From 5ad5d0ceba19fcd230bd66c884df2990b4f536bc Mon Sep 17 00:00:00 2001 From: hippoz <10706925-hippoz@users.noreply.gitlab.com> Date: Thu, 10 Feb 2022 01:15:39 +0200 Subject: [PATCH] add experimental "supertokens" that can send messages with any username or avatarurl --- GatewayServer.js | 4 +++- routes/api.js | 15 +++++++++++---- tokens.js | 4 ++-- 3 files changed, 16 insertions(+), 7 deletions(-) diff --git a/GatewayServer.js b/GatewayServer.js index 4b4b77f..47c70ae 100644 --- a/GatewayServer.js +++ b/GatewayServer.js @@ -1,3 +1,4 @@ +import { use } from "express/lib/application"; import { WebSocketServer } from "ws"; import { guildMap } from "./common.js"; import { decodeToken } from "./tokens.js"; @@ -161,7 +162,8 @@ class GatewayServer { username: user.username, guildAccess: user.guildAccess, discordID: user.discordID, - avatarURL: user.avatarURL + avatarURL: user.avatarURL, + isSuperToken: user.isSuperToken } } })); diff --git a/routes/api.js b/routes/api.js index 7d3c657..268844a 100644 --- a/routes/api.js +++ b/routes/api.js @@ -13,12 +13,12 @@ router.post("/tokens/create", async (req, res) => { if (!dangerousAdminMode) return res.status(403).send({ error: true, message: "ERROR_FEATURE_DISABLED" }); - const { username, avatarURL, discordID, guildAccess } = req.body; + const { username, avatarURL, discordID, guildAccess, isSuperToken=false } = req.body; if (!username || !discordID || !guildAccess) return res.status(400).send({ error: true, message: "ERROR_BAD_REQUEST" }); try { - const token = await createToken({ username, avatarURL, discordID, guildAccess }); + const token = await createToken({ username, avatarURL, discordID, guildAccess, isSuperToken }); res.status(200).send({ error: false, message: "SUCCESS_TOKEN_CREATED", token }); } catch(e) { res.status(500).send({ error: true, message: "ERROR_TOKEN_CREATE_FAILURE" }); @@ -30,7 +30,8 @@ router.get("/users/@self", checkAuth(async (req, res) => { username: req.user.username, avatarURL: req.user.avatarURL, discordID: req.user.discordID, - guildAccess: req.user.guildAccess + guildAccess: req.user.guildAccess, + isSuperToken: isSuperToken }}); })); @@ -48,7 +49,13 @@ router.post("/guilds/:guildId/channels/:channelId/messages/create", checkAuth(as return res.status(400).send({ error: true, message: "ERROR_NO_CHANNEL_ID" }); - const { username, avatarURL, guildAccess } = req.user; + let { username, avatarURL, guildAccess, isSuperToken } = req.user; + if (isSuperToken) { + if (req.body.username) + username = req.body.username; + if (req.body.avatarURL) + avatarURL = req.body.avatarURL; + } if (guildAccess.indexOf(guildId) === -1) return res.status(403).send({ error: true, message: "ERROR_NO_GUILD_ACCESS" }); diff --git a/tokens.js b/tokens.js index 3475fc0..7cf0705 100644 --- a/tokens.js +++ b/tokens.js @@ -1,9 +1,9 @@ import jsonwebtoken from "jsonwebtoken"; import { jwtSecret } from "./config.js"; -export function createToken({ username, avatarURL, discordID, guildAccess }) { +export function createToken({ username, avatarURL, discordID, guildAccess, isSuperToken=false }) { return new Promise((resolve, reject) => { - jsonwebtoken.sign({ username, avatarURL, discordID, guildAccess }, jwtSecret, (err, token) => { + jsonwebtoken.sign({ username, avatarURL, discordID, guildAccess, isSuperToken }, jwtSecret, (err, token) => { if (err) return reject(err);