external/SponsorBlockServer
1
0
Fork 0
mirror of https://github.com/ajayyy/SponsorBlockServer.git synced 2024-11-10 09:07:47 +01:00
Code Issues Projects Releases Packages Wiki Activity

Reformatted and fixed missing parameters.

Browse source
This commit is contained in:
Ajay Ramachandran 2019-07-31 23:32:25 -04:00
parent c67fb34588
commit d5d33f0e9b
1 changed files with 22 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
index.js
View file

@ -1,6 +1,5 @@
var express = require('express'); var express = require('express');
var http = require('http'); var http = require('http');
var BehindProxy = true
// Create a service (the app object is just a callback). // Create a service (the app object is just a callback).
var app = express(); var app = express();
@ -13,14 +12,6 @@ var db = new sqlite3.Database('./databases/sponsorTimes.db');
//where the more sensitive data such as IP addresses are stored //where the more sensitive data such as IP addresses are stored
var privateDB = new sqlite3.Database('./databases/private.db'); var privateDB = new sqlite3.Database('./databases/private.db');
function hash (value, times=5000) { // Should be bcrypt!!!
for (let i = 0; i < times; i++) {
let hashCreator = crypto.createHash('sha256');
value = hashCreator.update(value).digest('hex');
}
return value;
}
// Create an HTTP service. // Create an HTTP service.
http.createServer(app).listen(80); http.createServer(app).listen(80);
@ -28,6 +19,9 @@ http.createServer(app).listen(80);
// make it even harder for someone to decode the ip // make it even harder for someone to decode the ip
var globalSalt = "49cb0d52-1aec-4b89-85fc-fab2c53062fb"; // Should not be global var globalSalt = "49cb0d52-1aec-4b89-85fc-fab2c53062fb"; // Should not be global
//if so, it will use the x-forwarded header instead of the ip address of the connection
var behindProxy = true;
//setup CORS correctly //setup CORS correctly
app.use(function(req, res, next) { app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*"); res.header("Access-Control-Allow-Origin", "*");
@ -84,8 +78,8 @@ app.get('/api/getVideoSponsorTimes', function (req, res) {
}); });
}); });
function GetIP (req) { function getIP(req) {
return BehindProxy ? req.headers['x-forwarded-for'] || req.connection.remoteAddress; return behindProxy ? req.headers['x-forwarded-for'] : req.connection.remoteAddress;
} }
//add the post function //add the post function
@ -104,10 +98,10 @@ app.get('/api/postVideoSponsorTimes', function (req, res) {
} }
//hash the userID //hash the userID
userID = getHashedUserID(userID); userID = getHash(userID);
//hash the ip 5000 times so no one can get it from the database //hash the ip 5000 times so no one can get it from the database
let hashedIP = hash(GetIP() + globalSalt); let hashedIP = getHash(getIP(req) + globalSalt);
startTime = parseFloat(startTime); startTime = parseFloat(startTime);
endTime = parseFloat(endTime); endTime = parseFloat(endTime);
@ -182,13 +176,13 @@ app.get('/api/voteOnSponsorTime', function (req, res) {
} }
//hash the userID //hash the userID
userID = getHashedUserID(userID + UUID); userID = getHash(userID + UUID);
//x-forwarded-for if this server is behind a proxy //x-forwarded-for if this server is behind a proxy
let ip = GetIP(); let ip = getIP(req);
//hash the ip 5000 times so no one can get it from the database //hash the ip 5000 times so no one can get it from the database
let hashedIP = hash(ip + globalSalt); let hashedIP = getHash(ip + globalSalt);
//check if vote has already happened //check if vote has already happened
privateDB.prepare("SELECT type FROM votes WHERE userID = ? AND UUID = ?").get(userID, UUID, function(err, row) { privateDB.prepare("SELECT type FROM votes WHERE userID = ? AND UUID = ?").get(userID, UUID, function(err, row) {
@ -269,7 +263,7 @@ app.get('/api/getViewsForUser', function (req, res) {
} }
//hash the userID //hash the userID
userID = getHashedUserID(userID); userID = getHash(userID);
//up the view count by one //up the view count by one
db.prepare("SELECT SUM(views) as viewCount FROM sponsorTimes WHERE userID = ?").get(userID, function(err, row) { db.prepare("SELECT SUM(views) as viewCount FROM sponsorTimes WHERE userID = ?").get(userID, function(err, row) {
@ -289,11 +283,6 @@ app.get('/database.db', function (req, res) {
res.sendFile("./databases/sponsorTimes.db", { root: __dirname }); res.sendFile("./databases/sponsorTimes.db", { root: __dirname });
}); });
function getHashedUserID(userID) {
//hash the userID 5000 times so no one can get it from the database
return hash(userID);
}
//This function will find sponsor times that are contained inside of eachother, called similar sponsor times //This function will find sponsor times that are contained inside of eachother, called similar sponsor times
//Only one similar time will be returned, randomly generated based on the sqrt of votes. //Only one similar time will be returned, randomly generated based on the sqrt of votes.
//This allows new less voted items to still sometimes appear to give them a chance at getting votes. //This allows new less voted items to still sometimes appear to give them a chance at getting votes.
@ -453,7 +442,8 @@ function getWeightedRandomChoice(choices, weights, amountOfChoices) {
} }
//iterate and find amountOfChoices choices //iterate and find amountOfChoices choices
let randomNumber = Math.random(); // Not cryptographically-secure let randomNumber = Math.random();
//this array will keep adding to this variable each time one sqrt vote has been dealt with //this array will keep adding to this variable each time one sqrt vote has been dealt with
//this is the sum of all the sqrtVotes under this index //this is the sum of all the sqrtVotes under this index
let currentVoteNumber = 0; let currentVoteNumber = 0;
@ -484,3 +474,12 @@ function getWeightedRandomChoice(choices, weights, amountOfChoices) {
choicesDealtWith: choicesDealtWith choicesDealtWith: choicesDealtWith
}; };
} }
function getHash(value, times=5000) {
for (let i = 0; i < times; i++) {
let hashCreator = crypto.createHash('sha256');
value = hashCreator.update(value).digest('hex');
}
return value;
}