more patches to previous updates

- fixed getUnreadMailCount - added unread mail count to login screen - added session busted detection (new bug that when you restart minisrv it loses the user_id, so we send the client to relog) (todo: maybe add api to add key/value to ticket so we can retain data over server restarts)
2022-02-08 04:58:16 -05:00
parent 07b5145dec
commit 433fc3db19
5 changed files with 45 additions and 24 deletions
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/ValidateLogin.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/ValidateLogin.js
@@ -75,7 +75,6 @@ wtv-encrypted: true
 wtv-ticket: ${wtvsec_login.ticket_b64}
 `;
 	}
-	console.log(ssid_sessions[socket.ssid])
 	if (limitedLoginRegistered) gourl = "wtv-head-waiter:/password?";
 	headers += `
 wtv-visit: ${gourl}`;
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/choose-user.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/choose-user.js
@@ -86,7 +86,19 @@ for (const [key, value] of Object.entries(accounts)) {
    if (key == "subscriber") data += `<font size=+1><b>${value['subscriber_username']}</b></font></a>`;
    else data += `<font size=+1>${value['subscriber_username']}</font>`
    data += "<td width=15><td nowrap>	<font color=42BD52>";
-    data += "<!-- do mailcheck here -->" // todo
+    var userSession = new WTVClientSessionData(minisrv_config, socket.ssid);
+    userSession.user_id = user_id;
+
+    var mailcount = 0;
+    if (userSession.mailstore.mailstoreExists()) {
+        if (userSession.mailstore.mailboxExists(0)) {
+            mailcount = userSession.mailstore.countUnreadMessages(0);
+        }
+    }
+    if (mailcount > 0) {
+        var mcnumber = (mailcount >= 100) ? "99+" : mailcount;
+        data += mcnumber + ` new message${(mcnumber != 1) ? 's' : ''}`;
+    }
    data += `</font>
 <tr>
 <td>
@@ -107,6 +119,8 @@ for (const [key, value] of Object.entries(accounts)) {
 while (accounts_listed < minisrv_config.config.user_accounts.max_users_per_account) {
    data += `<tr>
 <td>
+<td absheight=37><tr>
+<td>
 <td bgcolor=1e1e1e width=400 absheight=2 colspan=3>
 <img src="ROMCache/Spacer.gif" width=1 height=1>
 <tr>
@@ -116,11 +130,6 @@ while (accounts_listed < minisrv_config.config.user_accounts.max_users_per_accou
 <td>
 <td bgcolor=121212 width=400 absheight=2 colspan=3>
 <img src="ROMCache/Spacer.gif" width=1 height=1>`;
-    if (accounts_listed != minisrv_config.config.user_accounts.max_users_per_account - 1) {
-        data += `<tr>
-<td>
-<td absheight=37>`;
-    } 
    accounts_listed++;
 }

--- a/zefie_wtvp_minisrv/WTVClientSessionData.js
+++ b/zefie_wtvp_minisrv/WTVClientSessionData.js
@@ -1,6 +1,6 @@
 const { lib } = require('crypto-js');
 const CryptoJS = require('crypto-js');
-
+const WTVMail = require('./WTVMail.js')
 class WTVClientSessionData {

    fs = require('fs');
@@ -27,7 +27,6 @@ class WTVClientSessionData {
        if (!minisrv_config) throw ("minisrv_config required");
        var WTVShared = require('./WTVShared.js')['WTVShared'];
        var WTVMime = require('./WTVMime.js');
-        var WTVMail = require('./WTVMail.js');
        this.minisrv_config = minisrv_config;
        this.wtvshared = new WTVShared(minisrv_config);
        this.wtvmime = new WTVMime(minisrv_config);
@@ -38,7 +37,6 @@ class WTVClientSessionData {
        this.lockdownWhitelist = [
            "wtv-1800:/preregister",
            "wtv-head-waiter:/login",
-            "wtv-head-waiter:/password",
            "wtv-head-waiter:/ValidateLogin",
            "wtv-head-waiter:/login-stage-two",
            "wtv-head-waiter:/relogin",
@@ -50,16 +48,16 @@ class WTVClientSessionData {
        this.lockdownWhitelist.push(minisrv_config.config.service_logo);

        this.loginWhitelist = Object.assign([], this.lockdownWhitelist); // clone lockdown whitelist into login whitelist
+        this.loginWhitelist.push("wtv-head-waiter:/choose-user");
+        this.loginWhitelist.push("wtv-head-waiter:/password");
        this.mailstore = new WTVMail(minisrv_config, ssid, this);
    }


-    switchUserID(user_id) {
+    switchUserID(user_id, update_mail = true) {
        this.user_id = user_id;
-        var wtvsec_tmp = this.get("wtvsec_login");
        this.loadSessionData();
-        this.set("wtvsec_login", wtvsec_tmp);
-        wtvsec_tmp = null;
+        this.mailstore = new WTVMail(this.minisrv_config, this.ssid, this)
    }

    findFreeUserSlot() {
@@ -421,8 +419,11 @@ class WTVClientSessionData {
        return false;
    }

-    isRegistered() {
-        return (this.getSessionData("registered") && this.fs.existsSync(this.getUserStoreDirectory()));
+    isRegistered(session_mode = true) {
+        if (session_mode)
+            return (this.getSessionData("registered") && this.fs.existsSync(this.getUserStoreDirectory()));
+        else
+            return this.fs.existsSync(this.getUserStoreDirectory());
    }

    unregisterBox() {
@@ -650,9 +651,9 @@ class WTVClientSessionData {
    }


-    isAuthorized(url, whitelist = 'lockdown') {
+    isAuthorized(url, whitelist = 'lockdown', ignore_lockdown = false) {
        // not in lockdown so just return true
-        if (!this.lockdown) return true;
+        if (!this.lockdown && !ignore_lockdown) return true;

        // in lockdown, check whitelisted urls
        var self = this;
--- a/zefie_wtvp_minisrv/WTVMail.js
+++ b/zefie_wtvp_minisrv/WTVMail.js
@@ -260,15 +260,16 @@ class WTVMail {
    }

    countMessages(mailboxid) {
-        var messages = this.listMessages(mailboxid, false);
-        return (messages.length) ? messages.length : 0;
+        var messages = this.listMessages(mailboxid, 100, false);
+        var message_count = Object.keys(messages).length;
+        return (message_count) ? message_count : 0;
    }

    countUnreadMessages(mailboxid) {
-        var messages = this.listMessages(mailboxid, false);
+        var messages = this.listMessages(mailboxid, 100, false);
        var unread = 0;
        Object.keys(messages).forEach(function (k) {
-            if (k.unread) unread++;
+            if (messages[k].unread) unread++;
        });
        return unread;
    }
--- a/zefie_wtvp_minisrv/app.js
+++ b/zefie_wtvp_minisrv/app.js
@@ -397,14 +397,25 @@ async function processURL(socket, request_headers) {

        if (!ssid_sessions[socket.ssid].isUserLoggedIn() && !ssid_sessions[socket.ssid].isAuthorized(shortURL, 'login')) {
            // lockdown mode and URL not authorized
-            headers = "300 Unauthorized\n";
-            headers += "Location: " + minisrv_config.config.unauthorized_url + "\n";
+            headers = `300 Unauthorized
+Location: " + minisrv_config.config.unauthorized_url`;
            data = "";
            sendToClient(socket, headers, data);
            console.log(" * Rejected login bypass request for " + shortURL + " on socket ID", socket.id);
            return;
        }

+        if (ssid_sessions[socket.ssid].isRegistered(false) && !ssid_sessions[socket.ssid].isAuthorized(shortURL, 'login', true)) {
+            if (!ssid_sessions[socket.ssid].getSessionData("subscriber_username")) {
+                headers = `300 Session Error
+Location: client:relogin`;
+                data = "";
+                sendToClient(socket, headers, data);
+                console.log(" * Session error: Asking client to relogin via socket ID", socket.id);
+                return;
+            }
+        }
+

        // Check URL for :/, but not :// (to differentiate wtv urls)
        if (shortURL.indexOf(':/') >= 0 && shortURL.indexOf('://') == -1) {