1
0
Fork 0

English seance 25/5/2020

This commit is contained in:
Ethanell 2020-05-25 12:02:04 +02:00
parent e69b9bc36b
commit 9cddbadae0
8 changed files with 119 additions and 25 deletions

3
.gitignore vendored
View file

@ -8,3 +8,6 @@
# npm packages
package-lock.json
node_modules
# API haveibeenpwned key
key

49
app.js
View file

@ -1,19 +1,56 @@
let express = require("express");
let app = express();
let server = require("http").Server(app);
let morgan = require("morgan");
let io = require("socket.io")(server);
let https = require("https");
let fs = require("fs");
server.listen(process.env.PORT || 8080);
let indexRoute = require("./routes/index");
let checkMail = require("./routes/checkMail");
let notFoundRoute = require("./routes/notFound");
let errorRoute = require("./routes/error");
let app = express();
app.use(morgan("dev"))
.use(express.static("public"))
.set("view engine", "pug")
.use("/", indexRoute)
.use("/checkmail", checkMail)
.use(notFoundRoute)
.use(errorRoute)
.listen(process.env.PORT || 8080);
.use(errorRoute);
io.on("connection", (socket) => {
socket.emit("connected");
console.log("New connection !");
socket.on("checkMail", (data) => {
let key = fs.readFileSync("key", "utf-8");
let request = https.request({
hostname: "haveibeenpwned.com",
port: 443,
path: "/api/v3/breachedaccount/" + data.email,
method: "GET",
headers: {
Accept: 'application/json',
"user-agent": "InternetSecurity",
"hibp-api-key": key
}
}, res => {
let sendData = false;
res.setEncoding("utf-8");
res.on("data", d => {
socket.emit("resultMail", d);
sendData = true;
});
res.on("close", () => {
if (!sendData)
socket.emit("resultMail", []);
});
});
request.on("error", err => {
console.error(err);
socket.emit("resultMail", null);
});
request.end();
})
});

View file

@ -15,6 +15,7 @@
"dependencies": {
"express": "^4.17.1",
"morgan": "^1.10.0",
"pug": "^2.0.4"
"pug": "^2.0.4",
"socket.io": "^2.3.0"
}
}

View file

@ -11,6 +11,12 @@ body{
font-family: 'Roboto', sans-serif;
}
@media (hover: none) and (pointer: coarse) {
body {
font-size: 2em;
}
}
body {
background: linear-gradient(-45deg, #ee7752, #23a6d5);
background-size: 100%;
@ -212,6 +218,44 @@ div#result_password h1{
padding: 2vh 0;
}
div#result_mail h1{
padding:2vh 0;
width:70%;
display: block;
margin: auto;
}
div#result_mail ul{
padding : 0vw 15vw;
list-style: none;
}
div#result_password li{
padding: 0.75vw;
}
.warning:before{
content: '⚠ ';
margin-right: 3vw;
}
.warning{
background: rgba(252, 214, 214, 0.54);
border: 0.2vw solid red;
margin-bottom: 0.5vh;
}
div.container#result_mail h2 {
position: relative;
top: 300px;
}
div.container#result_mail p {
text-align: center;
font-weight: bold;
font-size: xx-large;
}
.arrowdown{
cursor: pointer;
width: 10%;

View file

@ -5,6 +5,7 @@ const resultPassword = document.querySelector("#result_password");
const passwordManage = document.querySelector("#password_manage");
const security2AF = document.querySelector("#security_2AF");
const cookie = document.querySelector("#cookie");
const socket = io.connect();
const commonPassword = RegExp("(1234567890|123456789|12345678|1234567|123456|12345|1234|123|password|test|qwerty|azerty|iloveyou|admin|welcome|abc123|football|monkey|!@#\\$%\\^&\\*)");
const mailRegex = new RegExp("(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|\"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\\\[\x01-\x09\x0b\x0c\x0e-\x7f])*\")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\\])");
@ -26,7 +27,7 @@ let observer = new IntersectionObserver(function(entries) {
window.scrollTo({top: entries[0].target.getBoundingClientRect().top + window.scrollY,
left: 0,
behavior: 'smooth'});
}, { rootMargin: "0px", threshold: 0.2 });
}, { threshold: 0.1 });
for (let e of [main, resultMail, passwordTest, resultPassword, passwordManage, security2AF, cookie])
observer.observe(e);
@ -60,8 +61,7 @@ security2AF.querySelector(".arrowdown").addEventListener("click", () => {
function mailValid() {
let input = main.querySelector("#email");
if (mailRegex.test(input.value)) {
resultMail.classList.remove("hide");
resultMail.scrollIntoView({"behavior": "smooth"});
socket.emit("checkMail", {"email": input.value});
} else {
input.classList.add("error");
}
@ -112,6 +112,23 @@ function passwordCheck() {
}
}
function mailCheck(mail) {
}
socket.on("resultMail", (data) => {
if (data == null) {
passwordTest.classList.remove("hide");
passwordTest.scrollIntoView({"behavior": "smooth"});
window.alert("Internal error, can't check your email !");
} else {
let ul = resultMail.querySelector("ul");
if (data.length === 0) {
ul.innerHTML = "";
resultMail.querySelector("ul").insertAdjacentHTML("beforeend", "<li>Any breaches detected !</li>");
} else {
ul.innerHTML = "";
for (let breach of JSON.parse(data)) {
ul.insertAdjacentHTML("beforeend", `<li class="warning">${breach.Name}</li>`);
}
}
resultMail.classList.remove("hide");
resultMail.scrollIntoView({"behavior": "smooth"});
}
})

View file

@ -1,10 +0,0 @@
let router = require("express").Router();
let https = require('https')
router.get("/", (req, res) => {
});
module.exports = router;

View file

@ -8,7 +8,8 @@ block content
div.trapezoid
div.container.hide#result_mail
h1 Results
h2
p List of your compromised accounts on websites:
ul
h2 Let's see what about your
a passwords ?
div.container.hide#password_test

View file

@ -8,5 +8,6 @@ html(lang="en")
title Internet security
link(rel="stylesheet", href="/css/main.css")
body
script(src="/socket.io/socket.io.js")
block content
footer