Skip to content
This repository has been archived by the owner on Sep 24, 2024. It is now read-only.

Commit

Permalink
prepare admin panel
Browse files Browse the repository at this point in the history
  • Loading branch information
@therealbenpai
therealbenpai committed Jun 29, 2024
1 parent f98f13c commit f9b4839
Show file tree
Hide file tree
Showing 18 changed files with 280 additions and 32 deletions.
2 changes: 1 addition & 1 deletion functions/database.js
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
const pg = require('pg');

Check failure on line 1 in functions/database.js

View check run for this annotation

Codeac.io / Codeac Code Quality 

Parsing error: No Babel config file detected for /tmp/commit-1189719-eslint/functions/database.js. Either disable config file checking with requireConfigFile: false, or configure Babel so that it can find the config files.
const cron = require('node-cron');
const SQL = require('sql-template-strings');
const { SQL } = require('sql-template-strings');
const events = require('events');
require('dotenv').config();

Expand Down
4 changes: 3 additions & 1 deletion index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ const express = require('express');
const app = express();
const http = require('http');
const Admin = require('firebase-admin');
const App = require('firebase/app');
const Auth = require('firebase/auth');
const { RateLimiterMemory } = require('rate-limiter-flexible');
const { WebSecurity, CSPObj, PermissionPolicy, ReportToGroup, ReportingEndpoint, Headers: headers } = require('@therealbenpai/zdcors');
const csl = console;
Expand Down Expand Up @@ -121,7 +123,7 @@ app
new CSPObj('reportUri', false, [], false, false, ['https://security.thefemdevs.com/csp/new']),
new CSPObj('baseUri', false, [], true, false, ['thefemdevs.com', 'security.thefemdevs.com', 'cdn.thefemdevs.com']),
new CSPObj('scriptSrc', false, [], true, false,
['blob:', ['thefemdevs.com', 'google.com', 'fontawesome.com'].map(WebSecurity.CD)].flat(2),
['blob:', ['thefemdevs.com', 'google.com', 'fontawesome.com', 'jsdelivr.net'].map(WebSecurity.CD)].flat(2),
),
),
PermissionPolicy: WebSecurity.PermissionPolicy(
Expand Down
2 changes: 0 additions & 2 deletions middleware/APITokenMgr.js
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
// const Cryptolens = require('cryptolens');
require('dotenv').config();

Check failure on line 1 in middleware/APITokenMgr.js

View check run for this annotation

Codeac.io / Codeac Code Quality 

Parsing error: No Babel config file detected for /tmp/commit-1189719-eslint/middleware/APITokenMgr.js. Either disable config file checking with requireConfigFile: false, or configure Babel so that it can find the config files.
const webUtils = require('@therealbenpai/webutils');


/**
* Middleware to check if the request has a valid API token
* @type {import('express').RequestHandler}
Expand Down
3 changes: 1 addition & 2 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@
"eslint-plugin-jsdoc": "^48.2.6",
"express": "^4.18.2",
"express-session": "^1.17.3",
"firebase": "^10.5.0",
"firebase": "^10.12.2",
"firebase-admin": "^12.1.0",
"html-minifier": "^4.0.0",

Check failure on line 73 in package.json

View check run for this annotation

Codeac.io / Codeac Code Quality

NPM Vulnerability 

Artifact "html-minifier" 4.0.0 is vulnerable to CVE-2022-37620 - kangax html-minifier REDoS vulnerability. Vulnerability score: 7.5 (high).
"ipinfo-express": "^2.0.2",
Expand Down
18 changes: 18 additions & 0 deletions views/admin/auth/login.pug
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
include ../../mixins.pug
doctype html
html(lang="en")
head
+header()
body
.container
.row
.col-12
h1 Login
form(action="/auth/login" method="post")
.form-group
label(for="username") Username
input#username.form-control(type="text" name="username")
.form-group
label(for="password") Password
input#password.form-control(type="password" name="password")
button.btn.btn-primary(type="submit") Login
39 changes: 39 additions & 0 deletions views/admin/private/tokens/index.pug
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
include ../../../mixins.pug
doctype html
html(lang="en")
head
+header()
body
.container
.row
.col-12
h1 Tokens
a.btn.btn-primary(href="/admin/tokens/create") Create Token
table.table.table-striped.table-hover
thead
tr
th Token
th Associated User
th Disabled
th Blocked
th
th
th
tbody
each token in tokens
tr(id= token.id)
td: p= token.token
td: p= token.user.username
td: p= token.disabled
td: p= token.blocked
td: p
if token.disabled
a.btn.btn-success(href=`/tokens/enable/${token.id}`) Enable
else
a.btn.btn-danger(href=`/tokens/disable/${token.id}`) Disable
td: p
if token.blocked
a.btn.btn-success(href=`/tokens/unblock/${token.id}`) Unblock
else
a.btn.btn-danger(href=`/tokens/block/${token.id}`) Block
td: p: a.btn.btn-danger(href=`/tokens/delete/${token.id}`) Delete
7 changes: 4 additions & 3 deletions views/admin/public/index.pug
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
include ../../mixins.pug
doctype html
html(lang='en-us')
head
include ../../defaults/header.pug
+header()
body.bg-neutral-200
include ../../defaults/nav.pug
+nav()
content.flex.flex-col.items-center.justify-center
main
hero.flex.w-full.max-w-6xl.flex-row.items-center.justify-between.p-8(class='md:my-16')
Expand Down Expand Up @@ -77,4 +78,4 @@ html(lang='en-us')
.flex.flex-col.items-center
h2.select-none.text-center.font-poppins.text-4xl.font-medium.text-neutral-900 99.7%
h3.select-none.text-center.font-poppins.text-xl.text-neutral-900 Service Uptime
include ../../defaults/footer.pug
+footer()
4 changes: 3 additions & 1 deletion views/mixins.pug
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,7 +100,7 @@ mixin socials2(icon, link, title, color)
when 'ben'
- colorx = 'indigo'
.justify-evenly.size-full.flex.content-center.p-2
a(href=link target='_blank' class=`hover:text-${colorx}-500 hover:scale-110 material-symbols-outlined` title=title rel='me').transition-all.duration-300.text-inherit.p-0.border-1.border-solid.border-transparent.rounded-3xl.no-underline.items-center.self-center.justify-center.flex.flex-col.pt-4.text-5xl.text-gray-700= icon
a(href=link target='_blank' class=`hover:text-${colorx}-500 hover:scale-110` title=title rel='me').transition-all.duration-300.text-inherit.p-0.border-1.border-solid.border-transparent.rounded-3xl.no-underline.items-center.self-center.justify-center.flex.flex-col.pt-4.text-5xl.text-gray-700.mso= icon
mixin nav()
.sticky.top-0.z-30.flex.flex-row.items-center.justify-center.bg-white
.flex.w-full.max-w-6xl.flex-row.items-center.justify-between.p-8
Expand Down Expand Up @@ -182,6 +182,8 @@ mixin header()
+headerlink('https://cdn.thefemdevs.com/assets/images/cus', 'apple-touch-icon', 'image/png')
+headerlink('https://cdn.thefemdevs.com/assets/images/deficon', 'icon', 'image/svg+xml')
+headerlink('https://cdn.thefemdevs.com/assets/css/d', 'stylesheet', 'text/css')
+headerlink('https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css', 'stylesheet', 'text/css')
script(src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js")
script(type='application/ld+json').
{
"@context": "https://schema.org",
Expand Down
2 changes: 1 addition & 1 deletion views/pages/ben/index.pug
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ html(lang="en")
font-family: 'Material Symbols Outlined';
src: url(https://fonts.gstatic.com/s/materialsymbolsoutlined/v192/kJF4BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY40KH8nGzv3fz_VFU22ZZLsYEpzC_1hCs5Y0.woff2) format('woff2');
}
.material-symbols-outlined {
.mso {
font-family: 'Material Symbols Outlined';
font-weight: normal;
font-style: normal;
Expand Down
1 change: 1 addition & 0 deletions web/admin/index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ router
);
})
.use((err, req, res, _) => {
console.log(err);
res

Check warning on line 42 in web/admin/index.js

View check run for this annotation

Codeac.io / Codeac Code Quality

CodeDuplication 

This block of 41 lines is too similar to web/pages/oblong/index.js:1
.status(501)
.setHeader('X-Error-ID', '')
Expand Down
89 changes: 84 additions & 5 deletions web/admin/routes/auth.js
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,90 @@
const router = require('express').Router();
const express = require('express');

Check failure on line 1 in web/admin/routes/auth.js

View check run for this annotation

Codeac.io / Codeac Code Quality 

Parsing error: No Babel config file detected for /tmp/commit-1189719-eslint/web/admin/routes/auth.js. Either disable config file checking with requireConfigFile: false, or configure Babel so that it can find the config files.
const router = express.Router();
const { SQL } = require('sql-template-strings');
const User = require('../../../functions/userMgr');

router
.get('/login', (req, res) => res.render('auth/login'))
.post('/login', (req, res) => {
const { username, password } = req.body;
// Login logic here
.get('/login', async (req, res) => {
res.render('admin/auth/login.pug', {
status: (await req.Database.getServerStatus()),
meta: {
title: 'Login | Admin Panel',
desc: 'The admin panel for the FemDevs!',
url: 'https://admin.thefemdevs.com/login',
canonical: 'https://admin.thefemdevs.com/login',
},
});
})
.post('/login',
express.urlencoded({
extended: true,
type: 'application/x-www-form-urlencoded',
}),
async (req, res) => {
const { username, password } = req.body;
let user;
try {
user = await req.auth.signInWithEmailAndPassword(username, password);
} catch (error) {
switch (error.code) {
case 'auth/user-disabled': return res.render('admin/auth/login.pug', {
status: (await req.Database.getServerStatus()),
meta: {
title: 'Login | Admin Panel',
desc: 'The admin panel for the FemDevs!',
url: 'https://admin.thefemdevs.com/login',
canonical: 'https://admin.thefemdevs.com/login',
},
error: 'Your account has been disabled',
});
case 'auth/user-not-found':
case 'auth/wrong-password':
case 'auth/invalid-credential':
return res.render('admin/auth/login.pug', {
status: (await req.Database.getServerStatus()),
meta: {
title: 'Login | Admin Panel',
desc: 'The admin panel for the FemDevs!',
url: 'https://admin.thefemdevs.com/login',
canonical: 'https://admin.thefemdevs.com/login',
},
error: 'We couldn\'t find an account with that email address and password',
});
default:
console.log(error);
return res.sendError(0);
}
}
const connection = await req.Database.pool.connect();
const { rows } = await connection.query(SQL`SELECT * FROM public.users WHERE firebaseuid = ${user.uid}`);
if (rows.length === 0) return res.sendError(21);
const userPermissions = await User.fromFullPermissionBitString(rows[0].permissions);
const { uid, email, photoURL, phoneNumber, emailVerified, disabled, metadata } = user;
const userData = {
uid,
name: {
first: rows[0].firstname,
last: rows[0].lastname,
display: rows[0].displayname,
},
contact: {
email: {
address: email,
verified: emailVerified,
},
phone: {
number: phoneNumber,
},
},
photoURL,
disabled,
creationTime: metadata.creationTime,
lastSignInTime: metadata.lastSignInTime,
permissions: userPermissions,
};
req.session.user = userData;
},
)
.get('/logout', (req, res) => {
// Logout logic here
});
Expand Down
11 changes: 8 additions & 3 deletions web/admin/routes/core.js
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,17 @@
const router = require('express').Router();

Check failure on line 1 in web/admin/routes/core.js

View check run for this annotation

Codeac.io / Codeac Code Quality 

Parsing error: No Babel config file detected for /tmp/commit-1189719-eslint/web/admin/routes/core.js. Either disable config file checking with requireConfigFile: false, or configure Babel so that it can find the config files.

router
.get('/', (req, res) => {
.get('/', async (req, res) => {
res.render(
'admin/public/index.pug',
{
title: 'Admin',
description: 'FemDevs Admin Panel',
status: (await req.Database.getServerStatus()),
meta: {
title: 'Admin Panel',
desc: 'The admin panel for the FemDevs!',
url: 'https://adminthefemdevs.com',
canonical: 'https://admin.thefemdevs.com',
},
},
);
});
Expand Down
22 changes: 22 additions & 0 deletions web/admin/routes/router.js
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,28 @@
const router = require('express').Router();

Check failure on line 1 in web/admin/routes/router.js

View check run for this annotation

Codeac.io / Codeac Code Quality 

Parsing error: No Babel config file detected for /tmp/commit-1189719-eslint/web/admin/routes/router.js. Either disable config file checking with requireConfigFile: false, or configure Babel so that it can find the config files.

//- Functions
const errorResponse = k => require('../../../functions/errorResponse').get(k);
const User = require('../../../functions/userMgr');

router
.use((req, res, next) => {
const sendClose = (res, code) => {
const resp = errorResponse(code);
delete resp.httpCode;
res.status(errorResponse(code).httpCode).json(resp);
return false;
};
Object.assign(res, {
sendClose,

Check warning on line 16 in web/admin/routes/router.js

View check run for this annotation

Codeac.io / Codeac Code Quality

CodeDuplication 

This block of 11 lines is too similar to web/api/routes/router.js:40
sendError: code =>
res.status(errorResponse(code).httpCode)
.json({ code: errorResponse(code).code, message: errorResponse(code).message }),
});
next();
})
.all('*', (req, res, next) => {
res.send("This route is not implemented yet.");

Check warning on line 24 in web/admin/routes/router.js

View check run for this annotation

Codeac.io / Codeac Code Quality

CodeDuplication 

This block of 10 lines is too similar to web/api/routes/router.js:67
})
.use('/', require('./core'))
.use('/auth', require('./auth'))
.use('/tokens', require('./tokens'))
Expand Down
Loading

0 comments on commit f9b4839

Please sign in to comment.