Styling, login whitelists

slowcord/build/index.js

@@ -14,6 +14,11 @@ import cookieParser from "cookie-parser";
 import { initDatabase, generateToken, User, Config } from "@fosscord/util";
 import path from "path";
 import fetch from "node-fetch";
+// apparently dirname doesn't exist in modules, nice
+/* https://stackoverflow.com/a/62892482 */
+import { fileURLToPath } from "url";
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
 const app = express();
 app.use(cookieParser());
 const port = process.env.PORT;
@@ -57,6 +62,7 @@ Discord.getUserDetails = (token) => __awaiter(void 0, void 0, void 0, function*
     if (!json.username || !json.email)
         return null; // eh, deal with bad code later
     return {
+        id: json.id,
         email: json.email,
         username: json.username,
     };
@@ -77,6 +83,15 @@ app.get("/oauth/:type", (req, res) => __awaiter(void 0, void 0, void 0, function
     const details = yield handler.getUserDetails(data.access_token);
     if (!details)
         return res.sendStatus(500);
+    // temp dirty solution
+    const whitelist = [
+        "226230010132824066",
+        "84022289024159744",
+        "841745750576726057",
+        "398941530053672962", // erkinalp
+    ];
+    if (whitelist.indexOf(details.id) === -1)
+        return res.sendStatus(403);
     let user = yield User.findOne({ where: { email: details.email } });
     if (!user) {
         user = yield User.register({
@@ -89,6 +104,7 @@ app.get("/oauth/:type", (req, res) => __awaiter(void 0, void 0, void 0, function
     res.cookie("token", token);
     res.sendFile(path.join(__dirname, "../public/login.html"));
 }));
+app.get("/app", (req, res) => res.sendStatus(200));
 app.get("*", (req, res) => {
     res.sendFile(path.join(__dirname, "../public/login.html"));
 });

slowcord/build/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;AAAA,OAAO,eAAe,CAAC;AACvB,OAAO,OAA8B,MAAM,SAAS,CAAC;AACrD,OAAO,YAAY,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC;AAC3E,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,KAAK,MAAM,YAAY,CAAC;AAE/B,MAAM,GAAG,GAAG,OAAO,EAAE,CAAC;AACtB,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC,CAAC;AACxB,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC;AAE9B,MAAM,OAAO;;;AACL,sBAAc,GAAG,CAAO,GAAY,EAAE,GAAa,EAAE,EAAE;IAC7D,MAAM,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC;IAE3B,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,OAAO,CAAC;QAC/C,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,iBAA2B;QAClD,aAAa,EAAE,OAAO,CAAC,GAAG,CAAC,cAAwB;QACnD,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,gBAA0B;QACpD,IAAI,EAAE,IAAc;QACpB,UAAU,EAAE,oBAAoB;KAChC,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC;IAEf,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,sCAAsC,EAAE;QAChE,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACR,cAAc,EAAE,mCAAmC;SACnD;QACD,IAAI,EAAE,IAAI;KACV,CAAC,CAAC;IAEH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,EAAS,CAAC;IACtC,IAAI,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IAE5B,OAAO;QACN,YAAY,EAAE,IAAI,CAAC,YAAY;QAC/B,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,KAAK,EAAE,IAAI,CAAC,KAAK;KACjB,CAAC;AACH,CAAC,CAAC,CAAA;AAEK,sBAAc,GAAG,CAAO,KAAa,EAAE,EAAE;IAC/C,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,mCAAmC,EAAE;QAC7D,OAAO,EAAE;YACR,eAAe,EAAE,UAAU,KAAK,EAAE;SAClC;KACD,CAAC,CAAC;IAEH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,EAAS,CAAC;IACtC,IAAI,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC,CAAC,+BAA+B;IAE/E,OAAO;QACN,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,QAAQ,EAAE,IAAI,CAAC,QAAQ;KACvB,CAAC;AACH,CAAC,CAAC,CAAA;AAGH,MAAM,QAAQ,GAA4B;IACzC,SAAS,EAAE,OAAO;CAClB,CAAC;AAEF,GAAG,CAAC,GAAG,CAAC,cAAc,EAAE,CAAO,GAAG,EAAE,GAAG,EAAE,EAAE;IAC1C,MAAM,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;IAC5B,IAAI,CAAC,IAAI;QAAE,OAAO,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IACtC,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC/B,IAAI,CAAC,OAAO;QAAE,OAAO,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IAEzC,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,cAAc,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACpD,IAAI,CAAC,IAAI;QAAE,OAAO,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IAEtC,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,cAAc,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IAChE,IAAI,CAAC,OAAO;QAAE,OAAO,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IAEzC,IAAI,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,CAAC,IAAI,EAAE;QACV,IAAI,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC;YAC1B,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,GAAG;SACH,CAAC,CAAC;KACH;IAED,MAAM,KAAK,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAE3C,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAE3B,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,sBAAsB,CAAC,CAAC,CAAC;AAC5D,CAAC,CAAA,CAAC,CAAC;AAEH,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IACzB,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,sBAAsB,CAAC,CAAC,CAAC;AAC5D,CAAC,CAAC,CAAC;AAEH,CAAC,GAAS,EAAE;IACX,MAAM,YAAY,EAAE,CAAC;IACrB,MAAM,MAAM,CAAC,IAAI,EAAE,CAAC;IAEpB,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,EAAE;QACrB,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,EAAE,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;AACJ,CAAC,CAAA,CAAC,EAAE,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;AAAA,OAAO,eAAe,CAAC;AACvB,OAAO,OAA8B,MAAM,SAAS,CAAC;AACrD,OAAO,YAAY,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC;AAC3E,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,KAAK,MAAM,YAAY,CAAC;AAE/B,oDAAoD;AACpD,0CAA0C;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AACpC,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;AAE3C,MAAM,GAAG,GAAG,OAAO,EAAE,CAAC;AACtB,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC,CAAC;AACxB,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC;AAE9B,MAAM,OAAO;;;AACL,sBAAc,GAAG,CAAO,GAAY,EAAE,GAAa,EAAE,EAAE;IAC7D,MAAM,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC;IAE3B,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,OAAO,CAAC;QAC/C,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,iBAA2B;QAClD,aAAa,EAAE,OAAO,CAAC,GAAG,CAAC,cAAwB;QACnD,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,gBAA0B;QACpD,IAAI,EAAE,IAAc;QACpB,UAAU,EAAE,oBAAoB;KAChC,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC;IAEf,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,sCAAsC,EAAE;QAChE,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACR,cAAc,EAAE,mCAAmC;SACnD;QACD,IAAI,EAAE,IAAI;KACV,CAAC,CAAC;IAEH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,EAAS,CAAC;IACtC,IAAI,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IAE5B,OAAO;QACN,YAAY,EAAE,IAAI,CAAC,YAAY;QAC/B,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,KAAK,EAAE,IAAI,CAAC,KAAK;KACjB,CAAC;AACH,CAAC,CAAC,CAAA;AAEK,sBAAc,GAAG,CAAO,KAAa,EAAE,EAAE;IAC/C,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,mCAAmC,EAAE;QAC7D,OAAO,EAAE;YACR,eAAe,EAAE,UAAU,KAAK,EAAE;SAClC;KACD,CAAC,CAAC;IAEH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,EAAS,CAAC;IACtC,IAAI,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC,CAAC,+BAA+B;IAE/E,OAAO;QACN,EAAE,EAAE,IAAI,CAAC,EAAE;QACX,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,QAAQ,EAAE,IAAI,CAAC,QAAQ;KACvB,CAAC;AACH,CAAC,CAAC,CAAA;AAGH,MAAM,QAAQ,GAA4B;IACzC,SAAS,EAAE,OAAO;CAClB,CAAC;AAEF,GAAG,CAAC,GAAG,CAAC,cAAc,EAAE,CAAO,GAAG,EAAE,GAAG,EAAE,EAAE;IAC1C,MAAM,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;IAC5B,IAAI,CAAC,IAAI;QAAE,OAAO,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IACtC,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC/B,IAAI,CAAC,OAAO;QAAE,OAAO,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IAEzC,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,cAAc,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACpD,IAAI,CAAC,IAAI;QAAE,OAAO,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IAEtC,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,cAAc,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IAChE,IAAI,CAAC,OAAO;QAAE,OAAO,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IAEzC,sBAAsB;IACtB,MAAM,SAAS,GAAG;QACjB,oBAAoB;QACpB,mBAAmB;QACnB,oBAAoB;QACpB,oBAAoB,EAAE,WAAW;KACjC,CAAC;IAEF,IAAI,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;QAAE,OAAO,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IAErE,IAAI,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,CAAC,IAAI,EAAE;QACV,IAAI,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC;YAC1B,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,GAAG;SACH,CAAC,CAAC;KACH;IAED,MAAM,KAAK,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAE3C,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAE3B,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,sBAAsB,CAAC,CAAC,CAAC;AAC5D,CAAC,CAAA,CAAC,CAAC;AAEH,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;AAEnD,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IACzB,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,sBAAsB,CAAC,CAAC,CAAC;AAC5D,CAAC,CAAC,CAAC;AAEH,CAAC,GAAS,EAAE;IACX,MAAM,YAAY,EAAE,CAAC;IACrB,MAAM,MAAM,CAAC,IAAI,EAAE,CAAC;IAEpB,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,EAAE;QACrB,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,EAAE,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;AACJ,CAAC,CAAA,CAAC,EAAE,CAAC"}

slowcord/public/login.html

@@ -5,21 +5,118 @@
 	<meta http-equiv="X-UA-Compatible" content="IE=edge">
 	<meta name="viewport" content="width=device-width, initial-scale=1.0">
 	<title>Slowcord</title>
+
+	<link rel="preconnect" href="https://fonts.googleapis.com">
+	<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+	<link href="https://fonts.googleapis.com/css2?family=Montserrat&display=swap" rel="stylesheet">
+
+	<style>
+		html {
+			--background-primary: rgb(22, 23, 25);
+			--background-secondary: rgb(15, 16, 18);
+			--foreground-primary: rgb(200, 200, 200);
+			--background-login-discord: #5865F2;
+
+			background: url("https://slowcord.maddy.k.vu/assets/background.png");
+			background-size: 100% 100%;
+			background-repeat: no-repeat;
+
+			font-family: 'Montserrat', sans-serif;
+
+			color: var(--foreground-primary);
+		}
+
+		* {
+			margin: 0;
+			padding: 0;
+		}
+
+		.content {
+			display: flex;
+			width: 100vw;
+			height: 100vh;
+			justify-content: flex-start;
+			align-items: center;
+		}
+
+		.login {
+			height: 100%;
+			width: 25%;
+			min-width: 400px;
+			display: flex;
+			flex-direction: column;
+			justify-content: center;
+			align-items: center;
+
+			background-color: var(--background-primary);
+
+			padding: 0 50px 0 50px;
+		}
+
+		.header {
+			margin: 40px;
+			width: 100%;
+		}
+
+		form {
+			display: flex;
+			flex-direction: column;
+			width: 100%;
+		}
+
+		input,
+		form a {
+			background-color: var(--background-secondary);
+			padding: 10px;
+			margin: 5px 0 5px 0;
+			outline: none;
+			border: 1px solid grey;
+			color: var(--foreground-primary);
+			text-decoration: none;
+		}
+
+		form a {
+			text-align: center;
+		}
+
+		label {
+			text-transform: uppercase;
+			font-size: 0.75rem;
+			font-weight: bold;
+		}
+
+		#loginDiscord {
+			background-color: var(--background-login-discord);
+		}
+	</style>
 </head>
 
 <body>
 	<div class="content">
+		<div class="login">
+			<div class="header">
+				<h1>Welcome to Slowcord</h1>
+				<p>Glad to see you &lt;3 </p>
+			</div>
+
 			<form action="javascript:void(0);">
+				<label for="email">Email</label>
 				<input type="email" name="email" />
+
+				<label for="password">Password</label>
 				<input type="password" name="password" />
+				
 				<input type="submit" />
 
 				<a
+					id="loginDiscord"
+					class="oauth"
 					href="https://discord.com/api/oauth2/authorize?client_id=990585211966324806&redirect_uri=https%3A%2F%2Fslowcord.maddy.k.vu%2Foauth%2Fdiscord&response_type=code&scope=identify%20email">
 					Login with Discord
 				</a>
 			</form>
 		</div>
+	</div>
 
 	<script>
 		/* https://stackoverflow.com/questions/5639346/what-is-the-shortest-function-for-reading-a-cookie-by-name-in-javascript */
@@ -27,10 +124,10 @@
 			document.cookie.match('(^|;)\\s*' + name + '\\s*=\\s*([^;]+)')?.pop() || ''
 		);
 
-		let token = getCookieValue("token");
+		let token = getCookieValue("oauth-discord");
-		if (token) {
+		if (token.trim().length) {
-			document.cookie = "";	// don't care
+			document.cookie = "oauth-discord=";	// don't care
-			window.localStorage.setItem("token", json.token);
+			window.localStorage.setItem("token", token);
 			window.location.href = "/app";
 		}
 

slowcord/src/index.ts

@@ -5,6 +5,12 @@ import { initDatabase, generateToken, User, Config } from "@fosscord/util";
 import path from "path";
 import fetch from "node-fetch";
 
+// apparently dirname doesn't exist in modules, nice
+/* https://stackoverflow.com/a/62892482 */
+import { fileURLToPath } from "url";
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+
 const app = express();
 app.use(cookieParser());
 const port = process.env.PORT;
@@ -52,6 +58,7 @@ class Discord {
 		if (!json.username || !json.email) return null;	// eh, deal with bad code later
 
 		return {
+			id: json.id,
 			email: json.email,
 			username: json.username,
 		};
@@ -74,6 +81,18 @@ app.get("/oauth/:type", async (req, res) => {
 	const details = await handler.getUserDetails(data.access_token);
 	if (!details) return res.sendStatus(500);
 
+	// temp dirty solution
+	const whitelist = [
+		"226230010132824066",	// maddyunderstars
+		"84022289024159744",	// arcane
+		"841745750576726057",	// gold
+		"398941530053672962",	// erkinalp
+		"682572949219180547",	// cyber
+		"920388642604732456",	// aaron
+	];
+
+	if (whitelist.indexOf(details.id) === -1) return res.sendStatus(403);
+
 	let user = await User.findOne({ where: { email: details.email } });
 	if (!user) {
 		user = await User.register({
@@ -85,11 +104,14 @@ app.get("/oauth/:type", async (req, res) => {
 
 	const token = await generateToken(user.id);
 
-	res.cookie("token", token);
+	res.cookie("oauth-discord", token, { signed: true });
 
 	res.sendFile(path.join(__dirname, "../public/login.html"));
 });
 
+// not actually needed but whatever
+app.get("/app", (req, res) => res.sendStatus(200));
+
 app.get("*", (req, res) => {
 	res.sendFile(path.join(__dirname, "../public/login.html"));
 });