-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathapp.lua
365 lines (280 loc) · 7.91 KB
/
app.lua
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
local lapis = require "lapis"
local app = lapis.Application()
package.path = 'scripts/r18/?.lua;' .. 'scripts/?.lua;' .. package.path
require'r18.config'
local utils = require'r18.utils'
local templates = require'r18.templates'
local db = require 'r18.db'
local csrf = require("lapis.csrf")
local app_helpers = require("lapis.application")
local capture_errors_json, yield_error = app_helpers.capture_errors_json, app_helpers.yield_error
local capture_errors, assert_error = app_helpers.capture_errors, app_helpers.assert_error
local respond_to = require("lapis.application").respond_to
local root = "/home/srcds/fastdl/"
local function isverified(usr)
return usr and usr.verifier1 and usr.verifier2
end
local hmac_sha1
local function mkcode(accountid)
local hmac = require "resty.hmac"
hmac_sha1 = hmac_sha1 or hmac:new("ijojo435i3dasd=vsdbsdb12", hmac.ALGOS.SHA1)
if not hmac_sha1 then
return
end
local data = tostring(assert(tonumber(accountid)))
local ok = hmac_sha1:update(data)
if not ok then
return
end
local mac = hmac_sha1:final() -- binary mac
local str = require "resty.string"
if not hmac_sha1:reset() then
return
end
return ("%08x%s"):format(accountid,str.to_hex(mac:sub(1,8)))
end
app:get("/r18", capture_errors_json(function(self)
local accountid,admin,ingame = utils.account_need()
utils.cachecontrol()
local sid64 = utils.aid_to_sid64(accountid)
local usr = db.get(accountid)
local verified = isverified(usr)
local code
if not verified then
code = mkcode(accountid)
end
local v1,v2 = usr and usr.verifier1,usr and usr.verifier2
local has_verified = db.getby(accountid)
if has_verified then
for k,v in next,has_verified do
v.sid64 = utils.aid_to_sid64(v.accountid)
end
end
local myverifications = has_verified and {verifications=has_verified}
return templates.index{
accountid=accountid,
verified=verified,
unverified=not verified,
code=code,
v1=v1 and utils.aid_to_sid64(v1),
v2=v2 and utils.aid_to_sid64(v2),
myverifications = myverifications,
}
end))
app:get("/r18/test", capture_errors(function(self)
local t = templates.message{
msg="test",
}
t.status = 404
return t
end))
app:get("/r18/verify/:code", capture_errors(function(self)
local accountid,admin,ingame = utils.account_need()
utils.cachecontrol()
local usr = db.get(accountid)
local verified = isverified(usr)
if not verified and not admin then
return {
layout=false,
status = 403,
'This account is not adult verified so you may not verify other accounts. Verify yourself first <a href="/r18">here</a>!',
}
end
local code = self.params.code
--local hex = require'hex'
--local data,err = hex.decode(code)
local target_accountid = tonumber(code:sub(1,2*4),16)
if not target_accountid then
return {
json = {
success = false,
error = "Invalid code"
}
}
end
local codeverify = mkcode(target_accountid)
if codeverify ~= code then
return {
json = {
success = false,
error = "Code did not validate (Invalid or old)"
}
}
end
return templates.verify{accountid=target_accountid,sid64=utils.aid_to_sid64(target_accountid),csrf=csrf.generate_token(self),code=code}
end))
app:post("/r18/verify/:code", capture_errors(function(self)
local accountid,admin,ingame = utils.account_need()
utils.cachecontrol()
csrf.assert_token(self)
local code = self.params.code
local target_accountid = tonumber(code:sub(1,2*4),16)
if not target_accountid then
return "Invalid code"
end
if accountid == target_accountid then
return {
layout=false,
status = 403,
'You can not verify yourself! You should give this link to a person who is <b>already verified</b> and can confirm that you are adult.',
}
end
local codeverify = mkcode(target_accountid)
if codeverify ~= code then
return {
json = {
success = false,
error = "Code did not validate (Invalid or old)"
},
status = 400
}
end
local usr = db.get(target_accountid)
if not usr then
db.set(target_accountid,accountid)
elseif isverified(usr) then
return "This user is already fully verified"
else
if usr.verifier1 == accountid or usr.verifier2 == accountid then
return "You have already verified this person"
end
if usr.verifier1 then
db.set(target_accountid,nil,accountid)
elseif usr.verifier2 then
db.set(target_accountid,accountid,nil)
else
db.set(target_accountid,accountid)
end
end
return {
layout=false,
status = 403,
'Verification confirmed! <br/> View your verifications <a href="/r18">here</a>.',
}
end))
app:post("/r18/noverify/:accountid", capture_errors(function(self)
utils.cachecontrol()
csrf.assert_token(self)
return "Thank you!"
end))
local function to_aid(accountid)
if not accountid or not tonumber(accountid) then
return
end
local tmp = tonumber(accountid)>2^32+1 and utils.sid64_to_accountid(accountid)
if tmp and tmp>0 then
accountid = tmp
end
return accountid
end
local to_json = require("lapis.util").to_json
app:get("/r18/v/:accountid", capture_errors_json(function(self)
utils.cachecontrol(2)
local accountid = to_aid(self.params.accountid)
if not accountid then
return {
json = {
success = false,
error = "bad steamid"
},
status = 400
}
end
local usr = db.get(accountid)
local verified = isverified(usr) and true or false
return {
json = {
success = true,
verified = verified
}
}
end))
app:get("/r18/n/:accountid", capture_errors(function(self)
utils.cachecontrol(2)
local accountid_root = to_aid(self.params.accountid)
if not accountid_root then
return {
json = {
success = false,
error = "bad steamid"
},
status = 400
}
end
local usr = db.get(accountid_root)
if not usr then return "no such account" end
local nodes={
}
local links={
}
local visited = {}
local all_users = {}
local verifications = {}
local id=0
local function new(accountid)
id = id + 1
local t={}
t.id=id
t.accountid = accountid
t.sid64=utils.aid_to_sid64(accountid)
t.shape = 'image'
t.image = "https://steamsignature.com/status/default/"..t.sid64..".png"
t.label = tostring(accountid)
nodes[#nodes+1]=t
return t
end
local function new_dummy(parent)
id = id + 1
local t={}
t.id=id
t.label = "..."
t.text = "..."
t.accountid = parent
t.sid64=utils.aid_to_sid64(parent)
t.gonetwork = true
nodes[#nodes+1]=t
links[#links+1]={from=assert(all_users[parent].id),to=assert(t.id),arrows='to'}
return t
end
local function verify(from,to)
local t = verifications[from]
if not t then t={} verifications[from]=t end
if t[to] then return end
t[to]=true
local tonode = all_users[to]
if not tonode then
error(to)
end
tonode.verifications = (tonode.verifications or 0) + 1
if tonode.verifications >=2 then
tonode.color = {
border = 'rgb(50,255,10)'
}
end
links[#links+1]={from=assert(all_users[from].id),to=assert(all_users[to].id),arrows='to'}
end
local visit
visit = function(accountid,n)
if visited[accountid] then return end
visited[accountid]=true
all_users[accountid]=new(accountid)
local has_verified = db.getby(accountid)
if not has_verified then return end
if n<0 then
if has_verified and #has_verified>0 then
new_dummy(accountid)
end
return
end
for _,t in next,has_verified do
local accountid_verified = t.accountid
visit(accountid_verified,n-1)
verify(accountid,accountid_verified)
end
end
visit(accountid_root,2)
for _=1,5 do
end
return templates.network{nodes=to_json(nodes),links=to_json(links)}
end))
return app