170 lines
5.1 KiB
Ruby
170 lines
5.1 KiB
Ruby
require "sinatra"
|
|
require "json"
|
|
|
|
require_relative "players"
|
|
require_relative "session"
|
|
|
|
ALPHANUM = [*"0".."9", *"A".."Z", *"a".."z", "-", "_"].freeze
|
|
|
|
db_file = File.expand_path("infinsweeper.db")
|
|
DB = Sequel.connect("sqlite:///#{db_file}", single_threaded: false)
|
|
DB.run("PRAGMA foreign_keys = ON;")
|
|
|
|
signed_in_users = DB[:SignedInUsers].all.map { |x| [x[:code], x[:player]] }.to_h
|
|
|
|
Thread.new do
|
|
loop do
|
|
now = Time.now
|
|
fifteen_days_ago = now - (60 * 60 * 24 * 15)
|
|
six_days_ago = now - (60 * 60 * 24 * 6)
|
|
old_sessions = (DB[:SignedInUsers].where { created_at < fifteen_days_ago }.all +
|
|
DB[:SignedInUsers].where { last_used_at < six_days_ago }.all).uniq { |s| s[:code] }
|
|
old_sessions.each do |session|
|
|
begin
|
|
DB[:SignedInUsers].where(code: session[:code]).delete
|
|
rescue StandardError => e
|
|
File.write("log/main.log",
|
|
"[#{Time.now}] Thread DB error: #{e.message} on #{session[:code]} for #{session[:player]}\n",
|
|
mode: "a")
|
|
end
|
|
signed_in_users.delete(session[:code])
|
|
puts "Auto-logged out: #{session[:player]} (expired session)"
|
|
end
|
|
rescue StandardError => e
|
|
File.write("log/main.log", "[#{Time.now}] Thread error: #{e.message}\n", mode: "a")
|
|
ensure
|
|
sleep 60 * 60 * 24
|
|
end
|
|
end
|
|
|
|
set :public_folder, "public"
|
|
|
|
get "/" do
|
|
send_file "index.html"
|
|
end
|
|
|
|
get "/debug" do
|
|
return get_session_all(request, response).inspect
|
|
end
|
|
|
|
post "/new_player" do
|
|
data = JSON.parse(request.body.read)
|
|
if data["email"].nil? || data["pass"].nil? || data["username"].nil?
|
|
status 400
|
|
return { "message" => "Bad request made!" }.to_json
|
|
end
|
|
player = Players.mk_player(data["username"], data["email"], data["pass"])
|
|
case player
|
|
when "Successfully registered!"
|
|
code = Array.new(24) { ALPHANUM.sample }.join
|
|
set_session(request, response, "user", code, code)
|
|
signed_in_users[code] = data["email"]
|
|
begin
|
|
DB["insert into SignedInUsers (code, player) values (?, ?)", code, data["email"]].insert
|
|
rescue Sequel::Error => e
|
|
File.write("log/main.log", "DB Error: #{e.message}\n", mode: "a")
|
|
status 500
|
|
return { "message" => "Internal server error when signing you in!" }.to_json
|
|
end
|
|
status 200
|
|
else
|
|
status 400
|
|
end
|
|
return { "message" => player }.to_json
|
|
end
|
|
|
|
get "/verify/:code" do
|
|
if Players.verify(params[:code])
|
|
status 200
|
|
return { "message" => "Verified successfully!" }.to_json
|
|
else
|
|
status 400
|
|
return { "message" => "Couldn't verify!" }
|
|
end
|
|
end
|
|
|
|
post "/login" do
|
|
data = JSON.parse(request.body.read)
|
|
player = Players.authorized?(data["email"], data["pass"])
|
|
if player
|
|
code = Array.new(24) { ALPHANUM.sample }.join
|
|
set_session(request, response, "user", code, code)
|
|
signed_in_users[code] = data["email"]
|
|
begin
|
|
DB["insert into SignedInUsers (code, player) values (?, ?)", code, data["email"]].insert
|
|
rescue Sequel::Error => e
|
|
File.write("log/main.log", "DB Error: #{e.message}\n", mode: "a")
|
|
status 500
|
|
return { "message" => "Internal server error when signing you in!" }.to_json
|
|
end
|
|
status 200
|
|
return { "message" => "Remember to verify your email!" }.to_json unless Players.verified?(data["email"])
|
|
return { "message" => "Signed in successfully!" }.to_json
|
|
else
|
|
status 400
|
|
return { "message" => "Couldn't sign you in!" }.to_json
|
|
end
|
|
end
|
|
|
|
post "/logout" do
|
|
uid = get_session(request, response, "user")
|
|
if signed_in_users[uid].nil?
|
|
status 400
|
|
return { "message" => "Not signed in!" }.to_json
|
|
end
|
|
signed_in_users.delete(uid)
|
|
rm_session(request, response, "user")
|
|
begin
|
|
DB["delete from SignedInUsers where code = ?", uid].delete
|
|
rescue Sequel::Error => e
|
|
File.write("log/main.log", "DB Error: #{e.message}\n", mode: "a")
|
|
status 500
|
|
return { "message" => "Internal server error when signing you out!" }.to_json
|
|
end
|
|
status 200
|
|
return { "message" => "Signed out successfully!" }.to_json
|
|
end
|
|
|
|
post "/forgot_password" do
|
|
data = JSON.parse(request.body.read)
|
|
if data["email"].nil?
|
|
status 400
|
|
return { "message" => "Bad request made (Email not provided)!" }.to_json
|
|
end
|
|
Players.pass_req(data["email"])
|
|
status 200
|
|
return { "message" => "Email sent successfully!" }.to_json
|
|
end
|
|
|
|
post "/reset_password/:code" do
|
|
data = JSON.parse(request.body.read)
|
|
if data["pass"].nil? || params[:code].nil?
|
|
status 400
|
|
return { "message" => "Bad request made!" }.to_json
|
|
end
|
|
if Players.pass_reset(data["pass"], params[:code])
|
|
status 200
|
|
return { "message" => "Password reset successfully!" }.to_json
|
|
else
|
|
status 400
|
|
return { "message" => "Couldn't reset password!" }.to_json
|
|
end
|
|
end
|
|
|
|
delete "/rm_player" do
|
|
uid = get_session(request, response, "user")
|
|
if uid.nil? || signed_in_users[uid].nil?
|
|
status 400
|
|
return { "message" => "Not signed in!" }.to_json
|
|
end
|
|
if Players.rm_player(signed_in_users[uid])
|
|
signed_in_users.delete(uid)
|
|
rm_session(request, response, "user")
|
|
status 200
|
|
return { "message" => "Sorry to see you go.." }.to_json
|
|
else
|
|
status 500
|
|
return { "message" => "Couldn't delete!" }.to_json
|
|
end
|
|
end
|