code002lover/IPost
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

show info about app when authorizing

Browse Source
This commit is contained in:
Mystikfluu 2023-02-10 17:24:27 +01:00
parent 1f061af9a0
commit 59b9ecb01c
3 changed files with 63 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
js/htmlescape.js
View File

@ -1,3 +1,26 @@
/**
* Copyright (C) 2017-present by Andrea Giammarchi - @WebReflection
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
//https://github.com/WebReflection/html-escaper
const {replace} = ''; const {replace} = '';
const es = /&(?:amp|#38|lt|#60|gt|#62|apos|#39|quot|#34);/gi; const es = /&(?:amp|#38|lt|#60|gt|#62|apos|#39|quot|#34);/gi;

30
routes/userfiles.js
View File

@ -66,6 +66,26 @@ export const setup = function (router, con, server) {
}) })
} }
const appId_Cache = new LRU({max:20,ttl: 1000 * 60 * 15}) //cache for 15 minutes
function getAppWithId(appid) {
appid = Number(appid)
return new Promise((res,rej) => {
if(appId_Cache.has(appid)) {
res(appId_Cache.get(appid) || {})
return
}
con.query("SELECT * FROM ipost.application WHERE application_id=?",[appid],(err,result) => {
if(err) {
console.error(err)
rej({})
return
}
appId_Cache.set(appid,result[0])
res(result[0] || {})
})
})
}
let global_page_variables = { let global_page_variables = {
globalcss: load_var("./css/global.css"), globalcss: load_var("./css/global.css"),
httppostjs: load_var("./js/httppost.js"), httppostjs: load_var("./js/httppost.js"),
@ -81,12 +101,13 @@ export const setup = function (router, con, server) {
getPID: server.global_page_variables.getPID, getPID: server.global_page_variables.getPID,
getDMPID: server.global_page_variables.getDMPID, getDMPID: server.global_page_variables.getDMPID,
unauthorized_description: "Chat now by creating an account on IPost", unauthorized_description: "Chat now by creating an account on IPost",
hcaptcha_sitekey: server.hcaptcha.sitekey hcaptcha_sitekey: server.hcaptcha.sitekey,
getAppWithId: getAppWithId
} }
function handleUserFiles(request, response, overrideurl) { async function handleUserFiles(request, response, overrideurl) {
if (!increaseUSERCall(request, response))return; if (!increaseUSERCall(request, response))return;
if(typeof overrideurl != "string")overrideurl = undefined; if(typeof overrideurl != "string")overrideurl = undefined;
@ -115,9 +136,12 @@ export const setup = function (router, con, server) {
path = dir + "views" + originalUrl + ".html" path = dir + "views" + originalUrl + ".html"
} }
if(path != "" && originalUrl != "/favicon.ico" && originalUrl != "/api/documentation/") { if(path !== "" && originalUrl !== "/favicon.ico" && originalUrl !== "/api/documentation/") {
global_page_variables.user = { "username": response.locals.username, "bio": response.locals.bio, "avatar": response.locals.avatar } global_page_variables.user = { "username": response.locals.username, "bio": response.locals.bio, "avatar": response.locals.avatar }
global_page_variables.query = request.query global_page_variables.query = request.query
if(originalUrl === "/authorize") {
global_page_variables.application = await getAppWithId(request.query.id)
}
ejs.renderFile(path,global_page_variables,{async: true},async function(err,str){ ejs.renderFile(path,global_page_variables,{async: true},async function(err,str){
str = await str str = await str
err = await err err = await err

16
views/authorize.html
View File

@ -14,18 +14,28 @@
<% if(user.username === undefined) { %> <% if(user.username === undefined) { %>
<script> document.location.href = '/no_login?r='+encodeURIComponent(document.location.pathname) </script> <script> document.location.href = '/no_login?r='+encodeURIComponent(document.location.pathname) </script>
<% } else { %> <% } else { %>
<script src="https://js.hcaptcha.com/1/api.js" async defer></script> <% if(query.id === undefined) { %>
<script> document.location.href="/" </script>
<% } else { %>
<script src="https://js.hcaptcha.com/1/api.js" async defer></script>
<% } %>
<% } %> <% } %>
</head> </head>
<body> <body>
<div class="center"> <div class="center">
<h1>Authorize App</h1> <h1>Authorize App</h1>
<p>Please authorize the app to access your information:</p> <p>Please authorize the app "<%= application.application_name %>" to access your information:</p>
<form action="/authorize" method="post"> <form action="/authorize" method="post">
<input type="number" value=<%- query.id %> class="hidden" name="application_id" id="application_id"> <input type="number" value=<%= query.id %> class="hidden" name="application_id" id="application_id">
<div class="h-captcha" data-sitekey="<%- hcaptcha_sitekey %>"></div> <div class="h-captcha" data-sitekey="<%- hcaptcha_sitekey %>"></div>
<input type="submit" value="Authorize"> <input type="submit" value="Authorize">
</form> </form>
<br>
<br>
<div>
<h2>more about <b><%= application.application_name %></b></h2>
<%= application.application_description %>
</div>
</div> </div>
</body> </body>
</html> </html>