From ef54b678030f7cf95d44b77248cfe8b115d29543 Mon Sep 17 00:00:00 2001 From: Arzumify Date: Sun, 21 Jul 2024 09:45:47 +0100 Subject: [PATCH] made stamps be able to be spent and add an expiration mechanism --- main.go | 54 +++++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 51 insertions(+), 3 deletions(-) diff --git a/main.go b/main.go index 8500661..a13dd34 100644 --- a/main.go +++ b/main.go @@ -308,6 +308,16 @@ func main() { } } + _, err = mem.Exec("CREATE TABLE spent (hashcash TEXT NOT NULL, expires INTEGER NOT NULL)") + if err != nil { + if err.Error() == "table spent already exists" { + log.Println("[INFO] Spent table already exists") + } else { + log.Fatalln("[FATAL] Cannot create spent table:", err) + } + + } + if len(os.Args) > 1 { if os.Args[1] == "init_db" { initDb() @@ -368,6 +378,31 @@ func main() { return } + var spentStamp string + err = mem.QueryRow("SELECT hashcash FROM spent WHERE hashcash = ?", stamp).Scan(&spentStamp) + if err != nil { + if errors.Is(err, sql.ErrNoRows) { + _, err = mem.Exec("INSERT INTO spent (hashcash, expires) VALUES (?, ?)", stamp, time.Now().Unix()+86400) + if err != nil { + log.Println("[ERROR] Unknown in /api/signup spent Exec():", err) + c.JSON(500, gin.H{"error": "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgernotes and refer to the documentation for more info. Your error code is: UNKNOWN-API-SIGNUP-SPENTINSERT"}) + return + } + } else { + log.Println("[ERROR] Unknown in /api/signup spent QueryRow():", err) + c.JSON(500, gin.H{"error": "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgernotes and refer to the documentation for more info. Your error code is: UNKNOWN-API-SIGNUP-SPENTSELECT"}) + return + } + } else { + c.JSON(409, gin.H{"error": "Stamp already spent"}) + return + } + + if strings.Split(stamp, ":")[3] != "signup" || strings.Split(stamp, ":")[4] != "I love burgernotes!" { + c.JSON(400, gin.H{"error": "Invalid hashcash stamp"}) + return + } + pow := hashcash.New(20, 16, "I love burgernotes!") ok = pow.Check(stamp) if !ok { @@ -495,8 +530,7 @@ func main() { c.JSON(500, gin.H{"error": "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgernotes and refer to the documentation for more info. Your error code is: UNKNOWN-API-LOGIN-VERIFYHASH"}) return } - } - if !correctPassword { + } else if !correctPassword { if migrated == 0 { c.JSON(401, gin.H{"error": "User has not migrated", "migrated": false}) return @@ -529,7 +563,11 @@ func main() { return } - c.JSON(200, gin.H{"key": token}) + if migrated != 1 { + c.JSON(200, gin.H{"key": token, "migrated": false}) + } else { + c.JSON(200, gin.H{"key": token, "migrated": true}) + } }) router.POST("/api/oauth/get", func(c *gin.Context) { @@ -1399,6 +1437,16 @@ func main() { } }) + go func() { + for { + time.Sleep(time.Minute) + _, err := conn.Exec("DELETE FROM spent WHERE expires < ?", time.Now().Unix()) + if err != nil { + log.Println("[ERROR] Unknown in spent cleanup Exec():", err) + } + } + }() + log.Println("[INFO] Server started at", time.Now().Unix()) log.Println("[INFO] Welcome to Burgernotes! Today we are running on IP " + host + " on port " + strconv.Itoa(port) + ".") err = router.Run(host + ":" + strconv.Itoa(port))