tesses50/crosslangextras
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

Make CPKG more complete
All checks were successful
Build and Deploy on Tag / update-tap (push) Successful in 43s
Details

Browse Source
This commit is contained in:
Mike Nolan
2026-05-08 01:40:51 -05:00
parent 4f7be79841
commit ea45c4c4f5
21 changed files with 971 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.gitignore vendored
View File

@@ -7,4 +7,8 @@ tmp
*.vsix
vscode-extension/out
vscode-extension/package-lock.json
vscode-extension/node-modules
vscode-extension/node-modules
Packages
Tesses.CrossLang.PackageServer/conf.json
Tesses.CrossLang.PackageServer/data.db
Temp

8
Changelog.md Normal file
View File

@@ -0,0 +1,8 @@
## Changelog
## v0.0.1
Make CPKG more complete
## v0.0.0
Migrate to Gitea

2
README.md
View File

@@ -2,7 +2,7 @@
> :warning: **NOT READY FOR PRODUCTION, BECAUSE IT MAY (WILL) HAVE BREAKING CHANGES**
[CrossLang](https://gitea.site.tesses.net/tesses50/crosslang) is required to build this
[CrossLang](https://git.tesses.org/tesses50/crosslang) is required to build this
# To Build
```bash

23
Tesses.CrossLang.PackageServer/src/backend/accounts.tcross
View File

@@ -66,7 +66,8 @@ func DB.CreateUserFromAdmin(email, name, password, flags)
var res = {Success=true};
DB.Lock();
var dbCon = DB.Open();
exec = Sqlite.Exec(dbCon,$"SELECT * FROM accounts WHERE accountName = {Sqlite.Escape(name)};");
var exec = Sqlite.Exec(dbCon,$"SELECT * FROM accounts WHERE accountName = {Sqlite.Escape(name)};");
if(TypeOf(exec) == "List" && exec.Length > 0)
{
res = {Success=false, Reason = "Name already exists"};
@@ -75,8 +76,8 @@ func DB.CreateUserFromAdmin(email, name, password, flags)
{
var salt = Crypto.RandomBytes(32, "CPKG");
var hash = Crypto.PBKDF2(password, salt, DB.ITTR,64,384);
var r = Sqlite.Exec(dbCon,$"INSERT INTO accounts (email, accountName, password_hash, password_salt, verifyExpire, flags) values ({Sqlite.Escape(email)},{Sqlite.Escape(name)},{Sqlite.Escape(Crypto.Base64Encode(hash))},{Sqlite.Escape(Crypto.Base64Encode(salt))},{0},{flags});");
const now = DateTime.NowEpoch ?? 0;
var r = Sqlite.Exec(dbCon,$"INSERT INTO accounts (email, accountName, password_hash, password_salt, verifyExpire, flags, created, verified) values ({Sqlite.Escape(email)},{Sqlite.Escape(name)},{Sqlite.Escape(Crypto.Base64Encode(hash))},{Sqlite.Escape(Crypto.Base64Encode(salt))},{0},{flags},{now},{now});");
if(TypeOf(r) == "String") res = {Success = false, Reason = r};
res = {Success=true};
}
@@ -87,8 +88,12 @@ func DB.CreateUserFromAdmin(email, name, password, flags)
var verify_hash = Crypto.RandomBytes(32, "CPKG");
var verify_hash_str = Crypto.Base64Encode(verify_hash);
var r = Sqlite.Exec(dbCon,$"INSERT INTO accounts (email, accountName, password_hash, password_salt, verifyKey, verifyExpire, flags) values ({Sqlite.Escape(email)},{Sqlite.Escape(name)},{Sqlite.Escape(Crypto.Base64Encode(hash))},{Sqlite.Escape(Crypto.Base64Encode(salt))},{Sqlite.Escape(verify_hash_str)},{DateTime.NowEpoch+600},{flags});");
const now = DateTime.NowEpoch ?? 0;
const resp = $"INSERT INTO accounts (email, accountName, password_hash, password_salt, verifyKey, verifyExpire, flags, created, verified) values ({Sqlite.Escape(email)},{Sqlite.Escape(name)},{Sqlite.Escape(Crypto.Base64Encode(hash))},{Sqlite.Escape(Crypto.Base64Encode(salt))},{Sqlite.Escape(verify_hash_str)},{now+600},{flags},{now},0);";
Console.WriteLine(resp);
var r = Sqlite.Exec(dbCon, resp);
Console.WriteLine(r);
if(TypeOf(r) == "String") res = {Success = false, Reason = r};
if(DB.Config.MailConfig)
@@ -111,8 +116,8 @@ func DB.CreateUser(email, name, password)
var salt = Crypto.RandomBytes(32, "CPKG");
var hash = Crypto.PBKDF2(password, salt, DB.ITTR,64,384);
var r = Sqlite.Exec(dbCon,$"INSERT INTO accounts (email, accountName, password_hash, password_salt, flags) values ({Sqlite.Escape(email)},{Sqlite.Escape(name)},{Sqlite.Escape(Crypto.Base64Encode(hash))},{Sqlite.Escape(Crypto.Base64Encode(salt))},{DB.FLAG_ADMIN|DB.FLAG_VERIFIED});");
const now = DateTime.NowEpoch ?? 0;
var r = Sqlite.Exec(dbCon,$"INSERT INTO accounts (email, accountName, password_hash, password_salt, flags, created, verified) values ({Sqlite.Escape(email)},{Sqlite.Escape(name)},{Sqlite.Escape(Crypto.Base64Encode(hash))},{Sqlite.Escape(Crypto.Base64Encode(salt))},{DB.FLAG_ADMIN|DB.FLAG_VERIFIED},{now},{now});");
if(TypeOf(r) == "String") res = {Success = false, Reason = r};
}
@@ -146,8 +151,8 @@ func DB.CreateUser(email, name, password)
var verify_hash = Crypto.RandomBytes(32, "CPKG");
var verify_hash_str = Crypto.Base64Encode(verify_hash);
var r = Sqlite.Exec(dbCon,$"INSERT INTO accounts (email, accountName, password_hash, password_salt, verifyKey, verifyExpire, flags) values ({Sqlite.Escape(email)},{Sqlite.Escape(name)},{Sqlite.Escape(Crypto.Base64Encode(hash))},{Sqlite.Escape(Crypto.Base64Encode(salt))},{Sqlite.Escape(verify_hash_str)},{DateTime.NowEpoch+600},{DB.FLAG_VERIFY});");
const now = DateTime.NowEpoch ?? 0;
var r = Sqlite.Exec(dbCon,$"INSERT INTO accounts (email, accountName, password_hash, password_salt, verifyKey, verifyExpire, flags, created, verified) values ({Sqlite.Escape(email)},{Sqlite.Escape(name)},{Sqlite.Escape(Crypto.Base64Encode(hash))},{Sqlite.Escape(Crypto.Base64Encode(salt))},{Sqlite.Escape(verify_hash_str)},{now+600},{DB.FLAG_VERIFY},{now},0);");
if(TypeOf(r) == "String") {res = {Success = false, Reason = r};}
else {
if(DB.Config.MailConfig)

5
Tesses.CrossLang.PackageServer/src/backend/db.tcross
View File

@@ -105,8 +105,8 @@ func DB.Init(working)
var dbCon = DB.Open();
Sqlite.Exec(dbCon,"CREATE TABLE IF NOT EXISTS packages (id INTEGER PRIMARY KEY AUTOINCREMENT, packageName TEXT UNIQUE, accountId INTEGER);");
Sqlite.Exec(dbCon,"CREATE TABLE IF NOT EXISTS versions (id INTEGER PRIMARY KEY AUTOINCREMENT, packageId INTEGER, version INTEGER, description TEXT, type TEXT, maintainer TEXT, homepage TEXT, repo TEXT, license TEXT, uploadTime INTEGER, pluginHost TEXT);");
Sqlite.Exec(dbCon,"CREATE TABLE IF NOT EXISTS accounts (id INTEGER PRIMARY KEY AUTOINCREMENT, email TEXT UNIQUE, accountName TEXT UNIQUE, password_hash TEXT, password_salt TEXT, motto TEXT, verifyKey TEXT UNIQUE, verifyExpire INTEGER, flags INTEGER);");
Sqlite.Exec(dbCon,"CREATE TABLE IF NOT EXISTS sessions (id INTEGER PRIMARY KEY AUTOINCREMENT, accountId INTEGER, key STRING UNIQUE);");
Sqlite.Exec(dbCon,"CREATE TABLE IF NOT EXISTS accounts (id INTEGER PRIMARY KEY AUTOINCREMENT, email TEXT UNIQUE, accountName TEXT UNIQUE, password_hash TEXT, password_salt TEXT, motto TEXT, verifyKey TEXT UNIQUE, verifyExpire INTEGER, flags INTEGER, created INTEGER, verified INTEGER);");
Sqlite.Exec(dbCon,"CREATE TABLE IF NOT EXISTS sessions (id INTEGER PRIMARY KEY AUTOINCREMENT, accountId INTEGER, key STRING UNIQUE, expires INTEGER, created INTEGER, name TEXT);");
Sqlite.Exec(dbCon,"CREATE TABLE IF NOT EXISTS reserved_prefixes (id INTEGER PRIMARY KEY AUTOINCREMENT, accountId INTEGER, prefix STRING UNIQUE);");
Sqlite.Close(dbCon);
}
@@ -119,5 +119,6 @@ DB.FLAG_VERIFY = 0b00000100;
DB.ITTR = 35000;
DB.Expires = 86400*7;

3
Tesses.CrossLang.PackageServer/src/backend/email.tcross
View File

@@ -151,7 +151,8 @@ func DB.VerifyEmail(verifyKey)
{
flags &= ~DB.FLAG_VERIFY;
flags |= DB.FLAG_VERIFIED;
Sqlite.Exec(dbCon,$"UPDATE accounts SET flags = {flags} WHERE id = {exec[0].id};");
const now = DateTime.NowEpoch;
Sqlite.Exec(dbCon,$"UPDATE accounts SET flags = {flags} WHERE id = {exec[0].id}, verified = {now};");
Sqlite.Close(dbCon);
DB.Unlock();
return { Success=true };

42
Tesses.CrossLang.PackageServer/src/backend/package.tcross
View File

@@ -457,4 +457,44 @@ func DB.QueryReservedPrefixes(name)
Success=true,
Items = items
};
}
}
func DB.DownloadPackage(log,userId,server, name, version)
{
Console.WriteLine("INDLPKG");
if(!DB.CanUploadPackagePrefix(userId,name)) return;
var res = DB.PackageExists(userId, {Name = name, Version = Version.Parse(version)});
if(res == 2 || res == 4) return;
const resp=Net.Http.MakeRequest($"{server.TrimEnd('/')}/api/v1/download?name={Net.Http.UrlEncode(name)}&version={Net.Http.UrlEncode(version)}",{FollowRedirects=true});
if(resp.StatusCode >= 200 && resp.StatusCode <= 299)
{
var filePath = DB.working / "Temp" / $"{DB.GetUniqueNumber()}.crvm";
var strm = FS.Local.OpenFile(filePath,"wb");
resp.CopyToStream(strm);
strm.Close();
resp.Close();
//we need to load the exec, because the main thing erases it
strm = FS.Local.OpenFile(filePath,"rb");
const exec = VM.LoadExecutable(strm);
strm.Close();
const status = DB.UploadPackage(userId, filePath);
if(status.Success)
{
each(var item in exec.Dependencies)
{
DB.DownloadPackage(log, userId, server, item.Name, item.Version.ToString());
}
each(var item in exec.Tools)
{
DB.DownloadPackage(log, userId, server, item.Name, item.Version.ToString());
}
}
else {
log($"Failed to add package: {name} with {version}");
}
}
}

54
Tesses.CrossLang.PackageServer/src/backend/session.tcross
View File

@@ -4,12 +4,37 @@ func DB.GetUserIdFromSession(session)
var dbCon = DB.Open();
var exec = Sqlite.Exec(dbCon,$"SELECT * FROM sessions WHERE key = {Sqlite.Escape(session)};");
Sqlite.Close(dbCon);
DB.Unlock();
if(TypeOf(exec) == "List" && exec.Length == 1) return ParseLong(exec[0].accountId);
if(TypeOf(exec) == "List" && exec.Length == 1)
{
var expiry = 0;
const expires = ParseLong(exec[0].expires);
if(TypeIsLong(expires) && expires != 0)
{
const whenItExpires = ParseLong(expires);
const currentTime = DateTime.NowEpoch ?? 0;
if(whenItExpires != 0 && currentTime < whenItExpires && (whenItExpires - currentTime) < (DB.Expires-3600))
{
expiry = currentTime + DB.Expires;
Sqlite.Exec(dbCon, $"UPDATE sessions SET expires = {expiry} WHERE key = {Sqlite.Escape(session)};");
}
else if(whenItExpires != 0 && currentTime >= whenItExpires)
{
Sqlite.Exec(dbCon, $"DELETE FROM sessions WHERE key = {Sqlite.Escape(session)};");
Sqlite.Close(dbCon);
DB.Unlock();
return null;
}
return -1;
}
Sqlite.Close(dbCon);
DB.Unlock();
return { accountId = ParseLong(exec[0].accountId), expiry };
}
Sqlite.Close(dbCon);
DB.Unlock();
return null;
}
func DB.GetSessionFromBearer(ctx)
{
@@ -20,7 +45,7 @@ func DB.GetSessionFromBearer(ctx)
if(auth.Length < 2) return null;
if(auth[0] != "Bearer") return null;
var uid = DB.GetUserIdFromSession(auth[1]);
if(uid != -1) return auth[1];
if(TypeIsDictionary(uid)) return auth[1];
}
return null;
}
@@ -37,23 +62,34 @@ func DB.GetSession(ctx)
if(cookieKV.Length == 2 && cookieKV[0] == "Session")
{
var session = cookieKV[1];
var sessionId = DB.GetUserIdFromSession(session);
var sessionObj = DB.GetUserIdFromSession(session);
if(sessionId != -1)
if(TypeIsDictionary(sessionObj))
{
if(sessionObj.expiry > 0)
{
ctx.WithHeader("Set-Cookie",$"Session={session}; SameSite=Lax; Expires={new DateTime(sessionObj.expiry).ToHttpDate()}");
}
return session;
}
}
}
}
}
return null;
}
func DB.CreateSession(userId)
func DB.CreateSession(userId, doesExpire, name)
{
const now = DateTime.NowEpoch;
const expiryTime = doesExpire ? (DB.Expires + now) : 0;
DB.Lock();
var dbCon = DB.Open();
var rand = Net.Http.UrlEncode(Crypto.Base64Encode(Crypto.RandomBytes(32, "CPKG")));
Sqlite.Exec(dbCon, $"INSERT INTO sessions (accountId,key) VALUES ({userId},{Sqlite.Escape(rand)});");
Sqlite.Exec(dbCon,$"INSERT INTO sessions (accountId,key, expires, created, name) VALUES ({userId},{Sqlite.Escape(rand)},{Sqlite.Escape(expiryTime)},{Sqlite.Escape(now)}, {Sqlite.Escape(name)});");
Sqlite.Close(dbCon);
DB.Unlock();
return rand;

15
Tesses.CrossLang.PackageServer/src/pages/account.tcross
View File

@@ -81,8 +81,18 @@ func Pages.Account(ctx)
<if(TypeOf(user) == "Dictionary")>
<true>
<h1>{user.accountName}</h1>
<a href={$"./packages?account={Net.Http.UrlEncode(name)}"}>Packages</a>|<a href={$"./reserved_prefixes?name={Net.Http.UrlEncode(name)}"}>Reserved Prefixes</a>
<h6>Created: {new DateTime(ParseLong(user.created)).ToString("%Y/%m/%d %H:%M:%S UTC")}</h6>
<if(user.verified != "0")>
<true>
<h6>Verified: {new DateTime(ParseLong(user.verified)).ToString("%Y/%m/%d %H:%M:%S UTC")}</h6>
</true>
<false>
<h6>Not verified</h6>
</false>
</if>
<div>
<a href={$"./packages?account={Net.Http.UrlEncode(name)}"}>Packages</a> | <a href={$"./reserved_prefixes?name={Net.Http.UrlEncode(name)}"}>Reserved Prefixes</a>
</div>
<if(active.active)>
<true>
@@ -100,6 +110,7 @@ func Pages.Account(ctx)
<a class="btn btn-secondary" href="./admin">Admin</a>
</true>
</if>
<a class="btn btn-info" href="./sessions">Sessions</a>
<a class="btn btn-danger" href="./delete_packages">Delete Packages</a>
<a class="btn btn-danger" href="./logout">Logout</a>
</form>

91
Tesses.CrossLang.PackageServer/src/pages/admin.tcross
View File

@@ -33,6 +33,95 @@ func Pages.Admin(ctx)
//we have authorization
switch(action2)
{
case "cache_package":
{
const userInfo = DB.GetUserIdFromSession(active.session);
const url = ctx.QueryParams.TryGetFirst("url");
if(!TypeIsString(url) || url.Length == 0 || !url.Contains("/package?name=") || !TypeIsDictionary(userInfo))
{
ctx.StatusCode = 400;
return Shell("Invalid input", pages,<h1>Invalid Input</h1>);
}
const components=url.Split("/package?name=");
if(components.Length < 2)
{
ctx.StatusCode = 400;
return Shell("Invalid input", pages,<h1>Invalid Input</h1>);
}
const strm = ctx.WithMimeType("text/html").OpenResponseStream();
const textWriter = new StreamWriter(strm);
textWriter.Write("<!DOCTYPE html><html lang=\"en\"><head><meta charset=\"UTF-8\"><meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\"><meta name=\"color-scheme\" content=\"dark light\"></head><body>");
var finished = false;
var errors = "";
const thread = new Thread(()=>{
func log(err)
{
errors += "{err}\n";
}
const server = components[0];
const name = Net.Http.UrlDecode(components[1]);
try {
const resp=Net.Http.MakeRequest($"{server.TrimEnd('/')}/api/v1/versions?name={Net.Http.UrlEncode(name)}",{FollowRedirects=true});
if(resp.StatusCode >= 200 && resp.StatusCode <= 299)
{
const respJson = resp.ReadAsJson();
resp.Close();
if(respJson.success)
{
if(TypeIsList(respJson.versions))
{
each(var item in respJson.versions)
{
if(TypeIsString(item.version))
{
DB.DownloadPackage(log,userInfo.accountId,server, name, item.version);
}
}
}
else {
log("versions is not list");
}
}
else
{
log("versions json does not indicate success");
}
}
else {
log($"Status code does not indicate success {resp.StatusCode} {Net.Http.StatusCodeString(resp.StatusCode)}");
}
} catch(ex) {
log(ex.ToString());
}
finished=true;
});
while(!finished)
{
textWriter.Write(".");
DateTime.Sleep(1000);
}
errors = Net.Http.HtmlEncode(errors).Replace("\n","<br>");
textWriter.Write($"{}<br>Done <a href=\"./admin\">Go Back</a></body></html>");
thread.Join();
return null;
}
break;
case "server_config":
{
var prefix = ctx.QueryParams.TryGetFirst("prefix");
@@ -129,7 +218,7 @@ func Pages.Admin(ctx)
</fieldset>
<fieldset class="border p-2">
<legend class="float-none w-auto">Accounts</legend>
<form action="./admin_account" method="get">
<form action="./admin_accounts" method="get">
<div class="mb-3">
<label for="account" class="form-label">Account Name</label>
<input class="form-control" name="account" id="account" type="text" placeholder="Account Name" aria-label="Account Name">

305
Tesses.CrossLang.PackageServer/src/pages/admin_account.tcross Normal file
View File

@@ -0,0 +1,305 @@
func Pages.AdminAccount(ctx)
{
var active = DB.LoginButton(ctx,false,"");
var csrf="";
var pages = [
{
active = false,
route = "/packages",
text = "Packages"
},
{
active = false,
route = "/upload",
text = "Upload"
},
active
];
if(!active.admin) ctx.StatusCode = 401;
if(ctx.Method == "POST")
{
var csrf2 = ctx.QueryParams.TryGetFirst("csrf");
if(!active.admin) {ctx.StatusCode = 401; return Shell("Not an admin", pages,<h1>Not an admin</h1>);}
if(TypeOf(csrf2) != "String") {ctx.StatusCode = 401; return Shell("Invalid CSRF", pages,<h1>Invalid CSRF</h1>);}
if(DB.VerifyCSRF(active.session, csrf2))
{
const oldname = ctx.QueryParams.TryGetFirst("oldname");
const newname = ctx.QueryParams.TryGetFirst("newname");
const motto = ctx.QueryParams.TryGetFirst("motto") ?? "";
const admin = ctx.QueryParams.GetFirstBoolean("admin");
const verified = ctx.QueryParams.GetFirstBoolean("verified");
if(TypeIsString(oldname) && TypeIsString(newname))
{
const userInfo = DB.GetAccountInfo(oldname);
if(TypeIsDictionary(userInfo))
{
var flags = ParseLong(userInfo.flags);
//CREATE TABLE IF NOT EXISTS accounts
//(id INTEGER PRIMARY KEY AUTOINCREMENT, email TEXT UNIQUE, accountName TEXT UNIQUE,
//password_hash TEXT, password_salt TEXT, motto TEXT, verifyKey TEXT UNIQUE,
//verifyExpire INTEGER, flags INTEGER, created INTEGER, verified INTEGER);
const wasVerified = (flags & DB.FLAG_VERIFIED) != 0;
if(userInfo.accountName != active.text)
{
if(!admin)
{
flags &= ~DB.FLAG_ADMIN;
}
if(!verified)
{
flags |= DB.FLAG_VERIFY;
flags &= ~DB.FLAG_VERIFIED;
}
}
if(admin)
{
flags |= DB.FLAG_ADMIN;
}
if(verified)
{
flags |= DB.FLAG_VERIFIED;
flags &= ~DB.FLAG_VERIFY;
}
DB.Lock();
const dbCon = DB.Open();
if(!wasVerified && verified)
{
Sqlite.Exec(dbCon, $"UPDATE accounts SET accountName = {Sqlite.Escape(newname)}, motto = {Sqlite.Escape(motto)}, flags = {Sqlite.Escape(flags)}, verified = {Sqlite.Escape(DateTime.NowEpoch ?? 0)} WHERE id = {Sqlite.Escape(userInfo.id)};");
}
else {
Sqlite.Exec(dbCon, $"UPDATE accounts SET accountName = {Sqlite.Escape(newname)}, motto = {Sqlite.Escape(motto)}, flags = {Sqlite.Escape(flags)} WHERE id = {Sqlite.Escape(userInfo.id)};");
}
Sqlite.Close(dbCon);
DB.Unlock();
ctx.StatusCode=303;
ctx.ResponseHeaders.SetValue("Location", "/admin_accounts");
return Shell("Redirect",pages,
<null>
<h1>Redirecting</h1>
Click <a href="/admin_accounts">here</a> if it does not redirect
</null>
);
}
}
ctx.StatusCode=400;
return Shell("Must need a user",pages,
<null>
<h1>Must need a user</h1>
Click <a href="/admin_accounts">here</a> to go back to admin list
</null>
);
}
else
{
ctx.StatusCode = 401; return Shell("Invalid CSRF", pages,<h1>Invalid CSRF</h1>);
}
}
const name = ctx.QueryParams.TryGetFirst("account");
const page = ctx.QueryParams.TryGetFirstInt("page") ?? 1;
var cur = (page - 1) % 3;
var firstPage = (page-1) - cur;
var userInfo = null;
var motto_ta = "";
const list = [];
if(active.admin && TypeIsString(name))
{
userInfo = DB.GetAccountInfo(name);
if(!TypeIsDictionary(userInfo))
{
if(TypeIsString(userInfo) && userInfo == "No such user exists")
ctx.StatusCode = 404;
else
ctx.StatusCode = 500;
}
else {
csrf = DB.CreateCSRF(ctx);
motto_ta = TypeOf(userInfo.motto) == "String" ? userInfo.motto : "";
userInfo.flags = ParseLong(userInfo.flags);
}
}
if(active.admin && !TypeIsString(name))
{
const limit = 20;
DB.Lock();
const db = DB.Open();
const res = Sqlite.Exec(db, $"SELECT * FROM accounts LIMIT {Sqlite.Escape(limit)} OFFSET {Sqlite.Escape((page-1)*limit)};");
Sqlite.Close(db);
DB.Unlock();
if(TypeIsList(res))
{
each(var item in res)
{
const flags = ParseLong(item.flags);
list.Add({
name = item.accountName,
created = new DateTime(ParseLong(item.created)).ToString("%Y/%m/%d %H:%M:%S UTC"),
verified = (flags & DB.FLAG_VERIFIED) ? (new DateTime(ParseLong(item.verified)).ToString("%Y/%m/%d %H:%M:%S UTC")) : "N/A",
admin = (flags & DB.FLAG_ADMIN) ? "Yes" : "No"
});
}
}
else {
ctx.StatusCode = 500;
return Shell("Error", pages,
<h1>Error {res}</h1>);
}
}
var html = <div class="container">
<if(active.admin)>
<true>
<if(TypeIsString(name))>
<true>
<if(TypeIsDictionary(userInfo))>
<true>
<form method="POST" action="./admin_accounts">
<input type="hidden" name="csrf" value={csrf}>
<input type="hidden" name="oldname" value={name}>
<div class="mb-3">
<label for="name" class="form-label">Name</label>
<input type="text" class="form-control" id="name" name="newname" value={name}>
</div>
<div class="mb-3">
<label for="motto" class="form-label">Motto</label>
<if(motto_ta.Length == 0)>
<true><textarea class="form-control" id="motto" name="motto" placeholder="Type your motto and/or links here" id="floatingTextarea2" style="height: 100px"></textarea></true>
<false><textarea class="form-control" id="motto" name="motto" placeholder="Type your motto and/or links here" id="floatingTextarea2" style="height: 100px">{motto_ta}</textarea></false>
</if>
</div>
<div class="form-check">
<if(userInfo.flags & DB.FLAG_VERIFIED)>
<true>
<if(userInfo.accountName == active.text)>
<true>
<input class="form-check-input" type="checkbox" name="verified" id="verified" checked="ON" disabled="ON">
</true>
<false>
<input class="form-check-input" type="checkbox" name="verified" id="verified" checked="ON">
</false>
</if>
</true>
<false>
<input class="form-check-input" type="checkbox" name="verified" id="verified">
</false>
</if>
<label class="form-check-label" for="verified">
Is Verified
</label>
</div>
<div class="form-check">
<if(userInfo.flags & DB.FLAG_ADMIN)>
<true>
<if(userInfo.accountName == active.text)>
<true>
<input class="form-check-input" type="checkbox" name="admin" id="admin" checked="ON" disabled="ON">
</true>
<false>
<input class="form-check-input" type="checkbox" name="admin" id="admin" checked="ON">
</false>
</if>
</true>
<false>
<input class="form-check-input" type="checkbox" name="admin" id="admin">
</false>
</if>
<label class="form-check-label" for="admin">
Is Admin
</label>
</div>
<button type="submit" class="btn btn-primary" name="action">Save</button>
<a href="./admin_accounts" class="btn btn-secondary">Back</a>
</form>
</true>
<false>
<h1>Error {userInfo}</h1>
</false>
</if>
</true>
<false>
<a href="./admin" class="btn btn-primary">Back To Admin</a>
<table class="table">
<thead>
<tr>
<th scope="col">Name</th>
<th scope="col">Created</th>
<th scope="col">Verified</th>
<th scope="col">Admin</th>
</tr>
</thead>
<tbody>
<each(var item : list)>
<tr>
<th scope="row"><a href={$"./admin_accounts?account={Net.Http.UrlEncode(item.name)}"}>{item.name}</a></th>
<td>{item.created}</td>
<td>{item.verified}</td>
<td>{item.admin}</td>
</tr>
</each>
</tbody>
</table>
<nav aria-label="Page navigation example">
<ul class="pagination justify-content-center">
<if(page == 1)>
<true>
<li class="page-item disabled">
<a class="page-link">Previous</a>
</li>
</true>
<false>
<li class="page-item">
<a class="page-link" href={$"./admin_accounts?page={page-1}"}>Previous</a>
</li>
</false>
</if>
<for(var i = 1; i <= 3; i++)>
<li class={i == cur + 1 ? "page-item active" : "page-item"}><a class="page-link" href={$"./admin_accounts?page={i+firstPage}"}>{i+firstPage}</a></li>
</for>
<li class="page-item">
<a class="page-link" href={$"./admin_accounts?page={page+1}"}>Next</a>
</li>
</ul>
</nav>
</false>
</if>
</true>
<false>
<h1>You are not authorized in the admin panel</h1>
</false>
</if>
</div>;
return Shell("Admin Register", pages,html);
}

2
Tesses.CrossLang.PackageServer/src/pages/admin_register.tcross
View File

@@ -31,7 +31,7 @@ func Pages.AdminRegister(ctx)
var displayName = ctx.QueryParams.TryGetFirst("displayName");
var password = ctx.QueryParams.TryGetFirst("password");
var confirm = ctx.QueryParams.TryGetFirst("confirm");
var flags = ctx.QueryParams.GetFirstBoolean("verified") ? DB.FLAG_VERIFIED : DB.FLAG_FLAG_VERIFY;
var flags = ctx.QueryParams.GetFirstBoolean("verified") ? DB.FLAG_VERIFIED : DB.FLAG_VERIFY;
flags |= (ctx.QueryParams.GetFirstBoolean("admin") ? DB.FLAG_ADMIN : 0);
if(TypeOf(email) != "String" || TypeOf(displayName) != "String" || TypeOf(password) != "String" || TypeOf(confirm) != "String")

20
Tesses.CrossLang.PackageServer/src/pages/check_email.tcross
View File

@@ -14,10 +14,20 @@ func Pages.CheckEmail(ctx)
DB.LoginButton(ctx,false)
];
var html = <div class={"container"}>
<h1>Please check your email.</h1>
<p>
The email may or may not be in your spam.
</p>
<if(DB.Config.MailConfig)>
<true>
<h1>Please check your email.</h1>
<p>
The email may or may not be in your spam.
</p>
</true>
<false>
<h1>The admin will need to verify your account</h1>
<p>
Mail is disabled
</p>
</false>
</if>
</div>;
return Shell("Check your email",pages,html);
return Shell(DB.Config.MailConfig ? "Check your email" : "Admin will need to verify",pages,html);
}

66
Tesses.CrossLang.PackageServer/src/pages/create_session.tcross Normal file
View File

@@ -0,0 +1,66 @@
func Pages.CreateSession(ctx)
{
var active = DB.LoginButton(ctx,false,"");
var pages = [
{
active = false,
route = "/packages",
text = "Packages"
},
{
active = false,
route = "/upload",
text = "Upload"
},
active
];
const account = DB.GetUserIdFromSession(active.session);
if(TypeIsDictionary(account))
{
if(ctx.Method == "GET")
{
return Shell("Create API Key", pages,
<div class="container">
<h1>Create session</h1>
<form method="POST" action="./create_session">
<input type="hidden" name="csrf" value={DB.CreateCSRF(ctx)}>
<div class="mb-3">
<label for="name" class="form-label">Session Name</label>
<input type="text" class="form-control" id="name" name="name" placeholder="Session Name">
</div>
<input type="submit" class="btn btn-primary" value="Create">
</form>
</div>
);
}
else if(ctx.Method == "POST")
{
var name = ctx.QueryParams.TryGetFirst("name") ?? "CrossLang Shell";
var csrf = ctx.QueryParams.TryGetFirst("csrf");
if(!DB.VerifyCSRF(active.session,csrf))
return Shell("Invalid CSRF", pages, "<h1>Invalid CSRF</h1>");
return Shell("Your API key", pages,
<div class="container">
<h1>Your API key</h1>
<p>{"It won't be shown again"}</p>
<div class="mb-3 row">
<label for="apiKey" class="col-sm-2 col-form-label">API Key</label>
<div class="col-sm-10">
<input type="text" readonly="ON" class="form-control-plaintext" id="apiKey" value={DB.CreateSession(account.accountId,false,name)}>
</div>
</div>
</div>
);
}
}
return Shell("Error", pages, "<h1>Not logged in</h1>");
}

74
Tesses.CrossLang.PackageServer/src/pages/session.tcross Normal file
View File

@@ -0,0 +1,74 @@
func Pages.Session(ctx)
{
var active = DB.LoginButton(ctx,false,"");
var pages = [
{
active = false,
route = "/packages",
text = "Packages"
},
{
active = false,
route = "/upload",
text = "Upload"
},
active
];
const account = DB.GetUserIdFromSession(active.session);
const id = ctx.QueryParams.TryGetFirstInt("id");
if(TypeIsDictionary(account) && TypeIsLong(id))
{
if(ctx.Method == "GET")
{
DB.Lock();
const dbCon = DB.Open();
const results = Sqlite.Exec(dbCon, $"SELECT * FROM sessions WHERE accountId = {Sqlite.Escape(account.accountId)} AND id = {Sqlite.Escape(id)};");
Sqlite.Close(dbCon);
DB.Unlock();
return Shell("Delete session?", pages, <if(TypeIsList(results) && results.Count == 1)>
<true>
<div class="container">
<h1>Do you want to delete session: {results[0].name}?</h1>
<p>Created: {new DateTime(ParseLong(results[0].created) ?? 0).ToString("%Y/%m/%d %H:%M:%S UTC")}</p>
<p>Expires: {results[0].expires == "0" ? "Won't" : new DateTime(ParseLong(results[0].expires) ?? 0).ToString("%Y/%m/%d %H:%M:%S UTC")}</p>
<p>Type: {results[0].key == active.session ? "This Session" : results[0].expires == "0" ? "API Key" : "Browser"}</p>
<form method="POST" action="./session">
<input type="hidden" name="csrf" value={DB.CreateCSRF(ctx)}>
<input type="hidden" name="id" value={id}>
<input type="submit" class="btn btn-danger" name="confirm" value="Yes">
<input type="submit" class="btn btn-primary" name="confirm" value="No">
</form>
</div>
</true>
</if>);
}
else if(ctx.Method == "POST")
{
var confirm = ctx.QueryParams.TryGetFirst("confirm") ?? "No";
if(confirm == "Yes")
{
var csrf = ctx.QueryParams.TryGetFirst("csrf");
if(!DB.VerifyCSRF(active.session,csrf))
return Shell("Invalid CSRF", pages, "<h1>Invalid CSRF</h1>");
DB.Lock();
const dbCon = DB.Open();
Sqlite.Exec(dbCon, $"DELETE FROM sessions WHERE accountId = {Sqlite.Escape(account.accountId)} AND id = {Sqlite.Escape(id)};");
Sqlite.Close(dbCon);
DB.Unlock();
}
ctx.StatusCode = 303;
ctx.ResponseHeaders.SetValue("Location", "./sessions");
return Shell("Redirecting", pages,<null>
<h1>Redirecting</h1>
Click <a href="./sessions">here</a> if it does not redirect
</null>);
}
}
return Shell("Error", pages, "<h1>Not logged in</h1>");
}

62
Tesses.CrossLang.PackageServer/src/pages/sessions.tcross Normal file
View File

@@ -0,0 +1,62 @@
func Pages.Sessions(ctx)
{
var active = DB.LoginButton(ctx,false,"");
var pages = [
{
active = false,
route = "/packages",
text = "Packages"
},
{
active = false,
route = "/upload",
text = "Upload"
},
active
];
const account = DB.GetUserIdFromSession(active.session);
if(TypeIsDictionary(account))
{
DB.Lock();
const dbCon = DB.Open();
const results = Sqlite.Exec(dbCon, $"SELECT * FROM sessions WHERE accountId = {Sqlite.Escape(account.accountId)};");
Sqlite.Close(dbCon);
DB.Unlock();
return Shell("Sessions",
pages,
<div class="container">
<a href="./create_session" class="btn btn-primary">Create API Key</a>
<if(TypeIsList(results))>
<true>
<table class="table">
<thead>
<tr>
<th scope="col">Name</th>
<th scope="col">Created</th>
<th scope="col">Expires</th>
<th scope="col">Type</th>
</tr>
</thead>
<tbody>
<each(var item : results)>
<tr>
<th scope="row"><a href={$"./session?id={Net.Http.UrlEncode(item.id)}"}>{item.name}</a></th>
<td>{new DateTime(ParseLong(item.created) ?? 0).ToString("%Y/%m/%d %H:%M:%S UTC")}</td>
<td>{item.expires == "0" ? "Won't" : new DateTime(ParseLong(item.expires) ?? 0).ToString("%Y/%m/%d %H:%M:%S UTC")}</td>
<td>{item.key == active.session ? "This Session" : item.expires == "0" ? "API Key" : "Browser"}</td>
</tr>
</each>
</tbody>
</table>
</true>
</if>
</div>
);
}
return Shell("You are not logged in",pages,<h1>You are not logged in</h1>);
}

62
Tesses.CrossLang.PackageServer/src/program.tcross
View File

@@ -1,5 +1,7 @@
func main(args)
{
var dir = ".";
if(args.Length > 1)
{
@@ -7,6 +9,14 @@ func main(args)
}
DB.Init(dir);
const timer = new Timer(()=>{
const time = DateTime.NowEpoch ?? 0;
DB.Lock();
const db = DB.Open();
Sqlite.Exec(db, "DELETE FROM sessions WHERE expires < {time} AND expires > 0;");
Sqlite.Close(db);
DB.Unlock();
},900000);
@@ -41,6 +51,11 @@ func main(args)
ctx.WithMimeType("text/html").SendText(Pages.AdminRegister(ctx));
return true;
}
if(ctx.Path == "/admin_accounts")
{
ctx.WithMimeType("text/html").SendText(Pages.AdminAccount(ctx));
return true;
}
if(ctx.Path == "/package")
{
var name = ctx.QueryParams.TryGetFirst("name");
@@ -137,9 +152,9 @@ func main(args)
if(DB.VerifyCSRF(session,csrf))
{
var userId = DB.GetUserIdFromSession(session);
var userId = DB.GetUserIdFromSession(session).accountId;
var url = DB.ChangeMotto(userId,motto);
ctx.StatusCode = 302;
ctx.StatusCode = 303;
ctx.ResponseHeaders.SetValue("Location", url);
ctx.WithMimeType("text/html").SendText(<null>
<h1>Redirecting</h1>
@@ -194,7 +209,7 @@ func main(args)
if(!DB.VerifyCSRF(session,csrf))
{
var userId = DB.GetUserIdFromSession(session);
var userId = DB.GetUserIdFromSession(session).accountId;
result = DB.UploadPackage(userId, filePath);
}
@@ -203,7 +218,7 @@ func main(args)
if(result.Success)
{
ctx.StatusCode = 302;
ctx.StatusCode = 303;
ctx.ResponseHeaders.SetValue("Location", "/");
ctx.WithMimeType("text/html").SendText(<null>
<h1>Redirecting</h1>
@@ -279,7 +294,7 @@ func main(args)
});
return true;
}
var userId = DB.GetUserIdFromSession(session);
var userId = DB.GetUserIdFromSession(session).accountId;
var filePath = DB.working / "Temp" / $"{DB.GetUniqueNumber()}.crvm";
var strm = FS.Local.OpenFile(filePath,"wb");
@@ -335,7 +350,7 @@ func main(args)
ctx.SendJson({
token = DB.CreateSession(accountId)
token = DB.CreateSession(accountId,false, TypeIsString(json.name) ? json.name : "CrossLang Shell")
});
return true;
@@ -432,13 +447,16 @@ func main(args)
if(accountId == -1)
{
ctx.StatusCode = 400;
ctx.SendText("<h1>Invalid credentials</h1>");
ctx.SendText(Shell("Invalid credentials",[],"<h1>Invalid credentials</h1>"));
return true;
}
ctx.StatusCode = 302;
ctx.StatusCode = 303;
ctx.ResponseHeaders.SetValue("Location", "/");
ctx.ResponseHeaders.SetValue("Set-Cookie", $"Session={DB.CreateSession(accountId)}; SameSite=Strict");
const browser="Browser";
const now = DateTime.NowEpoch??0;
ctx.ResponseHeaders.SetValue("Set-Cookie", $"Session={DB.CreateSession(accountId,true, browser)}; SameSite=Strict; Expires={new DateTime(now+DB.Expires).ToHttpDate()}");
ctx.WithMimeType("text/html").SendText(<null>
<h1>Redirecting</h1>
Click <a href="./">here</a> if it does not redirect
@@ -492,7 +510,7 @@ func main(args)
var res = DB.UnforgetPassword(code,password,confirm);
if(res.Success)
{
ctx.StatusCode = 302;
ctx.StatusCode = 303;
ctx.ResponseHeaders.SetValue("Location", "/");
ctx.WithMimeType("text/html").SendText(<null>
<h1>Redirecting</h1>
@@ -538,7 +556,7 @@ func main(args)
}
ctx.StatusCode = 302;
ctx.StatusCode = 303;
ctx.ResponseHeaders.SetValue("Location", res.Redirect);
ctx.WithMimeType("text/html").SendText(<null>
<h1>Redirecting</h1>
@@ -596,12 +614,12 @@ func main(args)
if(!res.Success)
{
ctx.StatusCode = 400;
ctx.SendText($"<h1>Error: {Net.Http.HtmlEncode(res.Reason)}</h1>");
ctx.SendText(Shell("Error",[],$"<h1>Error: {Net.Http.HtmlEncode(res.Reason)}</h1>"));
return true;
}
ctx.StatusCode = 302;
ctx.StatusCode = 303;
ctx.ResponseHeaders.SetValue("Location", res.Redirect);
ctx.WithMimeType("text/html").SendText(<null>
<h1>Redirecting</h1>
@@ -615,6 +633,22 @@ func main(args)
ctx.WithMimeType("text/html").SendText(Pages.Account(ctx));
return true;
}
if(ctx.Path == "/sessions")
{
ctx.WithMimeType("text/html").SendText(Pages.Sessions(ctx));
return true;
}
if(ctx.Path == "/create_session")
{
ctx.WithMimeType("text/html").SendText(Pages.CreateSession(ctx));
return true;
}
if(ctx.Path == "/session")
{
ctx.WithMimeType("text/html").SendText(Pages.Session(ctx));
return true;
}
if(ctx.Path == "/css/bootstrap.min.css")
{
ctx.WithMimeType("text/css").SendBytes(embed("css/bootstrap.min.css"));
@@ -650,4 +684,6 @@ func main(args)
return false;
},DB.Port);
timer.Callback = null;
}

4
Tesses.CrossLang.Shell/src/login.tcross
View File

@@ -33,6 +33,9 @@ func Tesses.CrossLang.Shell.Login(dd)
var name = dd.Arguments[1];
var host = dd.Arguments[2];
Console.Write("Name (empty for CrossLang Shell): ");
var name = Console.ReadLine() ?? "";
if(name == "") name = "CrossLang Shell";
Console.Write("Email: ");
var email = Console.ReadLine();
@@ -45,6 +48,7 @@ func Tesses.CrossLang.Shell.Login(dd)
Console.WriteLine();
var accountRequest = {
name,
email,
password
};

168
Tesses.CrossLang.Shell/src/logout.tcross Normal file
View File

@@ -0,0 +1,168 @@
func Tesses.CrossLang.Shell.Logout(dd)
{
var accounts = [];
func help()
{
Console.WriteLine("USAGE: crosslang logout [name]");
Console.WriteLine();
Console.WriteLine("ARGUMENTS:");
Console.WriteLine("name: the session name");
}
if(FS.Local.FileExists(Env.CrossLangConfig / "auth.json"))
{
accounts = Json.Decode(FS.ReadAllText(FS.Local,Env.CrossLangConfig / "auth.json"));
if(TypeOf(accounts) != "List") accounts = [];
}
if(dd.Flags.Contains("help"))
{
help();
}
else {
if(FS.Local.FileExists(Env.CrossLangConfig / "auth.json"))
{
const json = Json.Decode(FS.ReadAllText(FS.Local,Env.CrossLangConfig / "auth.json"));
if(json.Length == 0)
{
Console.WriteLine("You were not logged in");
return 0;
}
else if(json.Length == 1)
{
const host = json[0].host;
const token = json[0].token;
if(!TypeIsString(host))
{
Console.WriteLine("Host is not a string");
FS.WriteAllText(FS.Local, Env.CrossLangConfig / "auth.json", "[]");
return 1;
}
if(!TypeIsString(token))
{
Console.WriteLine("Token is not a string");
FS.WriteAllText(FS.Local, Env.CrossLangConfig / "auth.json", "[]");
return 1;
}
const resp = Net.Http.MakeRequest($"{host.TrimEnd('/')}/api/v1/logout",{
RequestHeaders = [
{Key= "Authorization",Value=$"Bearer {token}"}
],
Method = "GET"
});
if(resp.StatusCode == 200)
{
const json = resp.ReadAsJson();
if(json.Success)
{
FS.WriteAllText(FS.Local, Env.CrossLangConfig / "auth.json", "[]");
resp.Close();
return 0;
}
else {
FS.WriteAllText(FS.Local, Env.CrossLangConfig / "auth.json", "[]");
resp.Close();
Console.WriteLine($"Failed to logout, go to {host.TrimEnd('/')}/sessions to logout");
return 1;
}
}
resp.Close();
return 1;
}
else {
if(dd.Arguments.Length < 2)
{
Console.WriteLine("Multiple entries in auth.json file, session is ambiguous.");
Console.WriteLine("Sessions:");
each(var item : json)
{
Console.WriteLine($"{item.name}: {item.host}");
}
}
else {
var host = "";
var token = "";
var found = false;
var cur = null;
each(var item : json)
{
if(item.name == dd.Arguments[1])
{
cur = item;
found=true;
host = item.host;
token = item.token;
break;
}
}
if(!found) {
Console.WriteLine($"Could not find session with name: {dd.Arguments[1]}");
return 1;
}
if(!TypeIsString(host))
{
Console.WriteLine("Host is not a string");
json.Remove(cur);
FS.WriteAllText(FS.Local, Env.CrossLangConfig / "auth.json", json.ToString());
return 1;
}
if(!TypeIsString(token))
{
Console.WriteLine("Token is not a string");
json.Remove(cur);
FS.WriteAllText(FS.Local, Env.CrossLangConfig / "auth.json", json.ToString());
return 1;
}
const resp = Net.Http.MakeRequest($"{host.TrimEnd('/')}/api/v1/logout",{
RequestHeaders = [
{Key= "Authorization",Value=$"Bearer {token}"}
],
Method = "GET"
});
if(resp.StatusCode == 200)
{
const json2 = resp.ReadAsJson();
if(json2.Success)
{
json.Remove(cur);
FS.WriteAllText(FS.Local, Env.CrossLangConfig / "auth.json", json.ToString());
resp.Close();
return 0;
}
else {
json.Remove(cur);
FS.WriteAllText(FS.Local, Env.CrossLangConfig / "auth.json", json.ToString());
resp.Close();
Console.WriteLine($"Failed to logout, go to {host.TrimEnd('/')}/sessions to logout");
return 1;
}
}
resp.Close();
return 1;
}
}
} else {
Console.WriteLine("You were not logged in");
return 0;
}
}
}

4
Tesses.CrossLang.Shell/src/token.tcross
View File

@@ -1,5 +1,8 @@
func Tesses.CrossLang.Shell.Token(dd)
{
Console.Write("Name (empty for CrossLang Shell): ");
var name = Console.ReadLine() ?? "";
if(name == "") name = "CrossLang Shell";
Console.Write("Host: ");
var host = Console.ReadLine();
Console.Write("Email: ");
@@ -15,6 +18,7 @@ func Tesses.CrossLang.Shell.Token(dd)
var accountRequest = {
name,
email,
password
};

1
vscode-extension/src/api.ts
View File

@@ -202,6 +202,7 @@ export async function createTemplate()
if(project_name)
{
const dir = join(getDocumentsFolder(),"CrossLangProjects",project_name);
mkdirSync(getDocumentsFolder());
mkdirSync(join(getDocumentsFolder(),"CrossLangProjects"));
mkdirSync(dir);