X-Git-Url: https://git.cworth.org/git?a=blobdiff_plain;f=lmno.js;h=175fe6300472cd914c562d7271131d8024cf6281;hb=ea14cbbefb26afd558aff8329d92f1a7b9442bac;hp=dc23fc2556651626905bae6f10a47cf5fe227c3f;hpb=67ddcfdfc632fc081ae267d6482082ddfe1635aa;p=empires-server

diff --git a/lmno.js b/lmno.js
index dc23fc2..175fe63 100644
--- a/lmno.js
+++ b/lmno.js
@@ -1,9 +1,56 @@
 const express = require("express");
 const cors = require("cors");
 const body_parser = require("body-parser");
+const session = require("express-session");
+const bcrypt = require("bcrypt");
+const path = require("path");
+const nunjucks = require("nunjucks");
+
+try {
+  var lmno_config = require("./lmno-config.json");
+} catch (err) {
+  config_usage();
+  process.exit(1);
+}
+
+function config_usage() {
+  console.log(`Error: Refusing to run without configuration.
+
+Please create a file named lmno-config.json that looks as follows:
+
+{
+  "session_secret": "<this should be a long string of true-random characters>",
+  "users": {
+    "username": "<username>",
+    "password_hash_bcrypt": "<password_hash_made_by_bcrypt>"
+  }
+}
+
+Note: Of course, change all of <these-parts> to actual values desired.
+
+The "node lmno-passwd.js" command can help generate password hashes.`);
+}
 
 const app = express();
 app.use(cors());
+app.use(body_parser.urlencoded({ extended: false }));
+app.use(body_parser.json());
+app.use(session({
+  secret: lmno_config.session_secret,
+  resave: false,
+  saveUninitialized: false
+}));
+
+nunjucks.configure("templates", {
+  autoescape: true,
+  express: app
+});
+
+/* Load each of our game mini-apps. */
+const engines = {
+  empires: require("./empires"),
+  tictactoe: require("./tictactoe")
+};
 
 class LMNO {
   constructor() {
@@ -11,22 +58,25 @@ class LMNO {
   }
 
   generate_id() {
-    return [null,null,null,null].map(() => LMNO.letters.charAt(Math.floor(Math.random() * LMNO.letters.length))).join('');
+    return Array(4).fill(null).map(() => LMNO.letters.charAt(Math.floor(Math.random() * LMNO.letters.length))).join('');
   }
 
-  create_game(engine) {
+  create_game(engine_name) {
     do {
       var id = this.generate_id();
     } while (id in this.ids);
 
-    const game = {
-	id: id,
-	engine: engine,
-    };
+    const engine = engines[engine_name];
 
-    this.ids[id] = game;
+    const game = new engine.Game();
+
+    this.ids[id] = {
+      id: id,
+      engine: engine.name,
+      game: game
+    };
 
-    return game;
+    return id;
   }
 }
 
@@ -42,12 +92,168 @@ LMNO.letters = "BCDFGHJKLMQRTVWXYZ";
 
 const lmno = new LMNO();
 
+/* Force a game ID into a canonical form as described above. */
+function lmno_canonize(id) {
+  /* Capitalize */
+  id = id.toUpperCase();
+
+  /* Replace unused letters with nearest phonetic match. */
+  id = id.replace(/N/g, 'M');
+  id = id.replace(/P/g, 'B');
+  id = id.replace(/S/g, 'F');
+
+  /* Replace unused numbers nearest visual match. */
+  id = id.replace(/0/g, 'O');
+  id = id.replace(/1/g, 'I');
+  id = id.replace(/5/g, 'S');
+
+  return id;
+}
+
 app.post('/new/:game_engine', (request, response) =>  {
   const game_engine = request.params.game_engine;
-  const game = lmno.create_game(game_engine);
-  response.send(JSON.stringify(game.id));
+  const game_id = lmno.create_game(game_engine);
+  response.send(JSON.stringify(game_id));
+});
+
+/* Redirect any requests to a game ID at the top-level.
+ *
+ * Specifically, after obtaining the game ID (from the path) we simply
+ * lookup the game engine for the corresponding game and then redirect
+ * to the engine- and game-specific path.
+ */
+app.get('/[a-zA-Z0-9]{4}', (request, response) => {
+  const game_id = request.path.replace(/\//g, "");
+  const canon_id = lmno_canonize(game_id);
+
+  /* Redirect user to page with the canonical ID in it. */
+  if (game_id !== canon_id) {
+    response.redirect(301, `/${canon_id}/`);
+    return;
+  }
+
+  const game = lmno.ids[game_id];
+  if (game === undefined) {
+      response.sendStatus(404);
+      return;
+  }
+  response.redirect(301, `/${game.engine}/${game.id}/`);
+});
+
+/* LMNO middleware to lookup the game. */
+app.use('/:engine([^/]+)/:game_id([a-zA-Z0-9]{4})', (request, response, next) => {
+  const engine = request.params.engine;
+  const game_id = request.params.game_id;
+  const canon_id = lmno_canonize(game_id);
+
+  /* Redirect user to page with the canonical ID in it, also ensuring
+   * that the game ID is _always_ followed by a slash. */
+  const has_slash = new RegExp(`^/${engine}/${game_id}/`);
+  if (game_id !== canon_id ||
+      ! has_slash.test(request.originalUrl))
+  {
+    const old_path = new RegExp(`/${engine}/${game_id}/?`);
+    const new_path = `/${engine}/${canon_id}/`;
+    const new_url = request.originalUrl.replace(old_path, new_path);
+    response.redirect(301, new_url);
+    return;
+  }
+
+  /* See if there is any game with this ID. */
+  const game = lmno.ids[game_id];
+  if (game === undefined) {
+    response.sendStatus(404);
+    return;
+  }
+
+  /* Stash the game onto the request to be used by the game-specific code. */
+  request.game = game.game;
+  next();
+});
+
+function auth_admin(request, response, next) {
+  /* If there is no user associated with this session, redirect to the login
+   * page (and set a "next" query parameter so we can come back here).
+   */
+  if (! request.session.user) {
+    response.redirect(302, "/login?next=" + request.path);
+    return;
+  }
+
+  /* If the user is logged in but not authorized to view the page then 
+   * we return that error. */
+  if (request.session.user.role !== "admin") {
+    response.status(401).send("Unauthorized");
+    return;
+  }
+  next();
+}
+
+app.get('/logout', (request, response) => {
+  request.session.user = undefined;
+  request.session.destroy();
+
+  response.send("You are now logged out.");
 });
 
+app.get('/login', (request, response) => {
+  if (request.session.user) {
+    response.send("Welcome, " + request.session.user + ".");
+    return;
+  }
+
+  response.render('login.html');
+});
+
+app.post('/login', async (request, response) => {
+  const username = request.body.username;
+  const password = request.body.password;
+  const user = lmno_config.users[username];
+  if (! user) {
+    response.sendStatus(404);
+    return;
+  }
+  const match = await bcrypt.compare(password, user.password_hash_bcrypt);
+  if (! match) {
+    response.sendStatus(404);
+    return;
+  }
+  request.session.user = { username: user.username, role: user.role };
+  response.sendStatus(200);
+  return;
+});
+
+/* API to set uer profile information */
+app.put('/profile', (request, response) => {
+  const nickname = request.body.nickname;
+  if (nickname) {
+    request.session.nickname = nickname;
+    request.session.save();
+  }
+  response.send();
+});
+
+/* An admin page (only available to admin users, of course) */
+app.get('/admin/', auth_admin, (request, response) => {
+  let active = [];
+  let idle = [];
+
+  for (let id in lmno.ids) {
+    if (lmno.ids[id].game.clients.length)
+      active.push(lmno.ids[id]);
+    else
+      idle.push(lmno.ids[id]);
+  }
+  response.render('admin.html', { test: "foobar", games: { active: active, idle: idle}});
+});
+
+
+/* Mount sub apps. only _after_ we have done all the middleware we need. */
+for (let key in engines) {
+  const engine = engines[key];
+  app.use(`/${engine.name}/[a-zA-Z0-9]{4}/`, engine.router);
+}
+
 app.listen(4000, function () {
   console.log('LMNO server listening on localhost:4000');
 });