diff --git a/main.js b/main.js index 335c08a..0545a50 100644 --- a/main.js +++ b/main.js @@ -24,15 +24,15 @@ app.get("/v1/auth", (req, res) => { console.log(logTime); // Simple ratelimit - if(ipLog[req.ip] !== undefined){ - if(ipLog[req.ip] > Date.now()){ - ipLog[req.ip] = Date.now() + config.ratelimit - fs.writeFile("access.log", `${logTime} : ${req.ip} HIT RATE LIMIT\n`, { flag: "a" }, callback => {}); + if(ipLog[req.headers["x-real-ip"] != undefined ? req.headers["x-real-ip"] : req.ip] !== undefined){ + if(ipLog[req.headers["x-real-ip"] != undefined ? req.headers["x-real-ip"] : req.ip] > Date.now()){ + ipLog[req.headers["x-real-ip"] != undefined ? req.headers["x-real-ip"] : req.ip] = Date.now() + config.ratelimit + fs.writeFile("access.log", `${logTime} : ${req.headers["x-real-ip"] != undefined ? req.headers["x-real-ip"] : req.ip} HIT RATE LIMIT\n`, { flag: "a" }, callback => {}); return } } - ipLog[req.ip] = Date.now() + config.ratelimit + ipLog[req.headers["x-real-ip"] != undefined ? req.headers["x-real-ip"] : req.ip] = Date.now() + config.ratelimit let passed = true if(req.headers.username === undefined || req.headers.username.trim() === "" || req.headers.password === undefined || req.headers.password.trim() === "") passed = false @@ -52,12 +52,12 @@ app.get("/v1/auth", (req, res) => { } - fs.writeFile("access.log", `${logTime} : ${req.ip} API KEY REQUEST ${passed?"SUCCESS":"FAILED"}\n`, { flag: "a" }, callback => {}); + fs.writeFile("access.log", `${logTime} : ${req.headers["x-real-ip"] != undefined ? req.headers["x-real-ip"] : req.ip} API KEY REQUEST ${passed?"SUCCESS":"FAILED"}\n`, { flag: "a" }, callback => {}); }); app.get("/admin", (req, res) => { let logTime = getLogTime() - fs.writeFile("access.log", `${logTime} : ${req.ip} ACCESSED ADMIN PANEL\n`, { flag: "a" }, callback => {}); + fs.writeFile("access.log", `${logTime} : ${req.headers["x-real-ip"] != undefined ? req.headers["x-real-ip"] : req.ip} ACCESSED ADMIN PANEL\n`, { flag: "a" }, callback => {}); res.sendFile(__dirname + "/ui/index.html") }) @@ -82,7 +82,7 @@ app.get("/v1/admin-auth", (req,res) => { }else{ res.status(401).json({response:"Unauthorised", code:1}) } - fs.writeFile("access.log", `${logTime} : ${req.ip} LOGGED IN TO ADMIN PANEL ${passed?"SUCCESS":"FAILED"}\n`, { flag: "a" }, callback => {}); + fs.writeFile("access.log", `${logTime} : ${req.headers["x-real-ip"] != undefined ? req.headers["x-real-ip"] : req.ip} LOGGED IN TO ADMIN PANEL ${passed?"SUCCESS":"FAILED"}\n`, { flag: "a" }, callback => {}); }) @@ -108,7 +108,7 @@ app.put("/v1/api-key", (req, res) => { let logTime = getLogTime() let keypassed = checkKey(req.headers.key) if(!keypassed){ - fs.writeFile("access.log", `${logTime} : ${req.ip} TRIED TO ADD NEW API KEY : ${req.body.field} ${req.body.value}\n`, { flag: "a" }, callback => {}); + fs.writeFile("access.log", `${logTime} : ${req.headers["x-real-ip"] != undefined ? req.headers["x-real-ip"] : req.ip} TRIED TO ADD NEW API KEY : ${req.body.field} ${req.body.value}\n`, { flag: "a" }, callback => {}); return } if(req.body.value === undefined || req.body.value.trim() === "" || req.body.field === undefined || req.body.field.trim() === ""){ @@ -118,7 +118,7 @@ app.put("/v1/api-key", (req, res) => { apikeys[req.body.field] = req.body.value fs.writeFile("./db/apikeys.json", JSON.stringify(apikeys, null, 4), "utf8", c => {}) - fs.writeFile("access.log", `${logTime} : ${req.ip} ADDED A NEW API KEY : ${req.body.field} ${req.body.value}\n`, { flag: "a" }, callback => {}); + fs.writeFile("access.log", `${logTime} : ${req.headers["x-real-ip"] != undefined ? req.headers["x-real-ip"] : req.ip} ADDED A NEW API KEY : ${req.body.field} ${req.body.value}\n`, { flag: "a" }, callback => {}); res.json({response:"key added", code:0}) }) @@ -127,7 +127,7 @@ app.delete("/v1/api-key", (req, res) => { let logTime = getLogTime() let keypassed = checkKey(req.headers.key) if(!keypassed){ - fs.writeFile("access.log", `${logTime} : ${req.ip} TRIED TO DELETE API KEY : ${req.body.field}\n`, { flag: "a" }, callback => {}); + fs.writeFile("access.log", `${logTime} : ${req.headers["x-real-ip"] != undefined ? req.headers["x-real-ip"] : req.ip} TRIED TO DELETE API KEY : ${req.body.field}\n`, { flag: "a" }, callback => {}); return } if(req.body.field === undefined || req.body.field.trim() === ""){ @@ -137,7 +137,7 @@ app.delete("/v1/api-key", (req, res) => { delete apikeys[req.body.field] fs.writeFile("./db/apikeys.json", JSON.stringify(apikeys, null, 4), "utf8", c => {}) - fs.writeFile("access.log", `${logTime} : ${req.ip} DELETED API KEY : ${req.body.field}\n`, { flag: "a" }, callback => {}); + fs.writeFile("access.log", `${logTime} : ${req.headers["x-real-ip"] != undefined ? req.headers["x-real-ip"] : req.ip} DELETED API KEY : ${req.body.field}\n`, { flag: "a" }, callback => {}); res.json({response:"key removed", code:0}) }) @@ -145,7 +145,7 @@ app.get("/v1/api-key", (req, res) => { let logTime = getLogTime() let keypassed = checkKey(req.headers.key) if(!keypassed){ - fs.writeFile("access.log", `${logTime} : ${req.ip} TRIED TO GET API KEYS\n`, { flag: "a" }, callback => {}); + fs.writeFile("access.log", `${logTime} : ${req.headers["x-real-ip"] != undefined ? req.headers["x-real-ip"] : req.ip} TRIED TO GET API KEYS\n`, { flag: "a" }, callback => {}); return } res.json(apikeys) @@ -172,7 +172,7 @@ app.put("/v1/user", (req, res) => { let logTime = getLogTime() let keypassed = checkKey(req.headers.key) if(!keypassed){ - fs.writeFile("access.log", `${logTime} : ${req.ip} TRIED TO ADD NEW USER : ${req.body.username}\n`, { flag: "a" }, callback => {}); + fs.writeFile("access.log", `${logTime} : ${req.headers["x-real-ip"] != undefined ? req.headers["x-real-ip"] : req.ip} TRIED TO ADD NEW USER : ${req.body.username}\n`, { flag: "a" }, callback => {}); return } if(req.body.username === undefined || req.body.username.trim() === "" || req.body.password === undefined || req.body.password.trim() === ""){ @@ -182,7 +182,7 @@ app.put("/v1/user", (req, res) => { accounts[req.body.username] = bcrypt.hashSync(req.body.password, 12) fs.writeFile("./db/useraccounts.json", JSON.stringify(accounts, null, 4), "utf8", c => {}) - fs.writeFile("access.log", `${logTime} : ${req.ip} ADDED A NEW USER : ${req.body.username}\n`, { flag: "a" }, callback => {}); + fs.writeFile("access.log", `${logTime} : ${req.headers["x-real-ip"] != undefined ? req.headers["x-real-ip"] : req.ip} ADDED A NEW USER : ${req.body.username}\n`, { flag: "a" }, callback => {}); res.json({response:"user added", code:0}) }) @@ -191,7 +191,7 @@ app.delete("/v1/user", (req, res) => { let logTime = getLogTime() let keypassed = checkKey(req.headers.key) if(!keypassed){ - fs.writeFile("access.log", `${logTime} : ${req.ip} TRIED TO DELETE USER : ${req.body.username}\n`, { flag: "a" }, callback => {}); + fs.writeFile("access.log", `${logTime} : ${req.headers["x-real-ip"] != undefined ? req.headers["x-real-ip"] : req.ip} TRIED TO DELETE USER : ${req.body.username}\n`, { flag: "a" }, callback => {}); return } if(req.body.username === undefined || req.body.username.trim() === ""){ @@ -201,7 +201,7 @@ app.delete("/v1/user", (req, res) => { delete accounts[req.body.username] fs.writeFile("./db/useraccounts.json", JSON.stringify(accounts, null, 4), "utf8", c => {}) - fs.writeFile("access.log", `${logTime} : ${req.ip} DELETED USER : ${req.body.field}\n`, { flag: "a" }, callback => {}); + fs.writeFile("access.log", `${logTime} : ${req.headers["x-real-ip"] != undefined ? req.headers["x-real-ip"] : req.ip} DELETED USER : ${req.body.field}\n`, { flag: "a" }, callback => {}); res.json({response:"user removed", code:0}) }) @@ -209,7 +209,7 @@ app.get("/v1/user", (req, res) => { let logTime = getLogTime() let keypassed = checkKey(req.headers.key) if(!keypassed){ - fs.writeFile("access.log", `${logTime} : ${req.ip} TRIED TO GET USERS\n`, { flag: "a" }, callback => {}); + fs.writeFile("access.log", `${logTime} : ${req.headers["x-real-ip"] != undefined ? req.headers["x-real-ip"] : req.ip} TRIED TO GET USERS\n`, { flag: "a" }, callback => {}); return } res.json(accounts)