first commit

src/controllers/user.js

@@ -0,0 +1,95 @@
+import bcrypt from 'bcrypt';
+import jwt from 'jsonwebtoken';
+import dotenv from 'dotenv';
+import path from 'path';
+import { Jimp } from 'jimp';
+import fs from 'fs';
+
+import UserService from "../services/user.js";
+import utils from '../utils.js';
+
+dotenv.config({path: ".env"});
+class UserController {
+    async register(req, res) {
+        const {username, password, passwordConfirm} = req.body;
+
+        if (password != passwordConfirm) return res.status(400).send("Passwords do not match");
+
+        let hashedPassword = await bcrypt.hash(password, 8);
+
+        await UserService.register(username, hashedPassword);
+
+        if (process.env.REQUIRE_TOKEN == "true" && process.env.DELETE_TOKEN_ON_USE == "true") {
+            utils.removeFromFile('./inviteTokens.txt', req.body.inviteToken);
+        }
+
+        req.session.jwt = jwt.sign({ username }, process.env.SECRET, {expiresIn: "1y"});
+        return res.redirect("/index");
+    }
+
+    async login(req, res) {
+        const {username, password} = req.body;
+
+        const storedPassword = await UserService.getPassword(username);
+
+        if (!bcrypt.compareSync(password, storedPassword)) {
+            return res.status(403).send("Password is not correct");
+        }
+        req.session.jwt = jwt.sign({ username }, process.env.SECRET, {expiresIn: "1y"});
+        return res.redirect("/index");
+    }
+
+    async logout(req, res) {
+        req.session.destroy();
+        return res.redirect("/login");
+    }
+
+    async uploadSkin(req, res) {
+        const token = req.session.jwt;
+        const decoded = jwt.decode(token);
+        const tempPath = req.file.path;
+        const targetPath = `/opt/skins/${decoded.username}.png`;
+
+        if (path.extname(req.file.originalname).toLowerCase() !== ".png") {
+            return res.status(400).send("Only .png files are allowed!");
+        }
+        
+
+        const image = await Jimp.read(tempPath);
+        if (image.bitmap.width != 64 || image.bitmap.height != 64) {
+            fs.unlinkSync(targetPath);
+            return res.status(400).send('This does not look like a minecraft skin.');
+        }
+
+        fs.renameSync(tempPath, targetPath, err => {
+            if (err) return res.status(500).send("Ooops! Something went wrong! Please, report to the developer.");
+        });
+        return res.status(200).send("Skin uploaded!");
+    }
+
+    async uploadCape(req, res) {
+        const token = req.session.jwt;
+        const decoded = jwt.decode(token);
+        const tempPath = req.file.path;
+        const targetPath = `/opt/cloaks/${decoded.username}.png`;
+
+        if (path.extname(req.file.originalname).toLowerCase() !== ".png") {
+            return res.status(400).send("Only .png files are allowed!");
+        }
+        
+
+        const image = await Jimp.read(tempPath);
+        if ((image.bitmap.width != 64 || image.bitmap.height != 32) && (image.bitmap.width != 128 || image.bitmap.height != 64)) {
+            fs.unlinkSync(tempPath);
+            return res.status(400).send('This does not look like a minecraft cape.');
+        }
+
+        fs.renameSync(tempPath, targetPath, err => {
+            if (err) return res.status(500).send("Ooops! Something went wrong! Please, report to the developer.");
+        });
+
+        return res.status(200).send("Cape uploaded!");
+    }
+}
+
+export default new UserController();