From 7b72c3e560d4671cab3b1bcfaa9dd8543a998862 Mon Sep 17 00:00:00 2001
From: kanadeko <kanaadeko@gmail.com>
Date: Mon, 16 Jan 2017 04:37:42 -0300
Subject: [PATCH] Added generation of random token

---
 config.sample.js |  3 ---
 database/db.js   | 39 ++++++++++++++++++++++++++++++++++++++-
 lolisafe.js      |  7 ++-----
 3 files changed, 40 insertions(+), 9 deletions(-)

diff --git a/config.sample.js b/config.sample.js
index e010b6a..e192385 100644
--- a/config.sample.js
+++ b/config.sample.js
@@ -9,9 +9,6 @@ module.exports = {
 	// Your base domain where the app is running. Remember to finish it with '/'
 	basedomain: 'https://i.kanacchi.moe/',
 
-	// Token to use on the api. Leave blank for public
-	TOKEN: 'YOURSUPERSECRETTOKEN',
-
 	// Port on which to run the server
 	port: 9999,
 
diff --git a/database/db.js b/database/db.js
index 8dc62d0..94f48c6 100644
--- a/database/db.js
+++ b/database/db.js
@@ -1,5 +1,5 @@
 
-let init = function(db){
+let init = function(db, config){
 
 	// Create the tables we need to store galleries and files
 	db.schema.createTableIfNotExists('gallery', function (table) {
@@ -19,6 +19,43 @@ let init = function(db){
 		table.timestamps()
 	}).then(() => {})
 
+	db.schema.createTableIfNotExists('tokens', function (table) {
+		table.string('name')
+		table.string('value')
+		table.timestamps()
+	}).then(() => {
+
+		// == Generate a 1 time token == //
+		db.table('tokens').then((tokens) => {
+			if(tokens.length === 0){
+				
+				// This is the first launch of the app
+				let clientToken = require('randomstring').generate()
+				let adminToken = require('randomstring').generate()
+
+				db.table('tokens').insert(
+					[
+						{ 
+							name: 'client', 
+							value: clientToken 
+						},
+						{ 
+							name: 'admin', 
+							value: adminToken 
+						}
+					]
+				).then(() => {
+					console.log('Your client token is: ' + clientToken)
+					console.log('Your admin token is: ' + adminToken)
+					config.clientToken = clientToken
+					config.adminToken = adminToken
+				})
+
+			}
+		})
+
+	})
+
 }
 
 module.exports = init
\ No newline at end of file
diff --git a/lolisafe.js b/lolisafe.js
index ab3a3c8..082ccef 100644
--- a/lolisafe.js
+++ b/lolisafe.js
@@ -6,7 +6,7 @@ const db = require('knex')(config.database)
 const fs = require('fs')
 const safe = express()
 
-require('./database/db.js')(db)
+require('./database/db.js')(db, config)
 
 fs.existsSync('./' + config.uploads.folder) || fs.mkdirSync('./' + config.uploads.folder)
 fs.existsSync('./' + config.logsFolder) || fs.mkdirSync('./' + config.logsFolder)
@@ -32,7 +32,4 @@ safe.use(function (err, req, res, next) {
 	res.status(500).end()
 })
 
-safe.listen(config.port, () => console.log(`loli-safe started on port ${config.port}`))
-
-if(config.TOKEN !== '') console.log('Use the following token as the \'auth\' header in your requests to the API: ' + config.TOKEN)
-else console.log('Running lolisafe in public mode. No token required.')
\ No newline at end of file
+safe.listen(config.port, () => console.log(`loli-safe started on port ${config.port}`))
\ No newline at end of file