@@ -52,6 +53,7 @@ if (isset($_REQUEST["act"])){
$AuthToken = "";
$UserName = "";
$ErrorDesc = "";
+ $UserId = "";
$request = curl_init();
curl_setopt($request, CURLOPT_POST, 1);
curl_setopt($request, CURLOPT_URL, "https://hackers.town/oauth/token");
@@ -82,6 +84,7 @@ if (isset($_REQUEST["act"])){
// Congrats!
$AuthToken = $Auth->access_token;
$UserName = $User->display_name;
+ $UserId = $User->id;
}else{
// invalid auth
$AuthToken = "BadUser";
@@ -89,8 +92,23 @@ if (isset($_REQUEST["act"])){
}
}else{
// invalid auth
- $AuthToken = "BadOauth";
- $ErrorDesc = "Invalid OAuth";
+ if(isset($_COOKIE["oa_retries"])){
+ $retries = $_COOKIE["oa_retries"];
+ if($retries >= 3){
+ $AuthToken = "BadUser";
+ $ErrorDesc = "Invalid OAuth";
+ setcookie("oa_retries", 0, time()+3600);
+ }else{
+ $retries++;
+ setcookie("oa_retries", $retries, time()+3600);
+ $AuthToken = "BadOauthRetry";
+ $ErrorDesc = "Invalid OAuth Retry";
+ }
+ }else{
+ $AuthToken = "BadOauth";
+ $ErrorDesc = "Invalid OAuth Retry";
+ setcookie("oa_retries", 1, time()+3600);
+ }
}
// revoke token after usage
@@ -106,7 +124,7 @@ if (isset($_REQUEST["act"])){
diff --git a/auth/setKey.php b/auth/setKey.php
new file mode 100644
index 0000000..dca7aeb
--- /dev/null
+++ b/auth/setKey.php
@@ -0,0 +1,70 @@
+ true));
+}
+
+function error($error){
+ apiResult(array("status" => false, "error" => $error));
+}
+
+function validateUsername($username){
+ return (preg_match("/^([a-zA-Z0-9_.]+)$/", $username) == 1);
+}
+
+if (checkParameters(array("pubkey", "userId", "authToken"))){
+ error("Missing parameters");
+}
+
+$userToken = $_POST["authToken"];
+$userId = $_POST["userId"];
+$pubkey = $_POST["pubkey"];
+
+$request = curl_init();
+curl_setopt($request, CURLOPT_URL, "https://hackers.town/api/v1/accounts/verify_credentials");
+curl_setopt($request, CURLOPT_RETURNTRANSFER, 1);
+curl_setopt($request, CURLOPT_HTTPHEADER, array(
+ "Authorization: Bearer ".$userToken
+));
+$response = curl_exec($request);
+curl_close($request);
+$User = json_decode($response);
+// Check User
+if($User->id != $userId){
+ error("User Mismatch");
+}
+if(!validateUsername($User->username)){
+ error("Invalid Username");
+}
+// Create temporary pubkey holding file
+$TempFileName = "/tmp/mkuser/".uniqid("ssh-", true).".pub";
+if(!file_put_contents($TempFileName, $pubkey."\n")){
+ error("Key Addition Failed: Temp");
+}
+// Run User Generation Tool
+// TODO: Replace with custom Rust PHP Extension
+$UserGenCode = shell_exec("/etc/ttyserver/bin/mkuser.tmp \"".$User->username."\" \"".$TempFileName."\" 2>&1; echo $?");
+if($UserGenCode != "0"){
+ error("Key Addition Failed: MK-".$UserGenCode);
+}
+success();
+
+?>
\ No newline at end of file
diff --git a/favicon.ico b/favicon.ico
new file mode 100644
index 0000000..9e9c738
Binary files /dev/null and b/favicon.ico differ
diff --git a/index.html b/index.html
index e7d7b20..de8b18b 100644
--- a/index.html
+++ b/index.html
@@ -4,17 +4,15 @@
-
-
-
-
-
+
+
+
diff --git a/index.js b/index.js
index cc6e4b5..b96f9f4 100644
--- a/index.js
+++ b/index.js
@@ -5,8 +5,20 @@ const dbp = (msg) => {
console.log(msg);
};
+const SwalConfig = {
+ color: "#79F257",
+ background: "#022601",
+}
+
const isOverflown = ({ clientHeight, scrollHeight }) => scrollHeight > clientHeight
+const setCookie = (cname, cvalue, exdays) => {
+ const d = new Date();
+ d.setTime(d.getTime() + (exdays*24*60*60*1000));
+ let expires = "expires="+ d.toUTCString();
+ document.cookie = cname + "=" + cvalue + ";" + expires + ";path=/auth";
+}
+
const resizeText = ({ element, elements, minSize = 10, maxSize = 512, step = 1, unit = 'px' }) => {
dbp("Resize");
(elements || [element]).forEach(el => {
@@ -63,29 +75,77 @@ const disableNonDesktopElements = () => {
// document.getElementById("bttn").style.height = "15vw";
}
-const generateSSH = async (name) => {
+const failMsg = (msg) => {
+ $("#resizer").html(msg);
+ $("#resizer").css("color", "#400112");
+ $("#resizer").css("background-color", "#79F257");
+ $("#resizer").animate({
+ color: "#79F257",
+ backgroundColor: "#022601"
+ }, 1000);
+}
+
+
+const generateSSH = async (name, id, token) => {
dbp("Generate Key");
+ // debugger;
generateKeyPair("RSASSA-PKCS1-v1_5", 4096, "namehere")
.then((keys) => {
- console.dir(keys);
- // saveFile("ssh_key.pem", "text/plain", keys[0]);
- // saveFile("ssh_key.pub", "text/plain", keys[1]);
var KeyExport = new JSZip();
KeyExport.file("HackersTownTTY-"+name, keys[0]);
KeyExport.file("HackersTownTTY-"+name+".pub", keys[1]);
KeyExport.generateAsync({type:"blob"})
.then((content) => {
saveFile("HackersTownTTY-"+name+".zip", "application/zip", content);
- // saveAs(content, "HackersTownTTY-"+name+".zip");
- });
+ });
+ var payload = {
+ pubkey: keys[1],
+ userId: id,
+ authToken: token
+ };
+ $.post("https://tty.hackers.town/auth/setKey.php", payload, (response) => {
+ console.log(response);
+ // debugger;
+ if(response.status){
+ Swal.fire({
+ ...SwalConfig,
+ title: "Success!",
+ });
+ }else{
+ Swal.fire({
+ ...SwalConfig,
+ title: "Failed!",
+ text: response.error
+ });
+ }
+ }).fail(() => {
+ console.log("Failed");
+ });
}).catch((err) => {
console.log(err);
});
}
-const uploadSSH = () => {
+const testSwal = () => {
+ Swal.fire({
+ ...SwalConfig,
+ title: "Success!",
+ });
+}
+const uploadSSH = () => {
+ //request local file
+ // $("#keyfiie").trigger("click");
+ var kf = document.getElementById("keyfile");
+ kf.onchange = function(e) {
+ // File selected
+
+ }
+ kf.click();
+ dbp("Nextttt");
+
+ //upload file
}
const beginOauth = () => {
@@ -99,16 +159,14 @@ const beginOauth = () => {
"response_type=code&client_id="+data.id+"&redirect_uri="+
"https://tty.hackers.town/auth&scope=read:accounts";
dbp(redirect);
+ dbp(window.location.pathname);
+ if(window.location.pathname.includes("auth")){
+ setCookie("oa_retries", 0, 0.1);
+ }
window.location.href = redirect;
}else{
// Auth Failed
- $("#resizer").html("AUTH FAILED");
- $("#resizer").css("color", "#400112");
- $("#resizer").css("background-color", "#79F257");
- $("#resizer").animate({
- color: "#79F257",
- backgroundColor: "#022601"
- }, 1000);
+ failMsg("AUTH FAILED");
}
});
}
@@ -126,4 +184,13 @@ $(() => {
dbp("Is Mobile 👍🏻");
disableNonDesktopElements();
}
+ // Auto Retry
+ if(window.location.pathname.includes("auth")){
+ var ErrorMsg = document.getElementById("ErrorResult");
+ dbp(typeof ErrorMsg);
+ if(typeof ErrorMsg !== 'undefined' && ErrorMsg.innerText.includes("Retry")){
+ dbp("attempt retry");
+ beginOauth();
+ }
+ }
});
\ No newline at end of file
diff --git a/style.css b/style.css
index 7684c83..7e08551 100644
--- a/style.css
+++ b/style.css
@@ -69,4 +69,8 @@ span {
.keyButton {
margin: 1px;
+}
+
+.swal2-modal {
+ border: 2px solid #79F257;
}
\ No newline at end of file