diff --git a/index.js b/index.js
index 2d9100b..cc01c40 100644
--- a/index.js
+++ b/index.js
@@ -45,6 +45,7 @@ global.comparePassword = async function(password, hash) {
};
global.checkACL = function(req, perm) {
+ if (!req.session.user) return false;
const perms = req.session.user.perms ? JSON.parse(req.session.user.perms) : [];
if (perms.includes('*') || perms.includes(perm)) {
return true;
diff --git a/routes/event-logs.js b/routes/event-logs.js
new file mode 100644
index 0000000..c9aa4a2
--- /dev/null
+++ b/routes/event-logs.js
@@ -0,0 +1,31 @@
+const express = require('express');
+const ews = require('express-ws');
+const db = global.db;
+const router = express.Router();
+
+router.use(ews(router));
+
+// GET /login
+router.get('/', async (req, res) => {
+ const logs = await db.query('SELECT * FROM Events ORDER BY EventIndex DESC LIMIT 100');
+ res.render('event-logs', { logs, user: req.session.user });
+});
+
+router.ws('/', (ws, req) => {
+ if (!req.session.user) {
+ ws.send(JSON.stringify({ error: 'Not authenticated' }))
+ ws.close();
+ return;
+ }
+ if (global.checkACL(req, 'eventLog') == false) {
+ ws.send(JSON.stringify({ error: 'Not authorized' }))
+ ws.close();
+ return;
+ }
+
+ global.dbEvent.on('event', (event) => {
+ ws.send(JSON.stringify(event));
+ });
+});
+
+module.exports = router;
\ No newline at end of file
diff --git a/views/event-logs.ejs b/views/event-logs.ejs
new file mode 100644
index 0000000..90bc9ae
--- /dev/null
+++ b/views/event-logs.ejs
@@ -0,0 +1,72 @@
+
+
+
+
+
+ Event Log Viewer
+
+
+
+
+
+
+
\ No newline at end of file