42_adjoly/knl_meowscendence
1
0
Fork 0
mirror of https://github.com/KeyZox71/knl_meowscendence.git synced 2025-12-31 21:56:41 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/main' into user-management

Browse Source
This commit is contained in:
Tzvetan Trave
2025-10-17 14:40:00 +02:00
parent 1f085ce1fb cd03f63d01
commit a265583d4d
7 changed files with 117 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
README.md
View File

@ -18,27 +18,27 @@ Press F to pay respect
``` ```
## Modules done ## Modules done
6 major + 2 minor = 7 full modules 8 major + 4 minor = 10 full modules
- **Web** - **Web**
- [x] Use a framework to build the backend.(node with Fastify) - Major - [x] Use a framework to build the backend.(node with Fastify) - Major
- [ ] Use a framework or toolkit to build the front-end.(Tailwind CSS) - Minor - [x] Use a framework or toolkit to build the front-end.(Tailwind CSS) - Minor
- [x] Use a database for the backend -and more.(SQLite) - Minor - [x] Use a database for the backend -and more.(SQLite) - Minor
- [x] Store the score of a tournament in the Blockchain.(Soldity on Avalanche) - Major - [x] Store the score of a tournament in the Blockchain.(Soldity on Avalanche) - Major
- **User Management** - **User Management**
- [ ] Standard user management, authentication and users across tournaments. - Major - [x] Standard user management, authentication and users across tournaments. - Major
- [x] Implement remote authentication. - Major - [x] Implement remote authentication. - Major
- **Gameplay and user experience** - **Gameplay and user experience**
- [ ] Remote players - Major - [ ] ~~Remote players - Major~~
- [ ] Multiplayer - Major - [ ] ~~Multiplayer - Major~~
- [ ] Add another game - Major - [x] Add another game - Major
- [ ] Game customization options - Minor - [ ] ~~Game customization options - Minor~~
- [ ] Live chat - Major - [ ] ~~Live chat - Major~~
- **AI-Algo** - **AI-Algo**
- [ ] AI opponent - Major - [ ] ~~AI opponent - Major~~
- [ ] User and game stats dashboards - Minor - [ ] User and game stats dashboards - Minor
- **Cybersecurity** - **Cybersecurity**
- [ ] WAF/ModSecurity and Hashicorp Vault - Major - [ ] ~~WAF/ModSecurity and Hashicorp Vault - Major~~
- [ ] RGPD compliance - Minor - [ ] RGPD compliance - Minor
- [x] 2FA and JWT - Major - [x] 2FA and JWT - Major
- **DevOps** - **DevOps**
@ -46,16 +46,16 @@ Press F to pay respect
- [x] Monitoring system - Minor - [x] Monitoring system - Minor
- [x] Designing the backend in micro-architecture - Major - [x] Designing the backend in micro-architecture - Major
- **Graphics** - **Graphics**
- [ ] Use of advanced 3D techniques - Major - [ ] ~~Use of advanced 3D techniques - Major~~
- **Accessibility** - **Accessibility**
- [ ] Support on all devices - Minor - [ ] ~~Support on all devices - Minor~~
- [ ] Expanding Browser compatibility - Minor - [x] Expanding Browser compatibility - Minor
- [ ] Multiple language support - Minor - [ ] ~~Multiple language support - Minor~~
- [ ] Add accessibility for visually impaired users - Minor - [ ] ~~Add accessibility for visually impaired users - Minor~~
- [ ] Server-Side Rendering (SSR) integration - Minor - [ ] ~~Server-Side Rendering (SSR) integration - Minor~~9
- **Server-Side Pong** - **Server-Side Pong**
- [ ] Replace basic pong with server-side pong and implementing an API - Major - [ ] ~~Replace basic pong with server-side pong and implementing an API - Major~~
- [ ] Enabling pong gameplay via CLI against web users with API integration - Major - [ ] ~~Enabling pong gameplay via CLI against web users with API integration - Major~~
## License ## License

11
doc/auth/login.md
View File

@ -21,7 +21,8 @@ Input needed :
```json ```json
{ {
"user": "<string>", "user": "<string>",
"password": "<string>" "password": "<string>",
(optional)"token": "<2fa token>"
} }
``` ```
@ -32,7 +33,13 @@ Can return:
"msg": "Login successfully" "msg": "Login successfully"
} }
``` ```
- 400 with response - 402 with response
```json
{
"msg": "Please specify a 2fa token"
}
```
- 400 || 401 with response
```json ```json
{ {
"error": "<corresponding error>" "error": "<corresponding error>"

32
doc/auth/remove.md Normal file
View File

@ -0,0 +1,32 @@
# remove user
Available endpoints:
- DELETE `/`
Common return:
- 500 with response
```json
{
"error": "Internal server error"
}
```
## DELETE `/`
User to remove a user from the backend
Inputs: just need a valid JWT cookie
Returns:
- 200
```json
{
"msg": "User successfully deleted"
}
```
- 401 || 400
```json
{
"error": "<corresponding msg>
}
```

3
src/api/auth/default.js
View File

@ -11,6 +11,7 @@ import { totpSetup } from './totpSetup.js';
import { totpDelete } from './totpDelete.js'; import { totpDelete } from './totpDelete.js';
import { totpVerify } from './totpVerify.js'; import { totpVerify } from './totpVerify.js';
import { logout } from './logout.js'; import { logout } from './logout.js';
import { remove } from './remove.js';
const saltRounds = 10; const saltRounds = 10;
export const appName = process.env.APP_NAME || 'knl_meowscendence'; export const appName = process.env.APP_NAME || 'knl_meowscendence';
@ -110,4 +111,6 @@ export default async function(fastify, options) {
}, async (request, reply) => { return register(request, reply, saltRounds, fastify); }); }, async (request, reply) => { return register(request, reply, saltRounds, fastify); });
fastify.get('/logout', {}, async (request, reply) => { return logout(reply, fastify); }) fastify.get('/logout', {}, async (request, reply) => { return logout(reply, fastify); })
fastify.delete('/', { preHandler: fastify.authenticate }, async (request, reply) => { return remove(request, reply, fastify)})
} }

4
src/api/auth/login.js
View File

@ -37,8 +37,8 @@ export async function login(request, reply, fastify) {
const userTOTP = authDB.getUser(user); const userTOTP = authDB.getUser(user);
if (userTOTP.totpEnabled == 1) { if (userTOTP.totpEnabled == 1) {
if (!request.body.token){ if (!request.body.token) {
return reply.code(401).send({ error: 'Invalid 2FA token' }); return reply.code(402).send({ error: 'Please specify a 2fa token' });
} }
const isValid = verifyTOTP(userTOTP.totpHash, request.body.token); const isValid = verifyTOTP(userTOTP.totpHash, request.body.token);
if (!isValid) { if (!isValid) {

34
src/api/auth/remove.js Normal file
View File

@ -0,0 +1,34 @@
import authDB from '../../utils/authDB';
import { authUserRemove } from '../../utils/authUserRemove';
/**
* @param {import('fastify').FastifyRequest} request
* @param {import('fastify').FastifyReply} reply
* @param {import('fastify').FastifyInstance} fastify
*/
export async function remove(request, reply, fastify) {
try {
const user = request.user;
if (authDB.RESERVED_USERNAMES.includes(user)) {
return reply.code(400).send({ error: 'Reserved username' });
}
if (authDB.checkUser(user) === false) {
return reply.code(400).send({ error: "User does not exist" });
}
authDB.rmUser(user)
authUserRemove(user, fastify)
return reply
.code(200)
.send({
msg: "User successfully deleted"
})
} catch (err) {
fastify.log.error(err);
return reply.code(500).send({ error: "Internal server error" });
}
}

19
src/utils/authUserRemove.js Normal file
View File

@ -0,0 +1,19 @@
import axios from 'axios'
/**
* @param {string} username
* @param {import('fastify').FastifyInstance} fastify
*/
export async function authUserRemove(username, fastify) {
const url = (process.env.USER_URL || "http://localhost:3002") + "/users/" + username;
const cookie = fastify.jwt.sign({ user: "admin" });
await axios.post(
url,
{
headers: {
'Cookie': 'token=' + cookie,
},
}
);
}