Added generation of random token

2025-01-18 17:21:33 +00:00 · 2017-01-16 04:37:42 -03:00 · 2017-01-16 04:37:42 -03:00 · 7b72c3e560
commit 7b72c3e560
parent 9688c5ee52
3 changed files with 40 additions and 9 deletions
--- a/config.sample.js
+++ b/config.sample.js
@ -9,9 +9,6 @@ module.exports = {
 	// Your base domain where the app is running. Remember to finish it with '/'
 	basedomain: 'https://i.kanacchi.moe/',

-	// Token to use on the api. Leave blank for public
-	TOKEN: 'YOURSUPERSECRETTOKEN',
-
 	// Port on which to run the server
 	port: 9999,

--- a/database/db.js
+++ b/database/db.js
@ -1,5 +1,5 @@

-let init = function(db){
+let init = function(db, config){

 	// Create the tables we need to store galleries and files
 	db.schema.createTableIfNotExists('gallery', function (table) {
@ -19,6 +19,43 @@ let init = function(db){
 		table.timestamps()
 	}).then(() => {})

+	db.schema.createTableIfNotExists('tokens', function (table) {
+		table.string('name')
+		table.string('value')
+		table.timestamps()
+	}).then(() => {
+
+		// == Generate a 1 time token == //
+		db.table('tokens').then((tokens) => {
+			if(tokens.length === 0){
+				
+				// This is the first launch of the app
+				let clientToken = require('randomstring').generate()
+				let adminToken = require('randomstring').generate()
+
+				db.table('tokens').insert(
+					[
+						{ 
+							name: 'client', 
+							value: clientToken 
+						},
+						{ 
+							name: 'admin', 
+							value: adminToken 
+						}
+					]
+				).then(() => {
+					console.log('Your client token is: ' + clientToken)
+					console.log('Your admin token is: ' + adminToken)
+					config.clientToken = clientToken
+					config.adminToken = adminToken
+				})
+
+			}
+		})
+
+	})
+
 }

 module.exports = init
--- a/lolisafe.js
+++ b/lolisafe.js
@ -6,7 +6,7 @@ const db = require('knex')(config.database)
 const fs = require('fs')
 const safe = express()

-require('./database/db.js')(db)
+require('./database/db.js')(db, config)

 fs.existsSync('./' + config.uploads.folder) || fs.mkdirSync('./' + config.uploads.folder)
 fs.existsSync('./' + config.logsFolder) || fs.mkdirSync('./' + config.logsFolder)
@ -32,7 +32,4 @@ safe.use(function (err, req, res, next) {
 	res.status(500).end()
 })

-safe.listen(config.port, () => console.log(`loli-safe started on port ${config.port}`))
-
-if(config.TOKEN !== '') console.log('Use the following token as the \'auth\' header in your requests to the API: ' + config.TOKEN)
-else console.log('Running lolisafe in public mode. No token required.')
+safe.listen(config.port, () => console.log(`loli-safe started on port ${config.port}`))