UNPKG

spwmini-shitless

Version:

Shitless SPWorlds Miniapp creation toolkit

spworlds.ru

SuhEugene/spwmini-shitless

63 lines (61 loc) 2.48 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
"use strict"; var __defProp = Object.defineProperty; var __getOwnPropDesc = Object.getOwnPropertyDescriptor; var __getOwnPropNames = Object.getOwnPropertyNames; var __hasOwnProp = Object.prototype.hasOwnProperty; var __export = (target, all) => { for (var name in all) __defProp(target, name, { get: all[name], enumerable: true }); }; var __copyProps = (to, from, except, desc) => { if (from && typeof from === "object" || typeof from === "function") { for (let key of __getOwnPropNames(from)) if (!__hasOwnProp.call(to, key) && key !== except) __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable }); } return to; }; var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod); // src/middleware.ts var middleware_exports = {}; __export(middleware_exports, { checkUser: () => checkUser, validate: () => validate }); module.exports = __toCommonJS(middleware_exports); var import_crypto = require("crypto"); var JSON_HEADER = { "content-type": "application/json" }; var validate = (token, options) => (req, res) => { const checkPostMethod = !options || options.checkPostMethod !== false; if (checkPostMethod && req.method !== "POST") { res.writeHead(405).end("Method is not allowed"); return; } let data = ""; req.on("data", (chunk) => data += String(chunk)); req.on("end", () => { if (!data) return res.writeHead(400, JSON_HEADER).end(JSON.stringify({ error: "No user provided" })); try { const user = JSON.parse(data); const isUserValid = checkUser(user, token); return res.writeHead(200).end(isUserValid ? "1" : "0"); } catch (error) { if (error instanceof Error) res.writeHead(500, JSON_HEADER).end(JSON.stringify({ error: error.message })); else res.writeHead(500, JSON_HEADER).end(JSON.stringify({ error: String(error) })); console.error(error); } }); }; var checkUser = ({ hash, ...user }, token) => { const checkString = Object.keys(user).sort().filter((key) => user[key] && key !== "hash").map((key) => `${key}=${user[key]}`).join("\n"); const secret = (0, import_crypto.createHash)("sha256").update(token).digest(); const hmac = (0, import_crypto.createHmac)("sha256", secret).update(checkString).digest("hex"); return hmac === hash; }; // Annotate the CommonJS export names for ESM import in node: 0 && (module.exports = { checkUser, validate });