Shinobi/libs/auth.js

var fs = require('fs');
module.exports = function(s,config,lang){
    //Authenticator functions
    s.api = {}
    s.superUsersApi = {}
    s.factorAuth = {}
    s.failedLoginAttempts = {}
    //
    var getUserByUid = function(params,columns,callback){
        if(!columns)columns = '*'
        s.sqlQuery(`SELECT ${columns} FROM Users WHERE uid=? AND ke=?`,[params.uid,params.ke],function(err,r){
            if(!r)r = []
            var user = r[0]
            callback(err,user)
        })
    }
    var getUserBySessionKey = function(params,callback){
        s.sqlQuery('SELECT * FROM Users WHERE auth=? AND ke=?',[params.auth,params.ke],function(err,r){
            if(!r)r = []
            var user = r[0]
            callback(err,user)
        })
    }
    var loginWithUsernameAndPassword = function(params,columns,callback){
        if(!columns)columns = '*'
        s.sqlQuery(`SELECT ${columns} FROM Users WHERE mail=? AND (pass=? OR pass=?) LIMIT 1`,[params.username,params.password,s.createHash(params.password)],function(err,r){
            if(!r)r = []
            var user = r[0]
            callback(err,user)
        })
    }
    var getApiKey = function(params,columns,callback){
        if(!columns)columns = '*'
        s.sqlQuery(`SELECT ${columns} FROM API WHERE code=? AND ke=?`,[params.auth,params.ke],function(err,r){
            if(!r)r = []
            var apiKey = r[0]
            callback(err,apiKey)
        })
    }
    var loginWithApiKey = function(params,callback){
        getApiKey(params,'*',function(err,apiKey){
            var isSessionKey = false
            if(apiKey){
                var sessionKey = createSession(apiKey,{
                    auth: params.auth,
                    permissions: s.parseJSON(apiKey.details),
                    details: {}
                })
                getUserByUid(apiKey,'mail,details',function(err,user){
                    if(user){
                        try{
                            editSession({
                                auth: sessionKey
                            },{
                                mail: user.mail,
                                details: s.parseJSON(user.details),
                                lang: s.getLanguageFile(user.details.lang)
                            })
                        }catch(er){
                            console.log(er)
                        }
                    }
                    callback(err,s.api[params.auth])
                })
            }else{
                getUserBySessionKey(params,function(err,user){
                    if(user){
                        isSessionKey = true
                        createSession(apiKey,{
                            details: JSON.parse(user.details),
                            permissions: {}
                        })
                        callback(err,user,isSessionKey)
                    }
                })
            }
        })
    }
    var createSession = function(user,additionalData){
        if(user){
            var generatedId = s.gid(20)
            if(!additionalData)additionalData = {}
            if(!user.ip)user.ip = '0.0.0.0'
            if(!user.auth)user.auth = generatedId
            user.details = JSON.parse(user.details)
            user.permissions = {}
            s.api[user.auth] = Object.assign(user,additionalData)
            return generatedId
        }
    }
    var editSession = function(user,additionalData){
        if(user){
            if(!additionalData)additionalData = {}
            Object.keys(additionalData).forEach(function(value,key){
                s.api[user.auth][key] = value
            })
        }
    }
    var failHttpAuthentication = function(res,req,message){
        if(!message)message = lang['Not Authorized']
        res.end(s.prettyPrint({
            ok: false,
            msg: message
        }))
    }
    var resetActiveSessionTimer = function(activeSession){
        if(activeSession){
            clearTimeout(activeSession.timeout)
            activeSession.timeout = setTimeout(function(){
                delete(activeSession)
            },1000 * 60 * 5)
        }
    }
    s.auth = function(params,onSuccessComplete,res,req){
        if(req){
            //express (http server) use of auth function
            params.ip = req.headers['cf-connecting-ip'] || req.headers['x-forwarded-for'] || req.connection.remoteAddress
            var onFail = function(message){
                failHttpAuthentication(res,req,message)
            }
        }else{
            //socket.io use of auth function
            var onFail = function(){
                //maybe log
            }
        }
        var onSuccess = function(user){
            var activeSession = s.api[params.auth]
            if(
                activeSession &&
                (
                    activeSession.ip.indexOf('0.0.0.0') > -1 ||
                    activeSession.ip.indexOf(params.ip) > -1
                )
            ){
                if(!user.lang){
                    var details = s.parseJSON(user.details).lang
                    user.lang = s.getDefinitonFile(user.details.lang) || s.copySystemDefaultLanguage()
                }
                onSuccessComplete(user)
            }else{
                onFail()
            }
        }
        if(s.group[params.ke] && s.group[params.ke].users && s.group[params.ke].users[params.auth]){
            var activeSession = s.group[params.ke].users[params.auth]
            activeSession.permissions = {}
            if(!activeSession.lang){
                activeSession.lang = s.copySystemDefaultLanguage()
            }
            onSuccessComplete(activeSession)
        }else{
            if(s.api[params.auth] && s.api[params.auth].details){
                var activeSession = s.api[params.auth]
                onSuccess(activeSession)
                if(activeSession.timeout){
                   resetActiveSessionTimer(activeSession)
                }
            }else{
                if(params.username && params.username !== '' && params.password && params.password !== ''){
                    loginWithUsernameAndPassword(params,'*',function(err,user){
                        if(user){
                            params.auth = user.auth
                            createSession(user)
                            resetActiveSessionTimer(s.api[params.auth])
                            onSuccess(user)
                        }else{
                            onFail()
                        }
                    })
                }else{
                    loginWithApiKey(params,function(err,user,isSessionKey){
                        if(isSessionKey)resetActiveSessionTimer(s.api[params.auth])
                        if(user){
                            onSuccess(s.api[params.auth])
                        }else{
                            onFail()
                        }
                    })
                }
            }
        }
    }
    //super user authentication handler
    s.superAuth = function(params,callback,res,req){
        var userFound = false
        var userSelected = false
        var adminUsersSelected = null
        try{
            var success = function(){
                var chosenConfig = config
                if(req && res){
                    chosenConfig = s.getConfigWithBranding(req.hostname)
                    res.setHeader('Content-Type', 'application/json')
                    var ip = req.headers['cf-connecting-ip']||req.headers["CF-Connecting-IP"]||req.headers["'x-forwarded-for"]||req.connection.remoteAddress;
                    var resp = {
                        ok: userFound,
                        ip: ip
                    }
                    if(userFound === false){
                        resp.msg = lang['Not Authorized']
                        res.end(s.prettyPrint(resp))
                    }
                    if(userSelected){
                        resp.$user = userSelected
                    }
                    if(adminUsersSelected){
                        resp.users = adminUsersSelected
                    }
                }
                callback({
                    ip : ip,
                    $user: userSelected,
                    users: adminUsersSelected,
                    config: chosenConfig,
                    lang:lang
                })
            }
            var foundUser = function(){
                if(params.users === true){
                    s.sqlQuery('SELECT * FROM Users WHERE details NOT LIKE ?',['%"sub"%'],function(err,r) {
                        adminUsersSelected = r
                        success()
                    })
                }else{
                    success()
                }
            }
            if(params.auth && s.superUsersApi[params.auth]){
                userFound = true
                userSelected = s.superUsersApi[params.auth].$user
                foundUser()
            }else{
                var superUserList = JSON.parse(fs.readFileSync(s.location.super))
                superUserList.forEach(function(superUser,n){
                    if(
                        userFound === false &&
                        (
                            params.auth && superUser.tokens && superUser.tokens[params.auth] || //using API key (object)
                            params.auth && superUser.tokens && superUser.tokens.indexOf && superUser.tokens.indexOf(params.auth) > -1 || //using API key (array)
                            (
                                params.mail && params.mail.toLowerCase() === superUser.mail.toLowerCase() && //email matches
                                (
                                    params.pass === superUser.pass || //user give it already hashed
                                    superUser.pass === s.createHash(params.pass) || //hash and check it
                                    superUser.pass.toLowerCase() === s.md5(params.pass).toLowerCase() //check if still using md5
                                )
                            )
                        )
                    ){
                        userFound = true
                        userSelected = superUser
                        foundUser()
                    }
                })
            }
        }catch(err){
            console.log('The following error may mean your super.json is not formatted correctly.')
            console.log(err)
        }
        if(userFound === true){
            return true
        }else{
            if(res)res.end(s.prettyPrint({
                ok: false,
                msg: lang['Not Authorized']
            }))
            return false
        }
    }
    s.basicOrApiAuthentication = function(username,password,callback){
        var splitUsername = username.split('@')
        if(splitUsername[1] && splitUsername[1].toLowerCase().indexOf('shinobi') > -1){
            getApiKey(params,'ke,uid',callback)
        }else{
            loginWithUsernameAndPassword(params,'ke,uid',callback)
        }
    }
}
rewrite superAuth function 2018-10-03 22:06:08 +00:00			`var fs = require('fs');`
Modularize camera.js 2018-09-28 05:37:08 +00:00			`module.exports = function(s,config,lang){`
			`//Authenticator functions`
			`s.api = {}`
allow superAuth with API key (tokens) 2018-10-06 04:33:51 +00:00			`s.superUsersApi = {}`
Modularize camera.js+++++++ - clean up some more functions names to be more human readable. 2018-09-29 15:00:51 +00:00			`s.factorAuth = {}`
Modularize camera.js 2018-09-28 05:37:08 +00:00			`s.failedLoginAttempts = {}`
light cleanup on auth.js refactor 2019-07-08 03:40:02 +00:00			`//`
fix typo in getUserByUid 2019-07-08 04:02:08 +00:00			`var getUserByUid = function(params,columns,callback){`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`if(!columns)columns = '*'`
			s.sqlQuery(`SELECT ${columns} FROM Users WHERE uid=? AND ke=?`,[params.uid,params.ke],function(err,r){
			`if(!r)r = []`
			`var user = r[0]`
			`callback(err,user)`
			`})`
			`}`
			`var getUserBySessionKey = function(params,callback){`
			`s.sqlQuery('SELECT * FROM Users WHERE auth=? AND ke=?',[params.auth,params.ke],function(err,r){`
			`if(!r)r = []`
			`var user = r[0]`
			`callback(err,user)`
			`})`
			`}`
			`var loginWithUsernameAndPassword = function(params,columns,callback){`
			`if(!columns)columns = '*'`
			s.sqlQuery(`SELECT ${columns} FROM Users WHERE mail=? AND (pass=? OR pass=?) LIMIT 1`,[params.username,params.password,s.createHash(params.password)],function(err,r){
			`if(!r)r = []`
			`var user = r[0]`
			`callback(err,user)`
			`})`
			`}`
			`var getApiKey = function(params,columns,callback){`
			`if(!columns)columns = '*'`
			s.sqlQuery(`SELECT ${columns} FROM API WHERE code=? AND ke=?`,[params.auth,params.ke],function(err,r){
			`if(!r)r = []`
			`var apiKey = r[0]`
			`callback(err,apiKey)`
			`})`
			`}`
			`var loginWithApiKey = function(params,callback){`
			`getApiKey(params,'*',function(err,apiKey){`
			`var isSessionKey = false`
			`if(apiKey){`
fix sessionKey edit 2019-07-08 04:27:30 +00:00			`var sessionKey = createSession(apiKey,{`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`auth: params.auth,`
blackhole requests that are sent before shinobi is started 2019-07-08 16:20:43 +00:00			`permissions: s.parseJSON(apiKey.details),`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`details: {}`
			`})`
			`getUserByUid(apiKey,'mail,details',function(err,user){`
			`if(user){`
			`try{`
fix sessionKey edit 2019-07-08 04:27:30 +00:00			`editSession({`
			`auth: sessionKey`
			`},{`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`mail: user.mail,`
			`details: s.parseJSON(user.details),`
fix lang selector in auth.js 2019-07-08 04:08:52 +00:00			`lang: s.getLanguageFile(user.details.lang)`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`})`
			`}catch(er){`
			`console.log(er)`
			`}`
			`}`
			`callback(err,s.api[params.auth])`
			`})`
			`}else{`
			`getUserBySessionKey(params,function(err,user){`
			`if(user){`
			`isSessionKey = true`
			`createSession(apiKey,{`
fix broken auth 2019-07-08 03:58:33 +00:00			`details: JSON.parse(user.details),`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`permissions: {}`
			`})`
			`callback(err,user,isSessionKey)`
			`}`
			`})`
			`}`
			`})`
			`}`
			`var createSession = function(user,additionalData){`
			`if(user){`
fix sessionKey edit 2019-07-08 04:27:30 +00:00			`var generatedId = s.gid(20)`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`if(!additionalData)additionalData = {}`
			`if(!user.ip)user.ip = '0.0.0.0'`
blackhole requests that are sent before shinobi is started 2019-07-08 16:20:43 +00:00			`if(!user.auth)user.auth = generatedId`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`user.details = JSON.parse(user.details)`
			`user.permissions = {}`
			`s.api[user.auth] = Object.assign(user,additionalData)`
fix sessionKey edit 2019-07-08 04:27:30 +00:00			`return generatedId`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`}`
			`}`
			`var editSession = function(user,additionalData){`
			`if(user){`
			`if(!additionalData)additionalData = {}`
			`Object.keys(additionalData).forEach(function(value,key){`
			`s.api[user.auth][key] = value`
			`})`
			`}`
			`}`
			`var failHttpAuthentication = function(res,req,message){`
			`if(!message)message = lang['Not Authorized']`
			`res.end(s.prettyPrint({`
			`ok: false,`
fix typo msg to message in auth.js 2019-07-08 04:05:02 +00:00			`msg: message`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`}))`
			`}`
			`var resetActiveSessionTimer = function(activeSession){`
blackhole requests that are sent before shinobi is started 2019-07-08 16:20:43 +00:00			`if(activeSession){`
			`clearTimeout(activeSession.timeout)`
			`activeSession.timeout = setTimeout(function(){`
			`delete(activeSession)`
			`},1000 * 60 * 5)`
			`}`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`}`
			`s.auth = function(params,onSuccessComplete,res,req){`
Modularize camera.js 2018-09-28 05:37:08 +00:00			`if(req){`
			`//express (http server) use of auth function`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`params.ip = req.headers['cf-connecting-ip'] \|\| req.headers['x-forwarded-for'] \|\| req.connection.remoteAddress`
			`var onFail = function(message){`
			`failHttpAuthentication(res,req,message)`
Modularize camera.js 2018-09-28 05:37:08 +00:00			`}`
			`}else{`
			`//socket.io use of auth function`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`var onFail = function(){`
Modularize camera.js 2018-09-28 05:37:08 +00:00			`//maybe log`
			`}`
			`}`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`var onSuccess = function(user){`
			`var activeSession = s.api[params.auth]`
			`if(`
blackhole requests that are sent before shinobi is started 2019-07-08 16:20:43 +00:00			`activeSession &&`
			`(`
			`activeSession.ip.indexOf('0.0.0.0') > -1 \|\|`
			`activeSession.ip.indexOf(params.ip) > -1`
			`)`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`){`
Add "codeTester" module (Not Complete) - Merge test functions into main app and invoke based on 1 of 2 Methods. - Method 1 : Add `"testMode":true` to conf.json to start Shinobi in Test Mode. - Method 2 : run `node camera.js test` in the Shinobi folder. - CTRL+C to exit process and cleanup test files. + Code cleanup and bug fixes (found while testing the codeTester module) + Update "Entire System Export" + Additional Extenders + Make Input Map default "0" instead of "0:0" + Remove extra Whitespace from LICENSE and update the "Modification of this Software Product.". 2018-12-17 00:54:06 +00:00			`if(!user.lang){`
			`var details = s.parseJSON(user.details).lang`
			`user.lang = s.getDefinitonFile(user.details.lang) \|\| s.copySystemDefaultLanguage()`
			`}`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`onSuccessComplete(user)`
Modularize camera.js 2018-09-28 05:37:08 +00:00			`}else{`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`onFail()`
Modularize camera.js 2018-09-28 05:37:08 +00:00			`}`
			`}`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`if(s.group[params.ke] && s.group[params.ke].users && s.group[params.ke].users[params.auth]){`
			`var activeSession = s.group[params.ke].users[params.auth]`
			`activeSession.permissions = {}`
			`if(!activeSession.lang){`
			`activeSession.lang = s.copySystemDefaultLanguage()`
Add "codeTester" module (Not Complete) - Merge test functions into main app and invoke based on 1 of 2 Methods. - Method 1 : Add `"testMode":true` to conf.json to start Shinobi in Test Mode. - Method 2 : run `node camera.js test` in the Shinobi folder. - CTRL+C to exit process and cleanup test files. + Code cleanup and bug fixes (found while testing the codeTester module) + Update "Entire System Export" + Additional Extenders + Make Input Map default "0" instead of "0:0" + Remove extra Whitespace from LICENSE and update the "Modification of this Software Product.". 2018-12-17 00:54:06 +00:00			`}`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`onSuccessComplete(activeSession)`
Modularize camera.js 2018-09-28 05:37:08 +00:00			`}else{`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`if(s.api[params.auth] && s.api[params.auth].details){`
			`var activeSession = s.api[params.auth]`
			`onSuccess(activeSession)`
			`if(activeSession.timeout){`
			`resetActiveSessionTimer(activeSession)`
Modularize camera.js 2018-09-28 05:37:08 +00:00			`}`
			`}else{`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`if(params.username && params.username !== '' && params.password && params.password !== ''){`
			`loginWithUsernameAndPassword(params,'*',function(err,user){`
			`if(user){`
			`params.auth = user.auth`
blackhole requests that are sent before shinobi is started 2019-07-08 16:20:43 +00:00			`createSession(user)`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`resetActiveSessionTimer(s.api[params.auth])`
			`onSuccess(user)`
Modularize camera.js 2018-09-28 05:37:08 +00:00			`}else{`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`onFail()`
Modularize camera.js 2018-09-28 05:37:08 +00:00			`}`
			`})`
			`}else{`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`loginWithApiKey(params,function(err,user,isSessionKey){`
			`if(isSessionKey)resetActiveSessionTimer(s.api[params.auth])`
			`if(user){`
			`onSuccess(s.api[params.auth])`
Modularize camera.js 2018-09-28 05:37:08 +00:00			`}else{`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`onFail()`
Modularize camera.js 2018-09-28 05:37:08 +00:00			`}`
			`})`
			`}`
			`}`
			`}`
			`}`
			`//super user authentication handler`
RESTful API methods Superuser 2018-10-05 21:19:29 +00:00			`s.superAuth = function(params,callback,res,req){`
rewrite superAuth function 2018-10-03 22:06:08 +00:00			`var userFound = false`
RESTful API methods Superuser 2018-10-05 21:19:29 +00:00			`var userSelected = false`
Update Superuser - Update API to allow request on "all" - Update superAuth - add temporary superSessionKey to use REST API in Superuser dashboard - fix favicon in Superuser panel - make some UI adjustments in Superuser panel 2018-10-06 06:20:16 +00:00			`var adminUsersSelected = null`
rewrite superAuth function 2018-10-03 22:06:08 +00:00			`try{`
Update Superuser - Update API to allow request on "all" - Update superAuth - add temporary superSessionKey to use REST API in Superuser dashboard - fix favicon in Superuser panel - make some UI adjustments in Superuser panel 2018-10-06 06:20:16 +00:00			`var success = function(){`
Some Updates and Fixes - Add Branding Engine - Lock PM2 install to 3.0.0 (newer versions cannot catch `uncaughtException`. - Update macOS installer - Update OpenALPR (CPU) installer - Add Portuguese Language - Fix Language Selector - Lay-In ability to create Matrix from Pam-Diff detection blob - createEventBasedRecording called for Traditional Recording labelled 5 seconds before real time to capture event - fix NaN for new user created in Superuser - count space used for Timelapse Frames and Files tables (does not purge Timelapse data yet) - Update TimelapseJpeg, lay-in MP4 builder, many fixes, additonal page - add `impervious` to gitignore in `web/libs` for custom static files - Fix delete button for quick video list - Fix Super form appearance 2019-04-03 03:47:03 +00:00			`var chosenConfig = config`
Update Superuser - Update API to allow request on "all" - Update superAuth - add temporary superSessionKey to use REST API in Superuser dashboard - fix favicon in Superuser panel - make some UI adjustments in Superuser panel 2018-10-06 06:20:16 +00:00			`if(req && res){`
Some Updates and Fixes - Add Branding Engine - Lock PM2 install to 3.0.0 (newer versions cannot catch `uncaughtException`. - Update macOS installer - Update OpenALPR (CPU) installer - Add Portuguese Language - Fix Language Selector - Lay-In ability to create Matrix from Pam-Diff detection blob - createEventBasedRecording called for Traditional Recording labelled 5 seconds before real time to capture event - fix NaN for new user created in Superuser - count space used for Timelapse Frames and Files tables (does not purge Timelapse data yet) - Update TimelapseJpeg, lay-in MP4 builder, many fixes, additonal page - add `impervious` to gitignore in `web/libs` for custom static files - Fix delete button for quick video list - Fix Super form appearance 2019-04-03 03:47:03 +00:00			`chosenConfig = s.getConfigWithBranding(req.hostname)`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`res.setHeader('Content-Type', 'application/json')`
Update Superuser - Update API to allow request on "all" - Update superAuth - add temporary superSessionKey to use REST API in Superuser dashboard - fix favicon in Superuser panel - make some UI adjustments in Superuser panel 2018-10-06 06:20:16 +00:00			`var ip = req.headers['cf-connecting-ip']\|\|req.headers["CF-Connecting-IP"]\|\|req.headers["'x-forwarded-for"]\|\|req.connection.remoteAddress;`
			`var resp = {`
			`ok: userFound,`
			`ip: ip`
			`}`
			`if(userFound === false){`
			`resp.msg = lang['Not Authorized']`
			`res.end(s.prettyPrint(resp))`
			`}`
			`if(userSelected){`
			`resp.$user = userSelected`
			`}`
			`if(adminUsersSelected){`
			`resp.users = adminUsersSelected`
			`}`
			`}`
			`callback({`
			`ip : ip,`
light cleanup on auth.js refactor 2019-07-08 03:40:02 +00:00			`$user: userSelected,`
			`users: adminUsersSelected,`
Some Updates and Fixes - Add Branding Engine - Lock PM2 install to 3.0.0 (newer versions cannot catch `uncaughtException`. - Update macOS installer - Update OpenALPR (CPU) installer - Add Portuguese Language - Fix Language Selector - Lay-In ability to create Matrix from Pam-Diff detection blob - createEventBasedRecording called for Traditional Recording labelled 5 seconds before real time to capture event - fix NaN for new user created in Superuser - count space used for Timelapse Frames and Files tables (does not purge Timelapse data yet) - Update TimelapseJpeg, lay-in MP4 builder, many fixes, additonal page - add `impervious` to gitignore in `web/libs` for custom static files - Fix delete button for quick video list - Fix Super form appearance 2019-04-03 03:47:03 +00:00			`config: chosenConfig,`
Update Superuser - Update API to allow request on "all" - Update superAuth - add temporary superSessionKey to use REST API in Superuser dashboard - fix favicon in Superuser panel - make some UI adjustments in Superuser panel 2018-10-06 06:20:16 +00:00			`lang:lang`
			`})`
			`}`
allow superAuth with API key (tokens) 2018-10-06 04:33:51 +00:00			`var foundUser = function(){`
			`if(params.users === true){`
			`s.sqlQuery('SELECT * FROM Users WHERE details NOT LIKE ?',['%"sub"%'],function(err,r) {`
			`adminUsersSelected = r`
Update Superuser - Update API to allow request on "all" - Update superAuth - add temporary superSessionKey to use REST API in Superuser dashboard - fix favicon in Superuser panel - make some UI adjustments in Superuser panel 2018-10-06 06:20:16 +00:00			`success()`
allow superAuth with API key (tokens) 2018-10-06 04:33:51 +00:00			`})`
			`}else{`
Update Superuser - Update API to allow request on "all" - Update superAuth - add temporary superSessionKey to use REST API in Superuser dashboard - fix favicon in Superuser panel - make some UI adjustments in Superuser panel 2018-10-06 06:20:16 +00:00			`success()`
Modularize camera.js 2018-09-28 05:37:08 +00:00			`}`
allow superAuth with API key (tokens) 2018-10-06 04:33:51 +00:00			`}`
			`if(params.auth && s.superUsersApi[params.auth]){`
			`userFound = true`
			`userSelected = s.superUsersApi[params.auth].$user`
			`foundUser()`
			`}else{`
			`var superUserList = JSON.parse(fs.readFileSync(s.location.super))`
			`superUserList.forEach(function(superUser,n){`
			`if(`
			`userFound === false &&`
			`(`
			`params.auth && superUser.tokens && superUser.tokens[params.auth] \|\| //using API key (object)`
			`params.auth && superUser.tokens && superUser.tokens.indexOf && superUser.tokens.indexOf(params.auth) > -1 \|\| //using API key (array)`
			`(`
Update Superuser - Update API to allow request on "all" - Update superAuth - add temporary superSessionKey to use REST API in Superuser dashboard - fix favicon in Superuser panel - make some UI adjustments in Superuser panel 2018-10-06 06:20:16 +00:00			`params.mail && params.mail.toLowerCase() === superUser.mail.toLowerCase() && //email matches`
allow superAuth with API key (tokens) 2018-10-06 04:33:51 +00:00			`(`
			`params.pass === superUser.pass \|\| //user give it already hashed`
			`superUser.pass === s.createHash(params.pass) \|\| //hash and check it`
			`superUser.pass.toLowerCase() === s.md5(params.pass).toLowerCase() //check if still using md5`
			`)`
			`)`
			`)`
			`){`
			`userFound = true`
			`userSelected = superUser`
			`foundUser()`
			`}`
			`})`
			`}`
rewrite superAuth function 2018-10-03 22:06:08 +00:00			`}catch(err){`
RESTful API methods Superuser 2018-10-05 21:19:29 +00:00			`console.log('The following error may mean your super.json is not formatted correctly.')`
rewrite superAuth function 2018-10-03 22:06:08 +00:00			`console.log(err)`
			`}`
			`if(userFound === true){`
			`return true`
Modularize camera.js 2018-09-28 05:37:08 +00:00			`}else{`
API Methods for Importing and Exporting the whole database - "yeh, i do a little import/export, no biggie." + add fail response for superAuth 2018-12-13 04:05:07 +00:00			`if(res)res.end(s.prettyPrint({`
			`ok: false,`
			`msg: lang['Not Authorized']`
			`}))`
rewrite superAuth function 2018-10-03 22:06:08 +00:00			`return false`
Modularize camera.js 2018-09-28 05:37:08 +00:00			`}`
			`}`
Updates and Fixes - add videoDropInServer (FTP), currently only logs timelapse frames to database - cleanup timelapse appearance - allow replacing renderPaths.home with embeddable page for basic landing after login - light ejs touchups 2019-04-06 05:27:22 +00:00			`s.basicOrApiAuthentication = function(username,password,callback){`
			`var splitUsername = username.split('@')`
allow lowercase "shinobi" in smtp/ftp trigger username 2019-06-05 23:08:34 +00:00			`if(splitUsername[1] && splitUsername[1].toLowerCase().indexOf('shinobi') > -1){`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`getApiKey(params,'ke,uid',callback)`
allow lowercase "shinobi" in smtp/ftp trigger username 2019-06-05 23:08:34 +00:00			`}else{`
auth.js refactor, code cleaner 2019-07-08 03:01:16 +00:00			`loginWithUsernameAndPassword(params,'ke,uid',callback)`
Updates and Fixes - add videoDropInServer (FTP), currently only logs timelapse frames to database - cleanup timelapse appearance - allow replacing renderPaths.home with embeddable page for basic landing after login - light ejs touchups 2019-04-06 05:27:22 +00:00			`}`
			`}`
Modularize camera.js 2018-09-28 05:37:08 +00:00			`}`