fix blacklist issue

FyreSoftware · May 5, 2022 · f78766c · f78766c
1 parent cecb7f4
commit f78766c
Show file tree

Hide file tree

Showing 4 changed files with 89 additions and 79 deletions.
diff --git a/handlers/oauth2/discord.js b/handlers/oauth2/discord.js
@@ -169,8 +169,9 @@ module.exports.load = async function (app, ifValidAPI, ejs) {
       const blacklist_status = await process.db.blacklistStatusByDiscordID(
         userinfo.id
       );
-      if (blacklist_status && !panelinfo.root_admin)
+      if (blacklist_status !== 'false' && !panelinfo.root_admin) {
         return functions.doRedirect(req, res, redirects.blacklisted);
+      }
 
       const newAcc = await process.db.updateDiscordId(
         account.email,
@@ -348,8 +349,9 @@ module.exports.load = async function (app, ifValidAPI, ejs) {
       const blacklist_status = await process.db.blacklistStatusByDiscordID(
         userinfo.id
       );
-      if (blacklist_status && !panelinfo.root_admin)
+      if (blacklist_status !== 'false' && !panelinfo.root_admin) {
         return functions.doRedirect(req, res, redirects.blacklisted);
+      }
 
       req.session.data = {
         dbinfo: dbinfo,
@@ -461,6 +463,7 @@ module.exports.load = async function (app, ifValidAPI, ejs) {
 
         if (check_if_banned === 200) {
           await process.db.toggleBlacklist(userinfo.id, true);
+          console.log('blacklisto');
         } else if (check_if_banned === 404) {
           await fetch(
             `https://discord.com/api/guilds/${process.env.discord.guild}/members/${userinfo.id}`,
@@ -542,8 +545,9 @@ module.exports.load = async function (app, ifValidAPI, ejs) {
       const blacklist_status = await process.db.blacklistStatusByDiscordID(
         userinfo.id
       );
-      if (blacklist_status && !panelinfo.root_admin)
+      if (blacklist_status !== 'false' && !panelinfo.root_admin) {
         return functions.doRedirect(req, res, redirects.blacklisted);
+      }
 
       req.session.data = {
         dbinfo: dbinfo,

diff --git a/handlers/oauth2/email.js b/handlers/oauth2/email.js
@@ -1,11 +1,11 @@
 /* eslint-disable no-constant-condition */
 /* eslint-disable camelcase */
-const fetch = require("node-fetch");
-const functions = require("../../functions.js");
-const suspendCheck = require("../servers/suspension_system.js");
-const nodemailer = require("nodemailer");
+const fetch = require('node-fetch');
+const functions = require('../../functions.js');
+const suspendCheck = require('../servers/suspension_system.js');
+const nodemailer = require('nodemailer');
 module.exports.load = async function (app, ifValidAPI, ejs) {
-  app.post("/accounts/email/reset", async (req, res) => {
+  app.post('/accounts/email/reset', async (req, res) => {
     const email = req.body.email;
 
     const account = await process.db.fetchAccountByEmail(email);
@@ -14,10 +14,10 @@ module.exports.load = async function (app, ifValidAPI, ejs) {
       req.session.variables = {
         error: {
           message:
-            "Account does not exist with that email, try signing up instead.",
+            'Account does not exist with that email, try signing up instead.',
         },
       };
-      return res.redirect("/reset/password");
+      return res.redirect('/reset/password');
     }
     const dbSettings = await process.db.findOrCreateSettings(
       process.env.discord.guild
@@ -41,9 +41,9 @@ module.exports.load = async function (app, ifValidAPI, ejs) {
       Kind regards,<br>${dbSettings.name}
   `;
       mailer.sendMail({
-        from: "main@tovade.xyz",
+        from: 'main@tovade.xyz',
         to: email,
-        subject: "Reset password",
+        subject: 'Reset password',
         html: contentHTML,
       });
       req.session.variables = {
@@ -53,32 +53,32 @@ module.exports.load = async function (app, ifValidAPI, ejs) {
       };
 
       await process.db.updateResetId(email, id);
-      return res.redirect("/reset/password");
+      return res.redirect('/reset/password');
     } catch (err) {
       req.session.variables = {
         error: {
           message:
-            "Something went wrong with the smtp config. Please contact an administrator to fix this issue.",
+            'Something went wrong with the smtp config. Please contact an administrator to fix this issue.',
         },
       };
-      return res.redirect("/login");
+      return res.redirect('/login');
     }
   });
-  app.post("/accounts/email/password/reset/:id", async (req, res) => {
+  app.post('/accounts/email/password/reset/:id', async (req, res) => {
     if (!req.params.id) {
-      return res.redirect("/login");
+      return res.redirect('/login');
     }
 
     const confirm = await process.db.fetchAccountByResetId(req.params.id);
 
     if (!confirm) {
-      return res.redirect("/login");
+      return res.redirect('/login');
     }
 
     if (req.body.password !== req.body.password_confirm) {
       req.session.variables = {
         error: {
-          message: "Password is not the same as the confirm password field.",
+          message: 'Password is not the same as the confirm password field.',
         },
       };
       return res.redirect(`/reset/password/form?id=${req.params.id}`);
@@ -91,10 +91,10 @@ module.exports.load = async function (app, ifValidAPI, ejs) {
         message: `Your password is now ${req.body.password}`,
       },
     };
-    return res.redirect("/login");
+    return res.redirect('/login');
   });
 
-  app.post("/accounts/email/login", async (req, res) => {
+  app.post('/accounts/email/login', async (req, res) => {
     const redirects = process.pagesettings.redirectactions.oauth2;
     const userinfo_withemail = await process.db.fetchAccountByEmail(
       req.body.email
@@ -104,10 +104,10 @@ module.exports.load = async function (app, ifValidAPI, ejs) {
       req.session.variables = {
         error: {
           message:
-            "Looks like you signed up with discord, try using discord to login.",
+            'Looks like you signed up with discord, try using discord to login.',
         },
       };
-      return res.redirect("/");
+      return res.redirect('/');
     }
     const userinfo = await process.db.fetchAccountByEmailAndPassword(
       req.body.email,
@@ -116,26 +116,30 @@ module.exports.load = async function (app, ifValidAPI, ejs) {
     if (!userinfo) {
       req.session.variables = {
         error: {
-          message: "Wrong email or password, try again.",
+          message: 'Wrong email or password, try again.',
         },
       };
-      return res.redirect("/");
+      return res.redirect('/');
     }
     const panelinfo_raw = await fetch(
       `${process.env.pterodactyl.domain}/api/application/users/${userinfo.pterodactyl_id}?include=servers`,
       {
-        method: "get",
+        method: 'get',
         headers: {
-          "Content-Type": "application/json",
+          'Content-Type': 'application/json',
           Authorization: `Bearer ${process.env.pterodactyl.key}`,
         },
       }
     );
 
-    if ((await panelinfo_raw.statusText) === "Not Found")
+    if ((await panelinfo_raw.statusText) === 'Not Found')
       return functions.doRedirect(req, res, redirects.cannotgetinfo);
 
     const panelinfo = (await panelinfo_raw.json()).attributes;
+    const blacklist_status = process.db.blacklistStatusByEmail(req.body.email);
+    if (blacklist_status !== 'false' && !panelinfo.root_admin) {
+      return functions.doRedirect(req, res, redirects.blacklisted);
+    }
 
     req.session.data = {
       dbinfo: userinfo,
@@ -144,22 +148,22 @@ module.exports.load = async function (app, ifValidAPI, ejs) {
     return functions.doRedirect(req, res, redirects.success);
   });
 
-  app.post("/accounts/email/singup", async (req, res) => {
+  app.post('/accounts/email/singup', async (req, res) => {
     const redirects = process.pagesettings.redirectactions.oauth2;
     if (req.body.password !== req.body.password_confirm) {
       req.session.variables = {
-        message: "Password is not the same as Confirm password input",
+        message: 'Password is not the same as Confirm password input',
       };
 
-      return res.redirect("/signup");
+      return res.redirect('/signup');
     }
     const account = await process.db.fetchAccountByEmail(req.body.email);
     if (account) {
       req.session.variables = {
         message:
           "Account already exis's with that email, try logging in instead.",
       };
-      return res.redirect("/signup");
+      return res.redirect('/signup');
     }
     const userinfo = await process.db.createOrFindAccount(
       req.body.username,
@@ -171,10 +175,9 @@ module.exports.load = async function (app, ifValidAPI, ejs) {
     );
     if (!userinfo) {
       req.session.variables = {
-        message: "An error has occured, please report this to an admin",
+        message: 'An error has occured, please report this to an admin',
       };
-      console.log(userinfo);
-      return res.redirect("/signup");
+      return res.redirect('/signup');
     }
     panel_id = userinfo.pterodactyl_id;
 
@@ -196,7 +199,7 @@ module.exports.load = async function (app, ifValidAPI, ejs) {
     functions.doRedirect(req, res, redirects.success);
   });
 
-  app.get("/accounts/logout", (req, res) => {
+  app.get('/accounts/logout', (req, res) => {
     delete req.session.data;
 
     // req.session.destroy(() => {

diff --git a/handlers/servers/suspension_system.js b/handlers/servers/suspension_system.js
@@ -1,6 +1,6 @@
 /* eslint-disable camelcase */
-const fetch = require("node-fetch");
-const functions = require("../../functions.js");
+const fetch = require('node-fetch');
+const functions = require('../../functions.js');
 
 module.exports = async (email, isAdmin) => {
   // console.error()s should be impossible to get if you set it up properly.
@@ -16,15 +16,15 @@ module.exports = async (email, isAdmin) => {
   const account_info_json = await fetch(
     `${process.env.pterodactyl.domain}/api/application/users/${userinfo.pterodactyl_id}?include=servers`,
     {
-      method: "get",
+      method: 'get',
       headers: {
-        "Content-Type": "application/json",
+        'Content-Type': 'application/json',
         Authorization: `Bearer ${process.env.pterodactyl.key}`,
       },
     }
   );
 
-  if ((await account_info_json.statusText) === "Not Found")
+  if ((await account_info_json.statusText) === 'Not Found')
     return console.error(
       `[SERVER SUSPENSION] Could not find user panel information. | Email: ${email} | Pterodactyl Panel ID: ${userinfo.pterodactyl_id}`
     );
@@ -57,9 +57,9 @@ module.exports = async (email, isAdmin) => {
         await fetch(
           `${process.env.pterodactyl.domain}/api/application/servers/${id}/suspend`,
           {
-            method: "post",
+            method: 'post',
             headers: {
-              "Content-Type": "application/json",
+              'Content-Type': 'application/json',
               Authorization: `Bearer ${process.env.pterodactyl.key}`,
             },
           }
@@ -73,16 +73,16 @@ module.exports = async (email, isAdmin) => {
       const renewal_date = await process.db.getSingleRenewalDate(id);
 
       if (
-        renewal_date.action === "suspend" ||
-        renewal_date.action === "auto" ||
-        renewal_date.action === "???"
+        renewal_date.action === 'suspend' ||
+        renewal_date.action === 'auto' ||
+        renewal_date.action === '???'
       ) {
         await fetch(
           `${process.env.pterodactyl.domain}/api/application/servers/${id}/unsuspend`,
           {
-            method: "post",
+            method: 'post',
             headers: {
-              "Content-Type": "application/json",
+              'Content-Type': 'application/json',
               Authorization: `Bearer ${process.env.pterodactyl.key}`,
             },
           }