const express = require("express");
const cors = require("cors");
const body_parser = require("body-parser");
+const session = require("express-session");
+const bcrypt = require("bcrypt");
+const path = require("path");
+const nunjucks = require("nunjucks");
+
+try {
+ var lmno_config = require("./lmno-config.json");
+} catch (err) {
+ config_usage();
+ process.exit(1);
+}
+
+function config_usage() {
+ console.log(`Error: Refusing to run without configuration.
+
+Please create a file named lmno-config.json that looks as follows:
+
+{
+ "session_secret": "<this should be a long string of true-random characters>",
+ "users": {
+ "username": "<username>",
+ "password_hash_bcrypt": "<password_hash_made_by_bcrypt>"
+ }
+}
+
+Note: Of course, change all of <these-parts> to actual values desired.
+
+The "node lmno-passwd.js" command can help generate password hashes.`);
+}
const app = express();
app.use(cors());
+app.use(body_parser.urlencoded({ extended: false }));
+app.use(body_parser.json());
+app.use(session({
+ secret: lmno_config.session_secret,
+ resave: false,
+ saveUninitialized: false
+}));
+
+nunjucks.configure("templates", {
+ autoescape: true,
+ express: app
+});
+
+/* Load each of our game mini-apps. */
+var empires = require("./empires");
class LMNO {
constructor() {
var id = this.generate_id();
} while (id in this.ids);
- const game = {
+ const game = new empires.Game();
+
+ this.ids[id] = {
id: id,
engine: engine,
+ game: game
};
- this.ids[id] = game;
-
- return game;
+ return id;
}
}
const lmno = new LMNO();
+/* Force a game ID into a canonical form as described above. */
+function lmno_canonize(id) {
+ /* Capitalize */
+ id = id.toUpperCase();
+
+ /* Replace unused letters with nearest phonetic match. */
+ id = id.replace(/N/g, 'M');
+ id = id.replace(/P/g, 'B');
+ id = id.replace(/S/g, 'F');
+
+ /* Replace unused numbers nearest visual match. */
+ id = id.replace(/0/g, 'O');
+ id = id.replace(/1/g, 'I');
+ id = id.replace(/5/g, 'S');
+
+ return id;
+}
+
app.post('/new/:game_engine', (request, response) => {
const game_engine = request.params.game_engine;
- const game = lmno.create_game(game_engine);
- response.send(JSON.stringify(game.id));
+ const game_id = lmno.create_game(game_engine);
+ response.send(JSON.stringify(game_id));
+});
+
+/* Redirect any requests to a game ID at the top-level.
+ *
+ * Specifically, after obtaining the game ID (from the path) we simply
+ * lookup the game engine for the corresponding game and then redirect
+ * to the engine- and game-specific path.
+ */
+app.get('/[a-zA-Z0-9]{4}', (request, response) => {
+ const game_id = request.path.replace(/\//g, "");
+ const canon_id = lmno_canonize(game_id);
+
+ /* Redirect user to page with the canonical ID in it. */
+ if (game_id !== canon_id) {
+ response.redirect(301, `/${canon_id}/`);
+ return;
+ }
+
+ const game = lmno.ids[game_id];
+ if (game === undefined) {
+ response.sendStatus(404);
+ return;
+ }
+ response.redirect(301, `/${game.engine}/${game.id}/`);
+});
+
+/* LMNO middleware to lookup the game. */
+app.use('/empires/:game_id([a-zA-Z0-9]{4})', (request, response, next) => {
+ const game_id = request.params.game_id;
+ const canon_id = lmno_canonize(game_id);
+
+ /* Redirect user to page with the canonical ID in it. */
+ if (game_id !== canon_id) {
+ const new_url = request.originalUrl.replace("/empires/" + game_id,
+ "/empires/" + canon_id);
+ response.redirect(301, new_url);
+ return;
+ }
+
+ /* See if there is any game with this ID. */
+ const game = lmno.ids[game_id];
+ if (game === undefined) {
+ response.sendStatus(404);
+ return;
+ }
+
+ /* Stash the game onto the request to be used by the game-specific code. */
+ request.game = game.game;
+ next();
+});
+
+function auth_admin(request, response, next) {
+ /* If there is no user associated with this session, redirect to the login
+ * page (and set a "next" query parameter so we can come back here).
+ */
+ if (! request.session.user) {
+ response.redirect(302, "/login?next=" + request.path);
+ return;
+ }
+
+ /* If the user is logged in but not authorized to view the page then
+ * we return that error. */
+ if (request.session.user.role !== "admin") {
+ response.status(401).send("Unauthorized");
+ return;
+ }
+ next();
+}
+
+app.get('/logout', (request, response) => {
+ request.session.user = undefined;
+ request.session.destroy();
+
+ response.send("You are now logged out.");
+});
+
+app.get('/login', (request, response) => {
+ if (request.session.user) {
+ response.send("Welcome, " + request.session.user + ".");
+ return;
+ }
+
+ response.render('login.html');
+});
+
+app.post('/login', async (request, response) => {
+ const username = request.body.username;
+ const password = request.body.password;
+ const user = lmno_config.users[username];
+ if (! user) {
+ response.sendStatus(404);
+ return;
+ }
+ const match = await bcrypt.compare(password, user.password_hash_bcrypt);
+ if (! match) {
+ response.sendStatus(404);
+ return;
+ }
+ request.session.user = { username: user.username, role: user.role };
+ response.sendStatus(200);
+ return;
});
+/* API to set uer profile information */
+app.put('/profile', (request, response) => {
+ const nickname = request.body.nickname;
+ if (nickname) {
+ request.session.nickname = nickname;
+ request.session.save();
+ }
+ response.send();
+});
+
+/* An admin page (only available to admin users, of course) */
+app.get('/admin/', auth_admin, (request, response) => {
+ let active = [];
+ let idle = [];
+
+ for (let id in lmno.ids) {
+ if (lmno.ids[id].game.clients.length)
+ active.push(lmno.ids[id]);
+ else
+ idle.push(lmno.ids[id]);
+ }
+ response.render('admin.html', { test: "foobar", games: { active: active, idle: idle}});
+});
+
+
+/* Mount sub apps. only _after_ we have done all the middleware we need. */
+app.use('/empires/[a-zA-Z0-9]{4}/', empires.app);
+
app.listen(4000, function () {
console.log('LMNO server listening on localhost:4000');
});
projects / empires-server / blobdiff