dbot/modules/web/web.js

var express = require('express'),
    passport = require('passport'),
    passHash = require('password-hash'),
    flash = require('connect-flash'),
    _ = require('underscore')._,
    fs = require('fs'),
    LocalStrategy = require('passport-local').Strategy;

var webInterface = function(dbot) {
    this.config = dbot.config.modules.web;
    this.pub = 'public';
    this.app = express();

    this.app.use(express.static(this.pub));
    this.app.set('view engine', 'jade');
    this.app.use(express.cookieParser());
    this.app.use(express.bodyParser());
    this.app.use(express.methodOverride());
    this.app.use(express.session({ 'secret': 'wat' }));
    this.app.use(flash());

    this.app.use(passport.initialize());
    this.app.use(passport.session());
    this.app.use(this.app.router);

    passport.serializeUser(function(user, done) {
        console.log('serialising ' + user);
        done(null, user.id);
    });

    passport.deserializeUser(function(id, done) {
        dbot.api.users.getUser(id, function(user) {
            console.log(id);
            console.log(user);
            done(null, user);
        });
    });

    passport.use(new LocalStrategy(function(username, password, callback) {
        var splitUser = username.split('@'),
            server = splitUser[1],
            username = splitUser[0];

        dbot.api.users.resolveUser(server, username, function(user) {
            if(user) {
                this.api.getWebUser(user.id, function(webUser) {
                    if(webUser) {
                        if(passHash.verify(password, webUser.password)) {
                            return callback(null, user); 
                        } else {
                            return callback(null, false, { 'message': 'Incorrect password.' });
                        }
                    } else {
                        return callback(null, false, { 'message': 'Use ~setwebpass to set up your account for web login.' });
                    }
                });
            } else {
                return callback(null, false, { 'message': 'Unknown user' });
            }
        }.bind(this)); 
    }.bind(this)));

    var server = this.app.listen(this.config.webPort);

    this.reloadPages = function() {
        var pages = dbot.pages;
        for(var p in pages) {
            if(_.has(pages, p)) {
                var func = pages[p];
                var mod = func.module;
                this.app.get(p, this.api.hasAccess, (function(req, resp) {
                    // Crazy shim to seperate module views.
                    var shim = Object.create(resp);
                    shim.render = (function(view, one, two) {
                        // Render with express.js
                        _.extend(one, { 
                            'name': dbot.config.name,
                            'user': req.user    
                        });
                        resp.render(this.module + '/' + view, one, two);
                    }).bind(this);
                    shim.render_core = resp.render;
                    this.call(this.module, req, shim);
                }).bind(func));
            }
        }
    }.bind(this);

    this.onLoad = function() {
        var routes = _.pluck(dbot.modules.web.app.routes.get, 'path');
        var moduleNames = _.keys(dbot.modules);
        var indexModules = [];

        // fix the thingy
        _.each(moduleNames, function(moduleName) {
            var modulePath = '/' + moduleName;
            if(_.include(routes, modulePath)) {
                indexModules.push(moduleName);
            }
        });

        this.app.get('/', function(req, res) {
            res.render('index', { 
                'name': dbot.config.name,
                'user': req.user,
                'routes': indexModules
            });
        });

        this.app.get('/login', function(req, res) {
            res.render('login', {
                'user': req.user,
                'message': req.flash('error')
            });
        });

        this.app.post('/login', passport.authenticate('local', {
            'failureRedirect': '/login', 
            'failureFlash': true
        }), function(req, res) {
            if(req.body.redirect) {
                res.redirect(req.body.redirect);
            } else {
                res.redirect('/');
            }
        });

        this.app.get('/logout', function(req, res) {
            req.logout(); 
            res.redirect('/');
        });
    }.bind(this);

    this.onDestroy = function() {
        server.close();
    };

    this.api = {
        'getUrl': function(path) {
            if(path.charAt(0) == '/') path = path.substr(1);
            if(this.config.externalPath) {
                return this.config.externalPath + '/' + path;
            } else {
                return 'http://' + this.config.webHost + ':' + this.config.webPort + '/' + path;
            }
        },

        'getWebUser': function(id, callback) {
            this.db.read('web_users', id, function(err, webUser) {
                callback(webUser);
            }); 
        },

        'hasAccess': function(req, res, next) {
            var module = req.route.path.split('/')[1];
            module = dbot.modules[module];

            if(module.config.requireWebLogin == true) {
                if(req.isAuthenticated()) {
                    if(!_.isUndefined(module.config.webAccess)) {
                        var allowedUsers = dbot.config.admins;
                        if(module.config.webAccess == 'moderators') {
                            allowedUsers = _.union(allowedUsers, dbot.config.moderators);
                        }
                        if(module.config.webAccess == 'power_users') {
                            allowedUsers = _.union(allowedUsers, dbot.config.moderators);
                            allowedUsers = _.union(allowedUsers, dbot.config.power_users);
                        }

                        if(_.include(allowedUsers, req.user.primaryNick)) {
                            return next();
                        } else {
                            res.redirect('/');
                        }
                    } else {
                        return next();
                    }
                } else {
                    console.log(req);
                    res.render('login', {
                        'message': 'You need to log in to access this module.',
                        'redirect': req.originalUrl
                    });
                }
            } else {
                return next();
            }
        }
    };

    this.commands = {
        '~setwebpass': function(event) {
            var newPass = event.input[1];
            console.log(newPass);
            this.api.getWebUser(event.rUser.id, function(webUser) {
                if(!webUser) {
                    webUser = {
                        'id': event.rUser.id,
                        'password': false
                    }
                } 
                webUser.password = passHash.generate(newPass);

                this.db.save('web_users', webUser.id, webUser, function(result) {
                    event.reply(dbot.t('web_pass_set')); 
                });
            }.bind(this));
        }
    };
    this.commands['~setwebpass'].regex = [/^~setwebpass ([^ ]+)$/, 2]
};

exports.fetch = function(dbot) {
    return new webInterface(dbot);
};
Modularised web routes and views 2012-12-24 06:47:47 +01:00			`var express = require('express'),`
basic skellington for web login stuff [#538] 2013-07-27 19:19:53 +02:00			`passport = require('passport'),`
			`passHash = require('password-hash'),`
			`flash = require('connect-flash'),`
web underscorised [#81] 2013-01-13 16:51:54 +01:00			`_ = require('underscore')._,`
basic skellington for web login stuff [#538] 2013-07-27 19:19:53 +02:00			`fs = require('fs'),`
			`LocalStrategy = require('passport-local').Strategy;`
Move all the modules to their own directories 2012-12-11 17:04:52 +01:00
			`var webInterface = function(dbot) {`
Module config now loaded from config.json , rleloaded upon reloading and various module changes to make it work right [#474] [#489] 2013-06-04 01:00:23 +02:00			`this.config = dbot.config.modules.web;`
Initial API module [#361] 2013-04-14 19:21:24 +02:00			`this.pub = 'public';`
			`this.app = express();`
Move all the modules to their own directories 2012-12-11 17:04:52 +01:00
Initial API module [#361] 2013-04-14 19:21:24 +02:00			`this.app.use(express.static(this.pub));`
			`this.app.set('view engine', 'jade');`
basic skellington for web login stuff [#538] 2013-07-27 19:19:53 +02:00			`this.app.use(express.cookieParser());`
it fucking works (web login that is) [#538] 2013-07-28 20:11:10 +02:00			`this.app.use(express.bodyParser());`
basic skellington for web login stuff [#538] 2013-07-27 19:19:53 +02:00			`this.app.use(express.methodOverride());`
			`this.app.use(express.session({ 'secret': 'wat' }));`
			`this.app.use(flash());`

			`this.app.use(passport.initialize());`
			`this.app.use(passport.session());`
some other stuff and the login view. there is some stupid issue picking up the credentials from the form though idk 2013-07-27 20:14:00 +02:00			`this.app.use(this.app.router);`
basic skellington for web login stuff [#538] 2013-07-27 19:19:53 +02:00
some other stuff and the login view. there is some stupid issue picking up the credentials from the form though idk 2013-07-27 20:14:00 +02:00			`passport.serializeUser(function(user, done) {`
web login works, with access settings for certain modules [#538] 2013-07-29 22:08:25 +02:00			`console.log('serialising ' + user);`
			`done(null, user.id);`
some other stuff and the login view. there is some stupid issue picking up the credentials from the form though idk 2013-07-27 20:14:00 +02:00			`});`

web login works, with access settings for certain modules [#538] 2013-07-29 22:08:25 +02:00			`passport.deserializeUser(function(id, done) {`
			`dbot.api.users.getUser(id, function(user) {`
			`console.log(id);`
			`console.log(user);`
			`done(null, user);`
			`});`
some other stuff and the login view. there is some stupid issue picking up the credentials from the form though idk 2013-07-27 20:14:00 +02:00			`});`

			`passport.use(new LocalStrategy(function(username, password, callback) {`
basic skellington for web login stuff [#538] 2013-07-27 19:19:53 +02:00			`var splitUser = username.split('@'),`
			`server = splitUser[1],`
			`username = splitUser[0];`

			`dbot.api.users.resolveUser(server, username, function(user) {`
			`if(user) {`
			`this.api.getWebUser(user.id, function(webUser) {`
			`if(webUser) {`
it fucking works (web login that is) [#538] 2013-07-28 20:11:10 +02:00			`if(passHash.verify(password, webUser.password)) {`
basic skellington for web login stuff [#538] 2013-07-27 19:19:53 +02:00			`return callback(null, user);`
			`} else {`
			`return callback(null, false, { 'message': 'Incorrect password.' });`
			`}`
			`} else {`
			`return callback(null, false, { 'message': 'Use ~setwebpass to set up your account for web login.' });`
			`}`
			`});`
			`} else {`
			`return callback(null, false, { 'message': 'Unknown user' });`
			`}`
			`}.bind(this));`
some other stuff and the login view. there is some stupid issue picking up the credentials from the form though idk 2013-07-27 20:14:00 +02:00			`}.bind(this)));`
Module config now loaded from config.json , rleloaded upon reloading and various module changes to make it work right [#474] [#489] 2013-06-04 01:00:23 +02:00
			`var server = this.app.listen(this.config.webPort);`
Move all the modules to their own directories 2012-12-11 17:04:52 +01:00
Fixed web loading and hot refresh of pages [#131] 2013-01-15 14:58:13 +01:00			`this.reloadPages = function() {`
			`var pages = dbot.pages;`
Modularised web routes and views 2012-12-24 06:47:47 +01:00			`for(var p in pages) {`
web underscorised [#81] 2013-01-13 16:51:54 +01:00			`if(_.has(pages, p)) {`
Modularised web routes and views 2012-12-24 06:47:47 +01:00			`var func = pages[p];`
			`var mod = func.module;`
OH BABY [#538] 2013-07-29 21:03:24 +02:00			`this.app.get(p, this.api.hasAccess, (function(req, resp) {`
Modularised web routes and views 2012-12-24 06:47:47 +01:00			`// Crazy shim to seperate module views.`
			`var shim = Object.create(resp);`
			`shim.render = (function(view, one, two) {`
			`// Render with express.js`
web login works, with access settings for certain modules [#538] 2013-07-29 22:08:25 +02:00			`_.extend(one, {`
			`'name': dbot.config.name,`
			`'user': req.user`
			`});`
Fixed web loading and hot refresh of pages [#131] 2013-01-15 14:58:13 +01:00			`resp.render(this.module + '/' + view, one, two);`
Modularised web routes and views 2012-12-24 06:47:47 +01:00			`}).bind(this);`
			`shim.render_core = resp.render;`
			`this.call(this.module, req, shim);`
			`}).bind(func));`
Move all the modules to their own directories 2012-12-11 17:04:52 +01:00			`}`
			`}`
Fixed web loading and hot refresh of pages [#131] 2013-01-15 14:58:13 +01:00			`}.bind(this);`
remove useless crap from modules [#136] 2013-01-15 17:54:51 +01:00
Automatically look for modules with root indexes and show those on the index [Close #427] 2013-04-30 21:33:26 +02:00			`this.onLoad = function() {`
			`var routes = _.pluck(dbot.modules.web.app.routes.get, 'path');`
			`var moduleNames = _.keys(dbot.modules);`
			`var indexModules = [];`

each 2013-07-29 22:25:07 +02:00			`// fix the thingy`
Automatically look for modules with root indexes and show those on the index [Close #427] 2013-04-30 21:33:26 +02:00			`_.each(moduleNames, function(moduleName) {`
			`var modulePath = '/' + moduleName;`
			`if(_.include(routes, modulePath)) {`
			`indexModules.push(moduleName);`
			`}`
			`});`

			`this.app.get('/', function(req, res) {`
			`res.render('index', {`
			`'name': dbot.config.name,`
web login works, with access settings for certain modules [#538] 2013-07-29 22:08:25 +02:00			`'user': req.user,`
Automatically look for modules with root indexes and show those on the index [Close #427] 2013-04-30 21:33:26 +02:00			`'routes': indexModules`
			`});`
			`});`
basic skellington for web login stuff [#538] 2013-07-27 19:19:53 +02:00
			`this.app.get('/login', function(req, res) {`
some other stuff and the login view. there is some stupid issue picking up the credentials from the form though idk 2013-07-27 20:14:00 +02:00			`res.render('login', {`
login and logout web routes [#538] 2013-07-27 19:31:00 +02:00			`'user': req.user,`
some other stuff and the login view. there is some stupid issue picking up the credentials from the form though idk 2013-07-27 20:14:00 +02:00			`'message': req.flash('error')`
login and logout web routes [#538] 2013-07-27 19:31:00 +02:00			`});`
			`});`

			`this.app.post('/login', passport.authenticate('local', {`
			`'failureRedirect': '/login',`
			`'failureFlash': true`
			`}), function(req, res) {`
web login works, with access settings for certain modules [#538] 2013-07-29 22:08:25 +02:00			`if(req.body.redirect) {`
			`res.redirect(req.body.redirect);`
			`} else {`
fix more redirects 2013-07-29 22:45:35 +02:00			`res.redirect('/');`
web login works, with access settings for certain modules [#538] 2013-07-29 22:08:25 +02:00			`}`
login and logout web routes [#538] 2013-07-27 19:31:00 +02:00			`});`

			`this.app.get('/logout', function(req, res) {`
			`req.logout();`
			`res.redirect('/');`
basic skellington for web login stuff [#538] 2013-07-27 19:19:53 +02:00			`});`
Automatically look for modules with root indexes and show those on the index [Close #427] 2013-04-30 21:33:26 +02:00			`}.bind(this);`

remove useless crap from modules [#136] 2013-01-15 17:54:51 +01:00			`this.onDestroy = function() {`
			`server.close();`
add web api function for getUrl instead of string in base, use externalAddress optional config key to define external behaviours [#264] 2013-04-13 00:53:45 +02:00			`};`

			`this.api = {`
			`'getUrl': function(path) {`
Remove leading slash in url api maker [#435] 2013-05-06 22:09:19 +02:00			`if(path.charAt(0) == '/') path = path.substr(1);`
add web api function for getUrl instead of string in base, use externalAddress optional config key to define external behaviours [#264] 2013-04-13 00:53:45 +02:00			`if(this.config.externalPath) {`
			`return this.config.externalPath + '/' + path;`
			`} else {`
fix web getUrl api function 2013-04-14 05:53:53 +02:00			`return 'http://' + this.config.webHost + ':' + this.config.webPort + '/' + path;`
add web api function for getUrl instead of string in base, use externalAddress optional config key to define external behaviours [#264] 2013-04-13 00:53:45 +02:00			`}`
basic skellington for web login stuff [#538] 2013-07-27 19:19:53 +02:00			`},`

it fucking works (web login that is) [#538] 2013-07-28 20:11:10 +02:00			`'getWebUser': function(id, callback) {`
basic skellington for web login stuff [#538] 2013-07-27 19:19:53 +02:00			`this.db.read('web_users', id, function(err, webUser) {`
it fucking works (web login that is) [#538] 2013-07-28 20:11:10 +02:00			`callback(webUser);`
basic skellington for web login stuff [#538] 2013-07-27 19:19:53 +02:00			`});`
OH BABY [#538] 2013-07-29 21:03:24 +02:00			`},`

			`'hasAccess': function(req, res, next) {`
			`var module = req.route.path.split('/')[1];`
			`module = dbot.modules[module];`

			`if(module.config.requireWebLogin == true) {`
			`if(req.isAuthenticated()) {`
			`if(!_.isUndefined(module.config.webAccess)) {`
			`var allowedUsers = dbot.config.admins;`
			`if(module.config.webAccess == 'moderators') {`
			`allowedUsers = _.union(allowedUsers, dbot.config.moderators);`
			`}`
			`if(module.config.webAccess == 'power_users') {`
			`allowedUsers = _.union(allowedUsers, dbot.config.moderators);`
			`allowedUsers = _.union(allowedUsers, dbot.config.power_users);`
			`}`
more thing 2013-07-29 22:36:27 +02:00
OH BABY [#538] 2013-07-29 21:03:24 +02:00			`if(_.include(allowedUsers, req.user.primaryNick)) {`
			`return next();`
			`} else {`
fix more redirects 2013-07-29 22:45:35 +02:00			`res.redirect('/');`
OH BABY [#538] 2013-07-29 21:03:24 +02:00			`}`
			`} else {`
			`return next();`
			`}`
			`} else {`
fix web routes 2013-08-13 00:14:14 +02:00			`console.log(req);`
OH BABY [#538] 2013-07-29 21:03:24 +02:00			`res.render('login', {`
web login works, with access settings for certain modules [#538] 2013-07-29 22:08:25 +02:00			`'message': 'You need to log in to access this module.',`
fix web routes 2013-08-13 00:14:14 +02:00			`'redirect': req.originalUrl`
OH BABY [#538] 2013-07-29 21:03:24 +02:00			`});`
			`}`
dope 2013-07-29 21:12:16 +02:00			`} else {`
			`return next();`
OH BABY [#538] 2013-07-29 21:03:24 +02:00			`}`
basic skellington for web login stuff [#538] 2013-07-27 19:19:53 +02:00			`}`
			`};`

			`this.commands = {`
it fucking works (web login that is) [#538] 2013-07-28 20:11:10 +02:00			`'~setwebpass': function(event) {`
basic skellington for web login stuff [#538] 2013-07-27 19:19:53 +02:00			`var newPass = event.input[1];`
it fucking works (web login that is) [#538] 2013-07-28 20:11:10 +02:00			`console.log(newPass);`
basic skellington for web login stuff [#538] 2013-07-27 19:19:53 +02:00			`this.api.getWebUser(event.rUser.id, function(webUser) {`
			`if(!webUser) {`
			`webUser = {`
			`'id': event.rUser.id,`
			`'password': false`
			`}`
			`}`
			`webUser.password = passHash.generate(newPass);`

			`this.db.save('web_users', webUser.id, webUser, function(result) {`
			`event.reply(dbot.t('web_pass_set'));`
			`});`
it fucking works (web login that is) [#538] 2013-07-28 20:11:10 +02:00			`}.bind(this));`
fix syntax error in web 2013-04-13 20:38:53 +02:00			`}`
add web api function for getUrl instead of string in base, use externalAddress optional config key to define external behaviours [#264] 2013-04-13 00:53:45 +02:00			`};`
it fucking works (web login that is) [#538] 2013-07-28 20:11:10 +02:00			`this.commands['~setwebpass'].regex = [/^~setwebpass ([^ ]+)$/, 2]`
Move all the modules to their own directories 2012-12-11 17:04:52 +01:00			`};`

			`exports.fetch = function(dbot) {`
Fixed web loading and hot refresh of pages [#131] 2013-01-15 14:58:13 +01:00			`return new webInterface(dbot);`
Move all the modules to their own directories 2012-12-11 17:04:52 +01:00			`};`