SyedM/infinsweeper
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Store signin data in DB and use random codes

Browse Source
This commit is contained in:
Syed Daanish
2025-06-22 09:06:33 +03:00
parent 708ca49a35
commit ccbb317189
5 changed files with 95 additions and 82 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -1,4 +1,3 @@
*.db
db.json
tmp.*
*.log

3
dev.fish
View File

@@ -3,9 +3,6 @@ set oldsum (cat (find . \( -name '*.rb' -o -name '*.js' \) | sort) | md5sum)
if not test -e infinsweeper.db
sqlite3 infinsweeper.db < schema.sql
end
if not test -e db.json
echo "{\"account_num\":0,\"pass_num\":0,\"signed_in_users\":{}}" > db.json
end
pkill ruby
ruby main.rb -p8080 &
echo "" > $pipe_path

123
main.rb
View File

@@ -4,8 +4,38 @@ require "json"
require_relative "players"
require_relative "session"
json_path = File.expand_path("db.json")
signed_in_users = JSON.parse(File.read(json_path))["signed_in_users"]
ALPHANUM = [*"0".."9", *"A".."Z", *"a".."z", "-", "_"].freeze
db_file = File.expand_path("infinsweeper.db")
DB = Sequel.connect("sqlite:///#{db_file}", single_threaded: false)
DB.run("PRAGMA foreign_keys = ON;")
signed_in_users = DB[:SignedInUsers].all.map { |x| [x[:code], x[:player]] }.to_h
Thread.new do
loop do
now = Time.now
fifteen_days_ago = now - (60 * 60 * 24 * 15)
six_days_ago = now - (60 * 60 * 24 * 6)
old_sessions = (DB[:SignedInUsers].where { created_at < fifteen_days_ago }.all +
DB[:SignedInUsers].where { last_used_at < six_days_ago }.all).uniq { |s| s[:code] }
old_sessions.each do |session|
begin
DB[:SignedInUsers].where(code: session[:code]).delete
rescue StandardError => e
File.write("log/main.log",
"[#{Time.now}] Thread DB error: #{e.message} on #{session[:code]} for #{session[:player]}\n",
mode: "a")
end
signed_in_users.delete(session[:code])
puts "Auto-logged out: #{session[:player]} (expired session)"
end
rescue StandardError => e
File.write("log/main.log", "[#{Time.now}] Thread error: #{e.message}\n", mode: "a")
ensure
sleep 60 * 60 * 24
end
end
set :public_folder, "public"
@@ -21,37 +51,35 @@ post "/new_player" do
data = JSON.parse(request.body.read)
if data["email"].nil? || data["pass"].nil? || data["username"].nil?
status 400
return '{"message": "Bad request made!"}'
return { "message" => "Bad request made!" }.to_json
end
player = Players.mk_player(data["username"], data["email"], data["pass"])
case player
when "Successfully registered!"
hash = XXhash.xxh64(data["email"] + Time.now.to_s, 1234)
code = ""
while hash.positive?
code << ALPHANUM[hash % 64]
hash /= 64
end
code = code.reverse.rjust(12, "0")
set_session(request, response, "user", code)
code = Array.new(24) { ALPHANUM.sample }.join
set_session(request, response, "user", code, code)
signed_in_users[code] = data["email"]
json = JSON.parse(File.read(json_path))
json["signed_in_users"] = signed_in_users.clone
File.write(json_path, JSON.pretty_generate(json))
begin
DB["insert into SignedInUsers (code, player) values (?, ?)", code, data["email"]].insert
rescue Sequel::Error => e
File.write("log/main.log", "DB Error: #{e.message}\n", mode: "a")
status 500
return { "message" => "Internal server error when signing you in!" }.to_json
end
status 200
else
status 400
end
return "{\"message\": \"#{player}\"}"
return { "message" => player }.to_json
end
get "/verify/:code" do
if Players.verify(params[:code])
status 200
return "{\"message\": \"Verified successfully!\"}"
return { "message" => "Verified successfully!" }.to_json
else
status 400
return "{\"message\": \"Used or Invalid code!\"}"
return { "message" => "Couldn't verify!" }
end
end
@@ -59,24 +87,22 @@ post "/login" do
data = JSON.parse(request.body.read)
player = Players.authorized?(data["email"], data["pass"])
if player
hash = XXhash.xxh64(data["email"] + Time.now.to_s, 1234)
code = ""
while hash.positive?
code << ALPHANUM[hash % 64]
hash /= 64
end
code = code.reverse.rjust(12, "0")
set_session(request, response, "user", code)
code = Array.new(24) { ALPHANUM.sample }.join
set_session(request, response, "user", code, code)
signed_in_users[code] = data["email"]
json = JSON.parse(File.read(json_path))
json["signed_in_users"] = signed_in_users.clone
File.write(json_path, JSON.pretty_generate(json))
begin
DB["insert into SignedInUsers (code, player) values (?, ?)", code, data["email"]].insert
rescue Sequel::Error => e
File.write("log/main.log", "DB Error: #{e.message}\n", mode: "a")
status 500
return { "message" => "Internal server error when signing you in!" }.to_json
end
status 200
return "{\"message\": \"Remember to verify your email!\"}" unless Players.verified?(data["email"])
return "{\"message\": \"Signed in successfully!\"}"
return { "message" => "Remember to verify your email!" }.to_json unless Players.verified?(data["email"])
return { "message" => "Signed in successfully!" }.to_json
else
status 400
return "{\"message\": \"Email or password incorrect!\"}"
return { "message" => "Couldn't sign you in!" }.to_json
end
end
@@ -84,40 +110,44 @@ post "/logout" do
uid = get_session(request, response, "user")
if signed_in_users[uid].nil?
status 400
return "{\"message\":\"Not signed in!\"}"
return { "message" => "Not signed in!" }.to_json
end
signed_in_users.delete(uid)
rm_session(request, response, "user")
json = JSON.parse(File.read(json_path))
json["signed_in_users"] = signed_in_users.clone
File.write(json_path, JSON.pretty_generate(json))
begin
DB["delete from SignedInUsers where code = ?", uid].delete
rescue Sequel::Error => e
File.write("log/main.log", "DB Error: #{e.message}\n", mode: "a")
status 500
return { "message" => "Internal server error when signing you out!" }.to_json
end
status 200
return "{\"message\":\"Signed out!\"}"
return { "message" => "Signed out successfully!" }.to_json
end
post "/forgot_password" do
data = JSON.parse(request.body.read)
if data["email"].nil?
status 400
return "{\"message\":\"Bad request made!\"}"
return { "message" => "Bad request made (Email not provided)!" }.to_json
end
Players.pass_req(data["email"])
status 200
return "{\"message\":\"Password reset email sent!\"}"
return { "message" => "Email sent successfully!" }.to_json
end
post "/reset_password/:code" do
data = JSON.parse(request.body.read)
if data["pass"].nil? || params[:code].nil?
status 400
return "{\"message\":\"Bad request made!\"}"
return { "message" => "Bad request made!" }.to_json
end
if Players.pass_reset(data["pass"], params[:code])
status 200
return "{\"message\":\"Password reset successfully!\"}"
return { "message" => "Password reset successfully!" }.to_json
else
status 400
return "{\"message\":\"Couldn\'t reset password!\"}"
return { "message" => "Couldn't reset password!" }.to_json
end
end
@@ -125,18 +155,15 @@ delete "/rm_player" do
uid = get_session(request, response, "user")
if uid.nil? || signed_in_users[uid].nil?
status 400
return '{"message": "Not signed in!"}'
return { "message" => "Not signed in!" }.to_json
end
if Players.rm_player(signed_in_users[uid])
status 200
signed_in_users.delete(uid)
rm_session(request, response, "user")
json = JSON.parse(File.read(json_path))
json["signed_in_users"] = signed_in_users.clone
File.write(json_path, JSON.pretty_generate(json))
return '{"message": "Sorry to see you go.."}'
status 200
return { "message" => "Sorry to see you go.." }.to_json
else
status 500
return '{"message": "Couldn\'t delete!"}'
return { "message" => "Couldn't delete!" }.to_json
end
end

36
players.rb
View File

@@ -8,6 +8,7 @@ ALPHANUM = [*"0".."9", *"A".."Z", *"a".."z", "-", "_"].freeze
module Players
db_file = File.expand_path("infinsweeper.db")
DB = Sequel.connect("sqlite:///#{db_file}", single_threaded: false)
DB.run("PRAGMA foreign_keys = ON;")
def self.list
DB["select * from Players"].all
@@ -26,19 +27,7 @@ module Players
digest = XXhash.xxh32(pass, 1234)
path = File.expand_path("db.json")
json = File.exist?(path) ? JSON.parse(File.read(path)) : {}
json["account_num"] ||= 0
account_num = json["account_num"]
json["account_num"] += 1
File.write(path, JSON.pretty_generate(json))
account_num = XXhash.xxh64(account_num, 1234)
code = ""
while account_num.positive?
code << ALPHANUM[account_num % 64]
account_num /= 64
end
code = code.reverse.rjust(12, "0")
code = Array.new(24) { ALPHANUM.sample }.join
DB[
"insert into Players (email, digest, username, activation_code) values (?, ?, ?, ?)",
@@ -64,20 +53,8 @@ module Players
def self.pass_req(email)
return unless self[email]
path = File.expand_path("db.json")
json = File.exist?(path) ? JSON.parse(File.read(path)) : {}
json["pass_num"] ||= 0
pass_num = json["pass_num"]
json["pass_num"] += 1
File.write(path, JSON.pretty_generate(json))
pass_num = XXhash.xxh64(pass_num, 1234)
code = ""
while pass_num.positive?
code << ALPHANUM[pass_num % 64]
pass_num /= 64
end
code = code.reverse.rjust(12, "0")
code = Array.new(24) { ALPHANUM.sample }.join
DB["update Players set new_pass_code = ? where email = ?", code, email].update
send_email(:pass_req, email, code)
@@ -108,9 +85,14 @@ module Players
end
Thread.new do
sleep 60 * 60
loop do
unverified.each do |player|
rm_player(player[:email]) if player[:created_at] + 24 * 60 * 60 < Time.now
end
rescue StandardError => e
File.write("log/main.log", "Thread error: #{e.message}\n", mode: "a")
ensure
sleep 60 * 60
end
end
end

10
schema.sql
View File

@@ -1,4 +1,4 @@
CREATE TABLE Players (
CREATE TABLE IF NOT EXISTS Players (
email TEXT PRIMARY KEY,
username TEXT UNIQUE,
digest BLOB,
@@ -7,3 +7,11 @@ CREATE TABLE Players (
new_pass_code TEXT,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
CREATE TABLE IF NOT EXISTS SignedInUsers (
code TEXT PRIMARY KEY,
player TEXT,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
last_used_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (player) REFERENCES Players (email) ON DELETE CASCADE
);