API tools faq
paste
Advertisement
Guest User

Example node

a guest
Oct 21st, 2019
198
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
JavaScript 2.39 KB | None | 0 0
raw download clone embed print report
  1. /* To run:
  2. Install node 10 or 12
  3.   npm init
  4. (Follow prompts - you can just press enter all the way through it).
  5.   npm install --save express
  6.   npm install --save child_process
  7.   node index.js (or what ever you called your file)
  8.  
  9. In Chrome/Firefox navigate to:
  10.   127.0.0.1:3000/your/path/to/page
  11. You should see it return the contents of your home directory
  12. // */
  13.  
  14. const { exec } = require('child_process');
  15. const express = require('express');
  16.  
  17. const app = express();
  18. const port = process.env.PORT || 3000;
  19. const ip = process.env.IP || '0.0.0.0'; // You can just put a single interface here, such as 192.168.1.2, 0.0.0.0 listens to all
  20.  
  21. const allowedIpAddresses = [
  22.   "192.168.1.", // Does partial matching.
  23.   "127.0.0.1"
  24. ];
  25.  
  26. // Util functions
  27. const getRemoteIp = (req) => {
  28.   return req.connection.remoteAddress || req.socket.remoteAddress || req.headers['x-forwarded-for'];
  29. };
  30.  
  31. const ipAllowed = (remoteIp, ipList) => {
  32.   for (let i = 0; i < ipList.length; i++) {
  33.     if (ipList[i].indexOf(remoteIp) > -1) {
  34.       return true;
  35.     }
  36.   }
  37.  
  38.   return false;
  39. };
  40.  
  41. // Some logic
  42. const exampleFunction = (req, res) => {
  43.   res.send('Example!');
  44. };
  45.  
  46. // Route hooks
  47. app.get('/your/path/to/page', (req, res) => {
  48.   // Execute system command.
  49.   // Note that it has the same privledges as the user that ran Node. You cannot use sudo here unless you started node with sudo
  50.   // And please do not start node with sudo. Very easy for hackers to take over your system.
  51.   // Please PLEASE _PLEASE_ learn how to secure your system. Yuri commands it.
  52.   exec('ls ~', (err, stdout, stderr) => {
  53.     if (err) {
  54.       res.status(500);
  55.       res.send({
  56.         error: 'Failed to execute command',
  57.         reason: err,
  58.         stdout,
  59.         stderr
  60.       });
  61.       return;
  62.     }
  63.  
  64.     res.status(200);
  65.     res.send({
  66.       error: 'Command executed',
  67.       stdout,
  68.       stderr
  69.     });
  70.   });
  71. });
  72.  
  73. app.get('/another/path/to/page', (req, res) => {
  74.   exampleFunction(req, res)
  75. });
  76.  
  77. app.get('/ip/check', (req, res) => {
  78.   const remoteIp = getRemoteIp(req);
  79.  
  80.   if (ipAllowed(remoteIp, allowedIpAddresses)) {
  81.     res.status(200);
  82.     res.send('Good boi');
  83.     return;
  84.   }
  85.   res.status(401);
  86.   res.send('Bad boi');
  87.   return;
  88. });
  89.  
  90. app.all('/', (req, res) => {
  91.   res.send('Uhh, hi');
  92. });
  93.  
  94. app.listen(port, ip, function () {
  95.   console.log(`My command is your wish ${ip}:${port}!`);
  96. });
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!