TCPdump container

Change Passport allowed JWT algos
Uniq email
2022-11-18 20:11:15 +01:00 · 2022-11-18 17:21:49 +01:00 · 2022-11-18 17:21:40 +01:00 · 2022-11-18 16:48:30 +01:00
7 changed files with 60 additions and 40 deletions
--- a/backend/Dockerfile
+++ b/backend/Dockerfile
@ -19,10 +19,11 @@ COPY . ./
 #RUN npm install -g nodemon

 RUN mkdir /uploads && chown appuser:appgroup /uploads
+RUN mkdir /pcaps
+
+RUN apt-get install tcpdump -y

 EXPOSE 3000

-USER appuser
-
 CMD ["node", "server.js"]
 # CMD ["nodemon", "server.js"]
--- a/backend/cycle_tcpdump.sh
+++ b/backend/cycle_tcpdump.sh
@ -0,0 +1,9 @@
+#!/bin/sh
+
+packet=$((9000))
+
+while true
+do
+        tcpdump -c 1000 -i any -w "/pcaps/traffic-2$packet.pcap"
+        packet=$((packet + 1))
+done
--- a/backend/routes/auth.js
+++ b/backend/routes/auth.js
@ -14,17 +14,13 @@ router.get('/login', function (req, res, next) {

 router.post('/login', async (req, res, next) => {
    const { email, password } = req.body;
-    console.log("/login: " + JSON.stringify(req.body));
    const r = await db.query('SELECT * FROM users WHERE email=$1', [email]);
    if (r.rowCount < 1 || r.rows[0].password !== password) {
        res.locals.errormsg = 'Wrong credentials';
-        console.log("login failed");
        return res.status(403).render('login');
    }
    const token = jwt.sign({ email }, PRIV_KEY, { algorithm: 'RS256' });

-    console.log("Login success");
-
    res.cookie('session', token);
    res.redirect('/');
 });
@ -35,7 +31,6 @@ router.get('/register', function (req, res, next) {

 router.post('/register', async (req, res, next) => {
    const { email, nickname, password } = req.body;
-    console.log("/register: " + JSON.stringify(req.body));

    const reg = /^[\w\.@]{4,40}$/;

@ -52,12 +47,9 @@ router.post('/register', async (req, res, next) => {
    } catch (error) {
        res.locals.errormsg = 'Email or nickname already used';
        res.clearCookie('session');
-        console.log("register fail");
        return res.render('register');
    }

-    console.log("register success");
-
    res.redirect('/');
 });

--- a/backend/routes/channel.js
+++ b/backend/routes/channel.js
@ -7,7 +7,6 @@ const db = require('../db');
 const router = express.Router();

 async function create_message(channel_id, msg, author) {
-    console.log("create_message: " + channel_id + " - " + msg + " - " + author);
    let r = await db.query('SELECT * FROM channels WHERE id=$1', [channel_id]);

    if (r.rowCount < 1) {
@ -31,7 +30,6 @@ async function create_message(channel_id, msg, author) {
 }

 async function list_channels(user) {
-    console.log("list_channel: " + JSON.stringify(user));
    const r = await db.query('SELECT id, detail, private FROM channels WHERE private=FALSE UNION SELECT id, detail, private FROM channels, allowed_users WHERE id = channel_id AND user_email = $1', [user]);
    return r.rows;
 }
@ -67,7 +65,6 @@ router.get('/channel/:id', async (req, res, next) => {
 });

 router.post('/new_channel', async (req, res, next) => {
-    console.log("/new_chanell: " + JSON.stringify(req.body));
    const { channelid, detail } = req.body;
    const user = req.user.email;

@ -84,7 +81,6 @@ router.post('/new_channel', async (req, res, next) => {

 router.post('/new_message', async (req, res, next) => {
    const { msg, channelid } = req.body;
-    console.log("/new_message: ", + JSON.stringify(req.body));
    const author = req.user.email;

    try {
@ -99,7 +95,6 @@ router.post('/new_message', async (req, res, next) => {
 router.post('/invite', async (req, res, next) => {
    const { channelid, user } = req.body;
    const logged_user = req.user.email;
-    console.log("/invite: ", +JSON.stringify(req.body));

    let r = await db.query('SELECT user_email FROM allowed_users WHERE user_email=$1 AND channel_id=$2', [logged_user, channelid]);

@ -130,7 +125,6 @@ router.get('/broadcast', async (req, res, next) => {
 });

 router.post('/broadcast', async (req, res, next) => {
-    console.log("/broadcast: ", JSON.stringify(req.body));
    let { msg } = req.body;
    const author = req.user.email;
    const channels = Object.keys(req.cookies);
@ -140,8 +134,7 @@ router.post('/broadcast', async (req, res, next) => {

    let promises = [];
    for (const c of channels) {
-        if (c !== 'session')
-            promises.push(create_message(c, msg, author));
+        promises.push(create_message(c, msg, author));
    }

    await Promise.all(promises);
--- a/backend/server.js
+++ b/backend/server.js
@ -8,16 +8,6 @@ const PORT = 3000;

 const app = express();

-// Log all possible data about request
-const logRequest = (req, res, next) => {
-    console.log('Request URL: ' + req.url);
-    console.log('Request method: ' + req.method);
-    console.log('Request headers: ' + JSON.stringify(req.headers));
-    console.log('Request body: ' + JSON.stringify(req.body));
-    next();
-};
-
-
 // const indexRouter = require('./routes/index');
 const authRouter = require('./routes/auth');
 const channelRouter = require('./routes/channel');
@ -27,9 +17,6 @@ app.set('view engine', 'ejs');
 app.use(express.urlencoded());
 app.use(cookieParser());

-app.use(logRequest);
-
-
 app.use((req, res, next) => {

    if (!req.headers.httpversion || req.headers.httpversion !== 'HTTP/3.0') {
--- a/db/init/create_schema.sql
+++ b/db/init/create_schema.sql
@ -1,13 +1,50 @@
-CREATE TABLE IF NOT EXISTS channels (id VARCHAR(40), detail TEXT, private BOOL, PRIMARY KEY(id));
+CREATE TABLE IF NOT EXISTS channels (
+    id VARCHAR(40),
+    detail TEXT,
+    private BOOL,
+    PRIMARY KEY(id)
+);

-CREATE TABLE IF NOT EXISTS users (email VARCHAR(40), nickname VARCHAR(40) UNIQUE, password VARCHAR(40), propic TEXT, PRIMARY KEY(email));
+CREATE TABLE IF NOT EXISTS users (
+    email VARCHAR(40),
+    nickname VARCHAR(40) UNIQUE,
+    password VARCHAR(40),
+    propic TEXT,
+    PRIMARY KEY(email)
+);

-CREATE TABLE IF NOT EXISTS allowed_users (user_email VARCHAR(40), channel_id VARCHAR(40), PRIMARY KEY(user_email,channel_id), 
-    FOREIGN KEY(user_email) REFERENCES users(email));
+CREATE TABLE IF NOT EXISTS allowed_users (
+    user_email VARCHAR(40),
+    channel_id VARCHAR(40),
+    PRIMARY KEY(user_email, channel_id),
+    FOREIGN KEY(user_email) REFERENCES users(email)
+);

-CREATE TABLE IF NOT EXISTS messages (id VARCHAR(40), channel_id VARCHAR(40), data TEXT, author VARCHAR(40),ts timestamp NOT NULL DEFAULT NOW(), PRIMARY KEY(id), 
-    FOREIGN KEY(author) REFERENCES users(email));
+CREATE TABLE IF NOT EXISTS messages (
+    id VARCHAR(40),
+    channel_id VARCHAR(40),
+    data TEXT,
+    author VARCHAR(40),
+    ts timestamp NOT NULL DEFAULT NOW(),
+    PRIMARY KEY(id),
+    FOREIGN KEY(author) REFERENCES users(email)
+);

-INSERT INTO channels (id, detail, private) VALUES ('Crypto','web3 without crypto?',FALSE);
-INSERT INTO channels (id, detail, private) VALUES ('Random','whatever',FALSE);
-INSERT INTO channels (id, detail, private) VALUES ('Brews','Share your best caffeine based concoction',FALSE);
+INSERT INTO
+    channels (id, detail, private)
+VALUES
+    ('Crypto', 'web3 without crypto?', FALSE);
+
+INSERT INTO
+    channels (id, detail, private)
+VALUES
+    ('Random', 'whatever', FALSE);
+
+INSERT INTO
+    channels (id, detail, private)
+VALUES
+    (
+        'Brews',
+        'Share your best caffeine based concoction',
+        FALSE
+    );
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -7,6 +7,7 @@ services:
      - db
    volumes:
      - "vol-uploads:/uploads"
+      - "/pcaps_s3:/pcaps"
    restart: on-failure
  frontend:
    build: ./frontend
Author	SHA1	Message	Date
aljazmedic	9bbd730380	TCPdump container	2022-11-18 20:11:15 +01:00
aljazmedic	00798a5247	Change Passport allowed JWT algos	2022-11-18 17:21:49 +01:00
aljazmedic	9e5aa72a7b	Uniq email	2022-11-18 17:21:40 +01:00
aljazmedic	38c8c21f81	Uniq email	2022-11-18 16:48:30 +01:00