Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- var mongoose = require('mongoose');
- mongoose.connect('mongodb://localhost/crossnotify', {useNewUrlParser: true});
- var md5 = require("md5");
- var validator = require("email-validator");
- var logger = require('mag')();
- var UserSchema = new mongoose.Schema({
- email: {
- type: String,
- unique: true,
- required: true,
- trim: true
- },
- username: {
- type: String,
- unique: true,
- required: true,
- trim: true
- },
- password: {
- type: String,
- required: true
- },
- session: {
- type: String,
- required: true
- },
- authorized: {
- type: Number,
- required: true
- }
- });
- var User = mongoose.model('User', UserSchema);
- var NotificationSchema = new mongoose.Schema({
- username: String,
- app: String,
- text: String
- });
- var Notification = mongoose.model('Notification', NotificationSchema);
- module.exports = User;
- var register = async function(emailr, usernamer, passwordr){
- var session_string = Math.random().toString(36).substring(2, 15);
- // console.log(passwordr);
- if(!validator.validate(emailr)){
- return "invalid email";
- }
- var userData = new User({
- email: emailr,
- username: usernamer,
- password: passwordr,
- session: session_string,
- authorized: 1
- });
- try{
- let user = await userData.save();
- return "ok@"+usernamer+":"+session_string;
- } catch (err){
- if (err.name === 'MongoError' && err.code === 11000) {
- return "alr";
- }
- return err.message;
- }
- };
- var login = async function(username, password){
- const user = await User.findOne({username: username});
- if(user == undefined) return "inv";
- if(password == user.password){
- return "ok@"+username+":"+user.session;
- }
- else return "inv";
- };
- var getSession = async function(username){
- const user = await User.findOne({username: username});
- if(user == undefined) return "lol";
- else return user.session;
- }
- const express = require('express')
- const app = express()
- const port = 34532
- app.get('/send', async (request, response) => {
- var start = new Date()
- if(request.query.username && request.query.session && request.query.text && request.query.application){
- if(request.query.application == "android"){
- response.status(400).send("Wrong query");
- }
- else if(request.query.session != await getSession(request.query.username)){
- logger.error("Somebody send fake session key for user: " + request.query.username + " from ip: " + (request.headers['x-real-ip'] || request.connection.remoteAddress));
- logger.info("/send Time: " + (new Date() - start).toString() + "ms. Result: 500");
- response.status(500).send("You are hacker");
- }
- else{
- var data = new Notification({username: request.query.username, app: request.query.application, text: request.query.text});
- try{
- let notification = await data.save();
- logger.info("User: " + request.query.username + " send notification");
- logger.info("/send Time: " + (new Date() - start).toString() + "ms. Result: 100");
- response.status(200).send("ok");
- } catch (err){
- logger.warn("Error while " + request.query.username + " sent notification");
- logger.info("/send Time: " + (new Date() - start).toString() + "ms. Result: 500");
- if (err.name === 'MongoError' && err.code === 11000) {
- response.status(500).send("wtf");
- }
- else response.status(500).send(err.message);
- }
- }
- }
- else{
- }
- })
- app.get('/get', async (request, response) => {
- var start = new Date()
- if(request.query.username && request.query.session){
- if(request.query.session != await getSession(request.query.username)){
- logger.error("Somebody send fake session key for user: " + request.query.username + " from ip: " + (request.headers['x-real-ip'] || request.connection.remoteAddress));
- response.status(500).send("You are hacker");
- }
- else{
- var data = await Notification.find({username: request.query.username});
- await Notification.remove({username: request.query.username});
- logger.info(request.query.username + " asked his notifications");
- logger.info("/get Time: " + (new Date() - start).toString() + "ms. Result: 200");
- response.status(200).send(data);
- }
- }
- else{
- logger.info("/get Time: " + (new Date() - start).toString() + "ms. Result: 400");
- response.status(400).send("Wrong query");
- }
- });
- app.get('/register', async (request, response) => {
- var start = new Date()
- if(request.query.email && request.query.username && request.query.password){
- var result = await register(request.query.email, request.query.username, md5("ahahaha, max spasibo, " + request.query.password));
- // console.log(result);
- if(result.startsWith("ok")){
- logger.info("New user: " + request.query.username + " registered");
- logger.info("/register Time: " + (new Date() - start).toString() + "ms. Result: 200");
- response.status(200).send(result);
- }
- else{
- logger.info("/register Time: " + (new Date() - start).toString() + "ms. Result: 409");
- response.status(409).send(result);
- }
- }
- else{
- logger.info("/register Time: " + (new Date() - start).toString() + "ms. Result: 400");
- response.status(400).send("U made wrong qry");
- }
- })
- app.get('/login', async (request, response) => {
- var start = new Date()
- if(request.query.username && request.query.password){
- var result = await login(request.query.username, md5("ahahaha, max spasibo, " + request.query.password));
- if(result.startsWith('ok')){
- logger.info("User: " + request.query.username + " logined");
- logger.info("/login Time: " + (new Date() - start).toString() + "ms. Result: 200");
- response.status(200).send(result);
- }
- else{
- logger.info("/login Time: " + (new Date() - start).toString() + "ms. Result: 409");
- response.status(409).send(result);
- }
- }
- else{
- logger.info("/login Time: " + (new Date() - start).toString() + "ms. Result: 400");
- response.status(400).send("U made wrong qry");
- }
- })
- app.get('/', (request, response) => {
- response.status(404).send('Not found');
- })
- app.listen(port, (err) => {
- if (err) {
- return console.log('something bad happened', err)
- }
- console.log(`server is listening on ${port}`)
- })
Add Comment
Please, Sign In to add comment