CRICS/streamupload
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Proper login

Browse Source
This commit is contained in:
pepa65 2022-09-12 15:11:23 +07:00
parent ab0e2818c0
commit 39dc99cbd6
8 changed files with 113 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1,3 +1,4 @@
vars vars
mailhash
process.log process.log
uploadpage/streams/* uploadpage/streams/*

3
_mailhash Normal file
View File

@ -0,0 +1,3 @@
# Separated by TABs: user/mail/bcrypt-hash
# Get hash: php -r "echo password_hash('$password', PASSWORD_BCRYPT);"
username e@ma.il $2y$10$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

21
encode
View File

@ -20,10 +20,16 @@ Log(){ # 1:message 2:returncode(empty: no exit) I:file
} }
Mail(){ # 1:kind(0:done, 1:wrong type, 2:encoding error) 2:logline I:repopath,email,name,type,start,finish Mail(){ # 1:kind(0:done, 1:wrong type, 2:encoding error) 2:logline I:repopath,email,name,type,start,finish
source "$repopath/vars" # I:umail,user,password,smtp,port source "$repopath/vars" # I:user,password,smtp,port
local sbj msg from="Stream Upload server" local sbj msg from="Stream Upload server"
# If proper email set, use it, otherwise it's the authusername: look up email declare -A mails
[[ $email = *@* ]] && to=$email || to=${umail[$email]} mapfile -t <"$repopath/mailhash"
for line in "${MAPFILE[@]}"
do [[ ${line:0:1} = '#' ]] && continue
l=${line%$'\t'*} mails[${l%$'\t'*}]=${l#*$'\t'}
done
# If proper email set, strip ':', otherwise it's the user: look up email
[[ $email ]] && to=${email:1} || to=${mails[$email]}
[[ $port ]] || port=587 [[ $port ]] || port=587
sbj[0]="Stream Upload encoding done for ${name##*@}" sbj[0]="Stream Upload encoding done for ${name##*@}"
sbj[1]="Stream Upload file wrong type: $type" sbj[1]="Stream Upload file wrong type: $type"
@ -32,12 +38,12 @@ Mail(){ # 1:kind(0:done, 1:wrong type, 2:encoding error) 2:logline I:repopath,em
msg[1]="Heya,\n\nThe file '$name' from $start is of type '$type' and could not be used.\n\nStream Upload server\n" msg[1]="Heya,\n\nThe file '$name' from $start is of type '$type' and could not be used.\n\nStream Upload server\n"
msg[2]="Heya,\n\nThe file '$name' started encoding on $start but ran into an error on $finish.\n\nStream Upload server\n" msg[2]="Heya,\n\nThe file '$name' started encoding on $start but ran into an error on $finish.\n\nStream Upload server\n"
if [[ $to && $user && $password && $smtp && $port ]] if [[ $to && $user && $password && $smtp && $port ]]
then then # All ingredients for a mail present
mailer -m "$(echo -e "${msg[$1]}")" -t "$to" -s "${sbj[$1]}" -u "$user" -p "$password" -S "$smtp" -P "$port" -f "$from" && mailer -m "$(echo -e "${msg[$1]}")" -t "$to" -s "${sbj[$1]}" -u "$user" -p "$password" -S "$smtp" -P "$port" -f "$from" &&
Log "== Mail with subject '${sbj[$1]}' sent to $to" || Log "== Mail with subject '${sbj[$1]}' sent to $to" ||
Log "== Mail with subject '${sbj[$1]}' failed to send" Log "== Mail with subject '${sbj[$1]}' failed to send"
Log "Start encoding on $start, finished on $finish" Log "Start encoding on $start, finished on $finish"
else else # Can't send
Log "== Mail with subject '${sbj[$1]}' could not be sent" Log "== Mail with subject '${sbj[$1]}' could not be sent"
(($1==2)) && Log "Start encoding on $start, error on $finish" (($1==2)) && Log "Start encoding on $start, error on $finish"
fi fi
@ -46,12 +52,9 @@ Mail(){ # 1:kind(0:done, 1:wrong type, 2:encoding error) 2:logline I:repopath,em
# Rename upload and check type # Rename upload and check type
file=${upload%.upload} video=$file.mp4 name=${file##*/} key=${name%%.*} file=${upload%.upload} video=$file.mp4 name=${file##*/} key=${name%%.*}
rest=${name#*.} date=${rest:0:15} _=${rest:15} email=${_%@*} rest=${name#*.} date=${rest:0:15} _=${rest:16} username=${_%%:*} _=${_%@*} email=${_#${username}}
mv "$upload" "$file" mv "$upload" "$file"
# Strip the '_' if email set
[[ $email ]] && email=${email:1}
type=$(file -bL --mime-type "$file") type=$(file -bL --mime-type "$file")
[[ ! ${type:0:5} = video ]] && Mail 1 "File $name is of type $type" [[ ! ${type:0:5} = video ]] && Mail 1 "File $name is of type $type"

9
uploadpage/check.php Normal file
View File

@ -0,0 +1,9 @@
<?php // INCLUDE: Redirect to login.php if not authorized
session_start();
if(isset($_POST['logoff'])){ // Logout attempt: logout
unset($_SESSION['user']);
}
if(!isset($_SESSION['user'])){ // Not logged in: login
header('Location: login.php');
}
?>

33
uploadpage/index.php
View File

@ -1,32 +1,28 @@
<!DOCTYPE html> <?php // Schedule page
require "check.php";
$user=$_SESSION['user'];
print('<!DOCTYPE html>
<meta charset="utf-8"> <meta charset="utf-8">
<title>Stream Upload</title> <title>Stream Upload scheduling</title>
<link rel="icon" href="favicon.png"> <link rel="icon" href="favicon.png">
<link rel="stylesheet" href="page.css"> <link rel="stylesheet" href="page.css">
<script> <script>
function respond(){ function respond(){
const feedback = document.getElementById('response'); const feedback = document.getElementById("response");
feedback.innerHTML = '<b>File is uploading</b>'; feedback.innerHTML = "<b>File is uploading</b>";
} }
</script> </script>
<div class="container"> <div class="container">
<div class="incontainer"> <div class="incontainer">
<table> <table>
<?php
$headers=getallheaders();
$authuser=$headers['X-User'];
if($authuser!==''){
print('
<form action="'.(isset($_SERVER['HTTPS']) ? 'https' : 'http').'://nouser:wrongpw@'.$_SERVER['HTTP_HOST'].'" method="post">
<tr><td></td><td align="center"><h1>Stream Upload</h1></td></tr> <tr><td></td><td align="center"><h1>Stream Upload</h1></td></tr>
<tr> <tr>
<td class="left">User:</td> <td class="left">User:</td>
<td class="right"><b>'.$authuser.'</b></td> <td class="right"><b>'.$user.'</b></td>
<td><input class="shiftleft" type="submit" value="Logoff"></td></tr> <form action="check.php" method="post">
</form>'); <td><input class="shiftleft" type="submit" name="logoff" value="Logoff"></td>
} </form></tr>
print('<form action="'.(isset($_SERVER['HTTPS']) ? 'https' : 'http').'://'.$_SERVER['HTTP_HOST'].'/upload.php" method="post" enctype="multipart/form-data" onsubmit="respond()">'); <form action="upload.php" method="post" enctype="multipart/form-data" onsubmit="respond()">
?>
<tr> <tr>
<td>Target:</td> <td>Target:</td>
<td> <td>
@ -49,10 +45,11 @@ if($authuser!==''){
<td class="left">Notify email:</td> <td class="left">Notify email:</td>
<td class="right"><input type="email" name="email" title="Not required"></td></tr> <td class="right"><input type="email" name="email" title="Not required"></td></tr>
<tr><td><br></td></tr> <tr><td><br></td></tr>
<tr><td></td><td><input type="submit" value="Schedule Stream" name="submit"></td></tr> <tr><td></td><td><input type="submit" value="Schedule Stream" name="schedule"></td></tr>
<tr><td><br></td></tr> <tr><td><br></td></tr>
<tr><td align=center colspan="2" id="response"></td></tr> <tr><td align=center colspan="2" id="response"></td></tr>
</form> </form>
</table> </table>
</div> </div>
</div> </div>');
?>

49
uploadpage/login.php Normal file
View File

@ -0,0 +1,49 @@
<?php // Login page
session_start();
$user=$_POST['user'];
if(!empty($user)){ // Login attempt
// Read hash and check password
$mh=file(__DIR__.'/../mailhash',FILE_IGNORE_NEW_LINES & FILE_SKIP_EMPTY_LINES);
foreach($mh as $line){
if(substr($line, 0, 1)!='#'){
$field=explode("\t", trim($line, "\n"));
$hashes[$field[0]]=$field[2];
if($field[0]==$user){
if(password_verify($_POST['password'], $field[2])){ // Password correct: login
$_SESSION['user']=$user;
header('Location: index.php');
exit;
}
}
}
}
}
// New login attempt
print('<!DOCTYPE html>
<meta charset="utf-8">
<title>Stream Upload login</title>
<link rel="icon" href="favicon.png">
<link rel="stylesheet" href="page.css">
<div class="container">
<div class="incontainer">
<table>
<tr><td></td><td align="center"><h1>Stream Upload</h1></td></tr>');
if(isset($_POST['login'])){
print('
<tr><td></td><td><b>Invalid User or Password</b></td></tr>');
}
print('
<form action="login.php" method="post">
<tr>
<td>User:</td>
<td><input type="text" name="user" required title="string of 0-9, a-z, A-Z" pattern="[a-zA-Z0-9]+"></td></tr>
<tr>
<td class="left">Password:</td>
<td class="right"><input type="password" name="password" required></td></tr>
<tr><td></td><td><input type="submit" name="login" value="Login"></td></tr>
</form>
</table>
</div>
</div>');
?>

2
uploadpage/page.css
View File

@ -37,7 +37,7 @@ body {
max-width:450px; max-width:450px;
} }
p { p {
flex-wrap: nowrap; flex-wrap:nowrap;
} }
table { table {
width:100%; width:100%;

40
uploadpage/upload.php
View File

@ -1,28 +1,36 @@
<?php <?php // Encode page
error_reporting(E_ALL); session_start();
$headers=getallheaders(); require "check.php";
$authuser=$headers['X-User']; if(!isset($_POST['schedule'])){ // If not post: start again
if($_SERVER['REQUEST_METHOD']!=='POST'){ header('Location: index.php');
header('Location: /');
} }
function Back($msg){ function Back($msg){
print('<p>'.$msg.'</p> print('<p>'.$msg.'</p>
<form action="'.(isset($_SERVER['HTTPS']) ? 'https' : 'http').'://'.$_SERVER['HTTP_HOST'].'" method="post"> <form action="index.php" method="post">
<input type="submit" value="Upload another file" name="submit"> <input type="submit" value="Upload another file" name="submit">
</form></div>'); </form></div>');
exit; exit;
} }
header('Content-type: text/html; charset=utf-8'); // Get mails
$mh=file(__DIR__.'/../mailhash',FILE_IGNORE_NEW_LINES & FILE_SKIP_EMPTY_LINES);
foreach($mh as $line){
if(substr($line, 0, 1)!='#'){
$field=explode("\t", $line);
$mails[$field[0]]=$field[1];
}
}
$upload=htmlspecialchars(basename($_FILES['file']['name'])); $upload=htmlspecialchars(basename($_FILES['file']['name']));
$key=$_POST['streamkey']; $key=$_POST['streamkey'];
$datetime=$_POST['datetime']; $datetime=$_POST['datetime'];
$email=$_POST['email']; $email=$_POST['email'];
$user=$_SESSION['user'];
if($email){ if($email){
$email='_'.$email; $to=$email;
} else { $email=':'.$email;
$email='_'.$authuser; }else{
$to=$mails[$user];
} }
$date=substr($datetime, 0, 10); $date=substr($datetime, 0, 10);
$hour=substr($datetime, 11, 2); $hour=substr($datetime, 11, 2);
@ -30,16 +38,16 @@ $min=substr($datetime, 14, 2);
$time=$hour.$min; $time=$hour.$min;
$target=$_POST['target']; $target=$_POST['target'];
$dir='streams/'; $dir='streams/';
$name=$key.'.'.$date.'_'.$time.$email.'@'.$target; $name=$key.'.'.$date.'_'.$time.'_'.$user.$email.'@'.$target;
$file=$dir.$name.'.upload'; $file=$dir.$name.'.upload';
print('<!DOCTYPE html> print('<!DOCTYPE html>
<meta charset="utf-8"> <meta charset="utf-8">
<title>Encoding</title> <title>Stream Upload encoding</title>
<link rel="icon" href="favicon.png"> <link rel="icon" href="favicon.png">
<link rel="stylesheet" href="page.css"> <link rel="stylesheet" href="page.css">
<div class="container"> <div class="container">
<h1>Encoding</h1> <h1>Encoding</h1>
'.($authuser==='' ? '' : '<p>For: <b>'.$authuser.'</b></p>').' <p>For: <b>'.$user.'</b></p>
<p>File: <b>'.$upload.'</b></p>'); <p>File: <b>'.$upload.'</b></p>');
if(preg_match('/20[0-9][0-9]-[0-1][0-9]-[0-3][0-9]T[0-2][0-9]:[0-6][0-9]/', $datetime)===false){ if(preg_match('/20[0-9][0-9]-[0-1][0-9]-[0-3][0-9]T[0-2][0-9]:[0-6][0-9]/', $datetime)===false){
Back('Date/time somehow incorrect: '.$datetime); Back('Date/time somehow incorrect: '.$datetime);
@ -60,8 +68,6 @@ if(!move_uploaded_file($_FILES['file']['tmp_name'], $file)){
} }
print('<p>File is now being encoded to <b>'.$name.'.mp4</b></p>'); print('<p>File is now being encoded to <b>'.$name.'.mp4</b></p>');
if($email){ print('<p>When done, an email will be sent to <b>'.$to.'</b></p>');
print('<p>When done, an email will be sent to <b>'.substr($email,1).'</b></p>');
}
Back('Scheduling for <b>'.$date.'</b> at <b>'.$hour.':'.$min.'</b>h on <b>'.$target.'</b>'); Back('Scheduling for <b>'.$date.'</b> at <b>'.$hour.':'.$min.'</b>h on <b>'.$target.'</b>');
?> ?>