Cookie shit.

Singletons.js

@@ -0,0 +1,8 @@
+let argv = require('minimist')(process.argv.slice(2));
+module.exports = {
+    cwh: {
+        "Access-Control-Allow-Origin": argv.https === true ? "https://andyxie.cn:4000" : "http://localhost:3000",
+        "Access-Control-Allow-Credentials": true,
+        "Access-Control-Allow-Headers": "Content-Type, Access-Control-Allow-Credentials"
+    }
+}

UserInteractions.js

@@ -1,7 +1,8 @@
 const bodyParser = require("body-parser");
 const express = require("express");
 let session = require('express-session')
-
+let singleton = require('./Singletons')
+const {cwh} = require("./Singletons");
 module.exports = function UserInteractions(opts) {
     async function sha256(message) {
         // encode as UTF-8
@@ -24,44 +25,70 @@ module.exports = function UserInteractions(opts) {
         resave: false,
         saveUninitialized: false,
         cookie: {
-            secure: "auto"
+            sameSite: "lax", secure: "auto"
         }
     }))
     app.use(bodyParser.json({"limit": "200mb"}));
     app.use(express.json());
+
     let db = opts.db;
-    console.log("init")
-    app.get("/userapi", (req, res) => {
-        res.end(JSON.stringify(req.session));
+    app.options("/login", (req, res) => {
+        res.set(singleton.cwh).end("FUCK YOU CORS")
     })
-    app.post("/login", async functioqn (req, res) {
-        db.execute("SELECT uuid from user where username = ? and password = ?", [req.body.username, await sha256(req.body.password)], function (err, result) {
-            if (result.length === 0) {
-                res.status(500).json({code: 500, R: "DNE"})
-                return;
-            }
-            req.session.uuid = result[0].uuid;
-            res.header("").status(200).json({code: 200, R: "SS", uid: result[0].uuid});
+    app.get("/userapi", (req, res) => {
+        if (!req.session.uuid) {
+            res.set(singleton.cwh).status(500).json({code: 500, R: "IO"})
+            return
+        }
+        db.execute("SELECT username, email from user where uuid = ?", [req.session.uuid], (err, result) => {
+            res.set(singleton.cwh).end(JSON.stringify({
+                uuid: req.session.uuid,
+                username: result[0].username,
+                email: result[0].email,
+            }));
+
         })
     })
+    app.post("/login", async function (req, res) {
+        if (!req.body.username || !req.body.password) {
+            res.set(singleton.cwh).status(500).json({code: 500, R: "IO"})
+
+        } else {
+            db.execute("SELECT uuid from user where username = ? and password = ?", [req.body.username, await sha256(req.body.password)], function (err, result) {
+                if (result.length === 0) {
+                    res.set(cwh).status(500).json({code: 500, R: "DNE"})
+                    return;
+                }
+                req.session.uuid = result[0].uuid;
+
+                res.set(singleton.cwh).status(200).json({
+                    code: 200,
+                    R: "SS",
+                    uid: result[0].uuid
+                });
+            })
+
+        }
+
+    })
     app.post("/register", function (req, res) {
         db.execute("SELECT uuid FROM user WHERE username = ?", [req.body.username], async function (err, rows) {
             if (req.body.username === undefined || req.body.username === "" || req.body.username === null || req.body.password === undefined || req.body.password === "" || req.body.password === null) {
-                res.status(500).json({code: 500, R: "PE"})
+                res.set(cwh).status(500).json({code: 500, R: "PE"})
                 return;
             }
             if (err) {
                 console.log(err);
-                res.status(500).json({code: 500, R: "UNE"});
+                res.set(cwh).status(500).json({code: 500, R: "UNE"});
                 return;
             }
             if (rows.length === 0) {
                 db.execute("INSERT INTO user (uuid, username, email, password, avatar, time) values (?,?,?,?,?,?)", [crypto.randomUUID(), req.body.username, null, await sha256(req.body.password), null, Date.now()]);
-                res.json({code: 200, R: "SS"});
+                res.status(200).set(singleton.cwh).json({code: 200, R: "SS"});
 
                 return;
             }
-            res.status(500).json({code: 500, R: "UE"});
+            res.set(cwh).status(500).json({code: 500, R: "UE"});
             return;
         })
     })

package-lock.json

@@ -11,6 +11,7 @@
       "dependencies": {
         "body-parser": "^1.20.3",
         "cnchar": "^3.2.6",
+        "cors": "^2.8.5",
         "express": "^4.21.1",
         "express-session": "^1.18.1",
         "https": "^1.0.0",
@@ -570,6 +571,18 @@
       "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.3.tgz",
       "integrity": "sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ=="
     },
+    "node_modules/cors": {
+      "version": "2.8.5",
+      "resolved": "https://registry.npmjs.org/cors/-/cors-2.8.5.tgz",
+      "integrity": "sha512-KIHbLJqu73RGr/hnbrO9uBeixNGuvSQjul/jdFvS/KFSIH1hWVd1ng7zOHx+YrEfInLG7q4n6GHQ9cDtxv/P6g==",
+      "dependencies": {
+        "object-assign": "^4",
+        "vary": "^1"
+      },
+      "engines": {
+        "node": ">= 0.10"
+      }
+    },
     "node_modules/debug": {
       "version": "4.3.7",
       "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.7.tgz",

package.json

@@ -14,6 +14,7 @@
   "dependencies": {
     "body-parser": "^1.20.3",
     "cnchar": "^3.2.6",
+    "cors": "^2.8.5",
     "express": "^4.21.1",
     "express-session": "^1.18.1",
     "https": "^1.0.0",