Test

2025-08-31 13:31:49 -06:00 · 2025-08-31 13:31:49 -06:00 · 4ce8634b66
parent d6f1c8fea8
commit 4ce8634b66
6 changed files with 85 additions and 7 deletions
--- a/index.js
+++ b/index.js
@ -44,6 +44,19 @@ global.comparePassword = async function(password, hash) {
 	return await bcrypt.compare(password, hash);
 };

+global.checkACL = function(req, res, next, perm) {
+	if (!req.session.user) {
+		return res.status(401).render('error', { error: 'You must be logged in to access this resource.' });
+	}
+	const perms = req.session.user.perms ? JSON.parse(req.session.user.perms) : [];
+	if (perms.includes('*') || perms.includes(perm)) {
+		return next();
+	}
+	return res.status(403).render('error', { error: 'You do not have permission to access this resource.', button: {text: "Go Back", action:"back"} });
+};
+
+
+
 app.use(cors());
 app.use(express.json());
 app.use(express.urlencoded({ extended: true }));
--- a/package-lock.json
+++ b/package-lock.json
@ -17,7 +17,8 @@
        "ejs": "^3.1.10",
        "express": "^5.1.0",
        "express-session": "^1.18.2",
-        "mariadb": "^3.4.5"
+        "mariadb": "^3.4.5",
+        "uhppoted": "^0.8.11"
      }
    },
    "node_modules/@gar/promisify": {
@ -1697,6 +1698,12 @@
        "wrappy": "1"
      }
    },
+    "node_modules/os": {
+      "version": "0.1.2",
+      "resolved": "https://registry.npmjs.org/os/-/os-0.1.2.tgz",
+      "integrity": "sha512-ZoXJkvAnljwvc56MbvhtKVWmSkzV712k42Is2mA0+0KTSRakq5XXuXpjZjgAt9ctzl51ojhQWakQQpmOvXWfjQ==",
+      "license": "MIT"
+    },
    "node_modules/p-map": {
      "version": "4.0.0",
      "resolved": "https://registry.npmjs.org/p-map/-/p-map-4.0.0.tgz",
@ -2377,6 +2384,18 @@
        "node": ">= 0.6"
      }
    },
+    "node_modules/uhppoted": {
+      "version": "0.8.11",
+      "resolved": "https://registry.npmjs.org/uhppoted/-/uhppoted-0.8.11.tgz",
+      "integrity": "sha512-ZuzBm0bLqh9a8QMd/t+hNNIOX31ashE0EZ3z0YTuKRpiK3ZgP/qRuUTbeDbTZo83y51N7LoSl2XWeE5lzLQ19w==",
+      "license": "MIT",
+      "dependencies": {
+        "os": "^0.1.1"
+      },
+      "engines": {
+        "node": ">=14.18.3"
+      }
+    },
    "node_modules/uid-safe": {
      "version": "2.1.5",
      "resolved": "https://registry.npmjs.org/uid-safe/-/uid-safe-2.1.5.tgz",
--- a/package.json
+++ b/package.json
@ -19,6 +19,7 @@
    "ejs": "^3.1.10",
    "express": "^5.1.0",
    "express-session": "^1.18.2",
-    "mariadb": "^3.4.5"
+    "mariadb": "^3.4.5",
+    "uhppoted": "^0.8.11"
  }
 }
--- a/routes/login.js
+++ b/routes/login.js
@ -20,19 +20,20 @@ router.get('/', (req, res) => {
 router.post('/', (req, res) => {
 	if (req.session.user) return res.redirect('/dashboard');
 	const { username, password } = req.body;
-	console.log(username, password)
-	console.log(req.body)
+	//console.log(username, password)
+	//console.log(req.body)
 	if (!username || !password) return res.status(400).render('login', { error: 'Username and password are required.' });
 	db.query('SELECT * FROM users WHERE username = ?', [username]).then(async (user) => {
 		user = user[0];
-		console.log(user);
+		//console.log(user);
 		//res.send("Test")
 		// This is the original code, commented out for debuggingw
 		if (!user) return res.status(401).render('login', { error: 'Invalid username or password.' });
-		console.log(password, user.passwordHash);
+		//console.log(password, user.passwordHash);
 		const match = await global.comparePassword(password, user.passwordHash);
-		console.log(match)
+		//console.log(match)
 		if (!match) return res.status(401).render('login', { error: 'Invalid username or password.' });
+		if (global.checkACL(req, 'login') == false) return res.status(403).render('error', { error: 'You do not have permission to log in.', button: {text:"Go back", action:"back"} });
 		req.session.user = user;;
 		res.redirect('/dashboard');
 	}).catch(err => {
--- a/uhppoted.js
+++ b/uhppoted.js
@ -0,0 +1,33 @@
+const uhppoted = require("uhppoted")
+const os = require('os');
+
+const bind = '0.0.0.0'
+const broadcast = '255.255.255.255:60000'
+const listen = '0.0.0.0:60001'
+const timeout = 2500
+const debug = true
+const devices = [{ deviceId: 423163924, address: "10.0.0.128:60000" }]
+
+const ctx = {
+	config: new uhppoted.Config("uhppoted", bind, broadcast, listen, timeout, devices, debug)
+}
+
+function getLocalIPAddress() {
+	const interfaces = os.networkInterfaces();
+	for (const name of Object.keys(interfaces)) {
+		for (const iface of interfaces[name]) {
+			if (iface.family === 'IPv4' && !iface.internal) {
+				return iface.address;
+			}
+		}
+	}
+	return null;
+}
+
+const localIP = getLocalIPAddress();
+console.log('Local IP address:', localIP);
+
+uhppoted.setListener(ctx, 423163924, localIP, 60001, 1);
+uhppoted.listen(ctx, (msg) => {
+	console.log(msg)
+})
--- a/views/error.ejs
+++ b/views/error.ejs
@ -13,6 +13,17 @@
 	<div class="error-container">
 		<h1>Error</h1>
 		<p><%= error %></p>
+		<% if (typeof button !== 'undefined' && button) { 
+			var btnColor = button.color || 'blue'; 
+		%>
+			<% if (button.action === 'back') { %>
+				<button style="background-color:<%= btnColor %>;color:#fff;border:none;padding:0.5em 1em;border-radius:4px;cursor:pointer;" onclick="window.history.back()"><%= button.text %></button>
+			<% } else if (button.action === 'url' && button.url) { %>
+				<a href="<%= button.url %>">
+					<button style="background-color:<%= btnColor %>;color:#fff;border:none;padding:0.5em 1em;border-radius:4px;cursor:pointer;"><%= button.text %></button>
+				</a>
+			<% } %>
+		<% } %>
 	</div>
 </body>
 </html>