
player = Players.mk_player(data["username"], data["email"], data["pass"]) player = Players.mk_player(data["username"], data["email"], data["pass"])
case player case player
when "Successfully registered!" when "Successfully registered!"
hash = XXhash.xxh64(data["email"] + Time.now.to_s, 1234) code = Array.new(24) { ALPHANUM.sample }.join
code = "" set_session(request, response, "user", code, code)
while hash.positive?
code << ALPHANUM[hash % 64]
hash /= 64
end
code = code.reverse.rjust(12, "0")
set_session(request, response, "user", code)
signed_in_users[code] = data["email"] signed_in_users[code] = data["email"]
json = JSON.parse(File.read(json_path)) begin
json["signed_in_users"] = signed_in_users.clone DB["insert into SignedInUsers (code, player) values (?, ?)", code, data["email"]].insert
File.write(json_path, JSON.pretty_generate(json)) rescue Sequel::Error => e
File.write("log/main.log", "DB Error: #{e.message}\n", mode: "a")
status 500
return { "message" => "Internal server error when signing you in!" }.to_json
end
status 200 status 200
else else
status 400 status 400
end end
return "{\"message\": \"#{player}\"}" return { "message" => player }.to_json
end end
get "/verify/:code" do get "/verify/:code" do
if Players.verify(params[:code]) if Players.verify(params[:code])
status 200 status 200
return "{\"message\": \"Verified successfully!\"}" return { "message" => "Verified successfully!" }.to_json
else else
status 400 status 400
return "{\"message\": \"Used or Invalid code!\"}" return { "message" => "Couldn't verify!" }
end end
end end
@@ -59,24 +87,22 @@ post "/login" do
data = JSON.parse(request.body.read) data = JSON.parse(request.body.read)
player = Players.authorized?(data["email"], data["pass"]) player = Players.authorized?(data["email"], data["pass"])
if player if player
hash = XXhash.xxh64(data["email"] + Time.now.to_s, 1234) code = Array.new(24) { ALPHANUM.sample }.join
code = "" set_session(request, response, "user", code, code)
while hash.positive?
code << ALPHANUM[hash % 64]
hash /= 64
end
code = code.reverse.rjust(12, "0")
set_session(request, response, "user", code)
signed_in_users[code] = data["email"] signed_in_users[code] = data["email"]
json = JSON.parse(File.read(json_path)) begin
json["signed_in_users"] = signed_in_users.clone DB["insert into SignedInUsers (code, player) values (?, ?)", code, data["email"]].insert
File.write(json_path, JSON.pretty_generate(json)) rescue Sequel::Error => e
File.write("log/main.log", "DB Error: #{e.message}\n", mode: "a")
status 500
return { "message" => "Internal server error when signing you in!" }.to_json
end
status 200 status 200
return "{\"message\": \"Remember to verify your email!\"}" unless Players.verified?(data["email"]) return { "message" => "Remember to verify your email!" }.to_json unless Players.verified?(data["email"])
return "{\"message\": \"Signed in successfully!\"}" return { "message" => "Signed in successfully!" }.to_json
else else
status 400 status 400
return "{\"message\": \"Email or password incorrect!\"}" return { "message" => "Couldn't sign you in!" }.to_json
end end
end end
@@ -84,40 +110,44 @@ post "/logout" do
uid = get_session(request, response, "user") uid = get_session(request, response, "user")
if signed_in_users[uid].nil? if signed_in_users[uid].nil?
status 400 status 400
return "{\"message\":\"Not signed in!\"}" return { "message" => "Not signed in!" }.to_json
end end
signed_in_users.delete(uid) signed_in_users.delete(uid)
rm_session(request, response, "user") rm_session(request, response, "user")
json = JSON.parse(File.read(json_path)) begin
json["signed_in_users"] = signed_in_users.clone DB["delete from SignedInUsers where code = ?", uid].delete
File.write(json_path, JSON.pretty_generate(json)) rescue Sequel::Error => e
File.write("log/main.log", "DB Error: #{e.message}\n", mode: "a")
status 500
return { "message" => "Internal server error when signing you out!" }.to_json
end
status 200 status 200
return "{\"message\":\"Signed out!\"}" return { "message" => "Signed out successfully!" }.to_json
end end
post "/forgot_password" do post "/forgot_password" do
data = JSON.parse(request.body.read) data = JSON.parse(request.body.read)
if data["email"].nil? if data["email"].nil?
status 400 status 400
return "{\"message\":\"Bad request made!\"}" return { "message" => "Bad request made (Email not provided)!" }.to_json
end end
Players.pass_req(data["email"]) Players.pass_req(data["email"])
status 200 status 200
return "{\"message\":\"Password reset email sent!\"}" return { "message" => "Email sent successfully!" }.to_json
end end
post "/reset_password/:code" do post "/reset_password/:code" do
data = JSON.parse(request.body.read) data = JSON.parse(request.body.read)
if data["pass"].nil? || params[:code].nil? if data["pass"].nil? || params[:code].nil?
status 400 status 400
return "{\"message\":\"Bad request made!\"}" return { "message" => "Bad request made!" }.to_json
end end
if Players.pass_reset(data["pass"], params[:code]) if Players.pass_reset(data["pass"], params[:code])
status 200 status 200
return "{\"message\":\"Password reset successfully!\"}" return { "message" => "Password reset successfully!" }.to_json
else else
status 400 status 400
return "{\"message\":\"Couldn\'t reset password!\"}" return { "message" => "Couldn't reset password!" }.to_json
end end
end end
@@ -125,18 +155,15 @@ delete "/rm_player" do
uid = get_session(request, response, "user") uid = get_session(request, response, "user")
if uid.nil? || signed_in_users[uid].nil? if uid.nil? || signed_in_users[uid].nil?
status 400 status 400
return '{"message": "Not signed in!"}' return { "message" => "Not signed in!" }.to_json
end end
if Players.rm_player(signed_in_users[uid]) if Players.rm_player(signed_in_users[uid])
status 200
signed_in_users.delete(uid) signed_in_users.delete(uid)
rm_session(request, response, "user") rm_session(request, response, "user")
json = JSON.parse(File.read(json_path)) status 200
json["signed_in_users"] = signed_in_users.clone return { "message" => "Sorry to see you go.." }.to_json
File.write(json_path, JSON.pretty_generate(json))
return '{"message": "Sorry to see you go.."}'
else else
status 500 status 500
return '{"message": "Couldn\'t delete!"}' return { "message" => "Couldn't delete!" }.to_json
end end
end end

40
players.rb
View File

@@ -8,6 +8,7 @@ ALPHANUM = [*"0".."9", *"A".."Z", *"a".."z", "-", "_"].freeze
module Players module Players
db_file = File.expand_path("infinsweeper.db") db_file = File.expand_path("infinsweeper.db")
DB = Sequel.connect("sqlite:///#{db_file}", single_threaded: false) DB = Sequel.connect("sqlite:///#{db_file}", single_threaded: false)
DB.run("PRAGMA foreign_keys = ON;")
def self.list def self.list
DB["select * from Players"].all DB["select * from Players"].all
@@ -26,19 +27,7 @@ module Players
digest = XXhash.xxh32(pass, 1234) digest = XXhash.xxh32(pass, 1234)
path = File.expand_path("db.json") code = Array.new(24) { ALPHANUM.sample }.join
json = File.exist?(path) ? JSON.parse(File.read(path)) : {}
json["account_num"] ||= 0
account_num = json["account_num"]
json["account_num"] += 1
File.write(path, JSON.pretty_generate(json))
account_num = XXhash.xxh64(account_num, 1234)
code = ""
while account_num.positive?
code << ALPHANUM[account_num % 64]
account_num /= 64
end
code = code.reverse.rjust(12, "0")
DB[ DB[
"insert into Players (email, digest, username, activation_code) values (?, ?, ?, ?)", "insert into Players (email, digest, username, activation_code) values (?, ?, ?, ?)",
@@ -64,20 +53,8 @@ module Players
def self.pass_req(email) def self.pass_req(email)
return unless self[email] return unless self[email]
path = File.expand_path("db.json")
json = File.exist?(path) ? JSON.parse(File.read(path)) : {}
json["pass_num"] ||= 0
pass_num = json["pass_num"]
json["pass_num"] += 1
File.write(path, JSON.pretty_generate(json))
pass_num = XXhash.xxh64(pass_num, 1234)
code = ""
while pass_num.positive?
code << ALPHANUM[pass_num % 64]
pass_num /= 64
end
code = code.reverse.rjust(12, "0")
code = Array.new(24) { ALPHANUM.sample }.join
DB["update Players set new_pass_code = ? where email = ?", code, email].update DB["update Players set new_pass_code = ? where email = ?", code, email].update
send_email(:pass_req, email, code) send_email(:pass_req, email, code)
@@ -108,9 +85,14 @@ module Players
end end
Thread.new do Thread.new do
sleep 60 * 60 loop do
unverified.each do |player| unverified.each do |player|
rm_player(player[:email]) if player[:created_at] + 24 * 60 * 60 < Time.now rm_player(player[:email]) if player[:created_at] + 24 * 60 * 60 < Time.now
end
rescue StandardError => e
File.write("log/main.log", "Thread error: #{e.message}\n", mode: "a")
ensure
sleep 60 * 60
end end
end end
end end

10
schema.sql
View File

@@ -1,4 +1,4 @@
CREATE TABLE Players ( CREATE TABLE IF NOT EXISTS Players (
email TEXT PRIMARY KEY, email TEXT PRIMARY KEY,
username TEXT UNIQUE, username TEXT UNIQUE,
digest BLOB, digest BLOB,
@@ -7,3 +7,11 @@ CREATE TABLE Players (
new_pass_code TEXT, new_pass_code TEXT,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
); );
CREATE TABLE IF NOT EXISTS SignedInUsers (
code TEXT PRIMARY KEY,
player TEXT,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
last_used_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (player) REFERENCES Players (email) ON DELETE CASCADE
);