From a892f5b2b1e3f01aa3c279ee26babd584ef2e555 Mon Sep 17 00:00:00 2001 From: Type-Style Date: Thu, 28 Mar 2024 16:39:28 +0100 Subject: [PATCH] update master (#57) * [Task] #6 provide fallback index.html * [Task] #6 production ready code (m) move httpdocs folder to dist have compile without sourcemaps for faster speed * [Task] #6 create github action for upload when main is updated (#21) * [change] #6 new ftp upload action * [Fix] #6 replace host with server in ftp action * [Task] #6 basic log (#26) * [CHANGE] #6 revert back to require output for production * [Task] #6 add ability to manually upload to prod * [Task] #9 enable manual start of codechecks * 10 webhook for writing (#36) * [Change] #3 clean up npm scripts, to have clean folder before build * [Task] #10 created data types in typescript * [Temp] #10 created subroute for writing, and folder structure * [Change] #3 include to use relative paths from src folder in ts and node https://stackoverflow.com/questions/43281741/how-can-i-use-paths-in-tsconfig-json See comment from Remo H. Hansen with at least 100 upvoted * [Change] Update VSCode to keep files open * [Task] #18 setup dotenv for secret variables * [Temp, Task] #10 Validate inputs using express-validator and custom functions * [Task] #18 prevent parameter pollution * [Task] #10 validating incoming parameter and logging errors * [Task] #7 add basic cache to express * [Changes] #7 Error Handling, to include basic custom Error Handling * [Task] #10 enhanced validation to only allow known parameters * [Change] #35 added Jest, tests for helper functions when writing * [Task] #10 better error Handling * [Task] #35 add tests for writing webhook validation * [TASK] #18 protect Webhook using KEY * [Fix] #35 test know import path structure now * [Task] #35 add test for protected webhook * [Task] #35 refactor build to run jest tests * [Task] #10 switched to crypto instead of bcrypt for dependency issue see synk inflight * [Fix] #36 PRQ Feedback * [Task] #3 improve error handling, logger and added chalk to colorize console output. Had to use chalk version 4 because of typescript converting to require, and chalk5 do want import syntax. * [Change] #3 nodemon to clear console when in dev mode * [!Task] #32 webhook creates folder and file based on date * [Change] #35 relocated tests and refactor write, also added file check * [Task] #18, installed helmet, configured self as CSP origin * [Fix] moved chalk out of dev dependency * [Task] #32 error logging and text output improvement, log string instead of "object" * [Task] #18 CSP Update to allow localhost for testing * [Fix] #3 debugging setup improvments * [FIX] #10 Error Handling * [Task] #10 writing basic non calculated data to file * [Fix] #10 avoid Header Modification after sending the request * [Task] #10 JSON Data pretty output * [Task] #32 update types to reflect subobjects of entry * [Task] #10 write time * [Task] #32 added logging for time edgecases * [Task] #10 output seconds * [Task] #10 calculate distance based on lat and lon * [Task] #32 writing tests for time and distance * [Task] #32 change distance calculation to use pythagoras * [Task] #38 add favicon * [Task] #32 time converted to seconds * [Taskk] #32 speed calculation and output and tests * [Task] #32 speed tests * [Task] #33 add ignore * [Task] #32 test finetuning * [Task] #32 add angle between entries * [Task] #32 test for angle, extracted getData function * [change] #32 test to include optional leading 0 for days * [!!!Task] #18 add uncaughtExeption handler as last resort * [Task] #7 enhance static options to include common filetypes; index file start is used as index file to avoid collisions with host provider * [change] #32 validation to be used more explictly * [change] #32 add index to log while writing * [Task] #32 test if 1000 calls can be made with randomized data * [!!! Task] #32 limit JSON Data to be 1000 lines: replace last line with most recent entry * [Change, Task] #32 if 1000 entries exceeded, only replace last if hdop is good * [Change] build action enable button to on manually * [temp] test y tests fail * Create node.js.yml * Create main.yml * [!!!Fix] Created new workflow to build / test node, commented tests back in. Increased time between server calls in test, to check difference time more accurately * [Task] #33 moved ignore to its own file since it creates data rather than validating it * 42 output json (#44) * [Task] #42, created route to output json * [Task] #42 added tests for read json * 41 add rate limiter (#45) * [Task] #18, limit request size for security reasons * [Task] #43, introduce gzip to transfer data * [Task] #34 improve error handling, log server shutdowns * [Task] #34 installed and integrated tooBusy to send 503 when load is high * [Task] #34 improved tooBusy, improved formatting * [Task, Temp] #41 installed ratelimiter and slowDown * [Task] #42 cleanup ipv6 addresses * [Change] #10 error handling for better gitBash and txt output, also reduced stack in case of validation errors * [Task] #41 prepare Log for RateLImit errors * [Temp] #41 write route rateLImited temp: see Todos * [Task] #34 colorize prefix in console * [Task] #42 extract middlewares and move to folder * [Task] #41 ratelimiter cleaning up periodicly * [Task] #41 skip tests in rateLimiting * Bump follow-redirects from 1.15.5 to 1.15.6 (#47) Bumps [follow-redirects](/~https://github.com/follow-redirects/follow-redirects) from 1.15.5 to 1.15.6. - [Release notes](/~https://github.com/follow-redirects/follow-redirects/releases) - [Commits](/~https://github.com/follow-redirects/follow-redirects/compare/v1.15.5...v1.15.6) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * 43 secure output route (#46) * [Task] #43 create color pallette via atmos * [Task] #43 create color pallette via atmos * [Task] #43 cleanup colors and svg * [Task] #41 remove test code * [CHANGE] #3 reconfigured nodemon to copy static files * [Task] #18 replaced getRawBody with builtIn express urlEncoded * [Temp, Task] #43 basic login page, not yet used as middleware * [Temp] #43, create and validate json web token * [Task] #43, add slowDown and RateLimit for failed login attempts * [Task] #43, ratelimit for login page * [Task] #43, add global ratelimiter * [fix] #7, improve error handeling for express errors * [Task] #43 rework body limitations to be checked only appropiate methods * [Task] #43 added check for data before using it * [Task] #43 check that body is ignored for GET in request * [Task] #43 login test * [Task] #43 create tests for login * [Task] #43 fine tune error handling * [Task] #43, finished login and jwt related tests * [Change] #34, no further need for test logging * [Task] #43, fine tune jwt, middleware process improved * [CHANGE] #43 created new esLint to have clientside js without ts * [Temp] #43 test to see new linter configuration * [Change] #43 switched to bcrypt for passwords * [Task] #43 read return json in all cases * [Task] #43 introduced color classes * [Task] #43, prq feedback * [Temp} #43 figuring out why tests dont run on github * [Task] #43 code cleanup * 48 move login to seperate controller (#49) * [Task] #43, add label to form * [Task] #48 login controller * 50 integrate csrf protection for login form (#53) * [Task] #50, create CSRF Validation for login form * [Task] #43, added icon to repository for later use * [Task] #50, cleanup cetntralized; rename token functions * [Task] #50, reduced token length and improved error handling * [Task] #50 csrf tests added to login * [Task] #50, added test case for csrf, repaired integration * fix: upgrade express-rate-limit from 7.1.5 to 7.2.0 (#52) Snyk has created this PR to upgrade express-rate-limit from 7.1.5 to 7.2.0. See this package in npm: https://www.npmjs.com/package/express-rate-limit See this project in Snyk: https://app.snyk.io/org/type-style/project/e2bcd002-cb74-409c-ba55-fb6349df1cbc?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot * fix: package.json & package-lock.json to reduce vulnerabilities (#54) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-EXPRESS-6474509 Co-authored-by: snyk-bot * [Snyk] Upgrade express from 4.18.2 to 4.18.3 (#51) * fix: upgrade express from 4.18.2 to 4.18.3 Snyk has created this PR to upgrade express from 4.18.2 to 4.18.3. See this package in npm: https://www.npmjs.com/package/express See this project in Snyk: https://app.snyk.io/org/type-style/project/e2bcd002-cb74-409c-ba55-fb6349df1cbc?utm_source=github&utm_medium=referral&page=upgrade-pr * 50 integrate csrf protection for login form (#53) * [Task] #50, create CSRF Validation for login form * [Task] #43, added icon to repository for later use * [Task] #50, cleanup cetntralized; rename token functions * [Task] #50, reduced token length and improved error handling * [Task] #50 csrf tests added to login * [Task] #50, added test case for csrf, repaired integration * fix: upgrade express-rate-limit from 7.1.5 to 7.2.0 (#52) Snyk has created this PR to upgrade express-rate-limit from 7.1.5 to 7.2.0. See this package in npm: https://www.npmjs.com/package/express-rate-limit See this project in Snyk: https://app.snyk.io/org/type-style/project/e2bcd002-cb74-409c-ba55-fb6349df1cbc?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot --------- Co-authored-by: snyk-bot * [Task] update dev after main merge --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot --- httpdocs/css/colors.css | 95 +++++++++++++++++++++++++++++++++++++++++ httpdocs/js/login.js | 1 + types.d.ts | 57 +++++++++++++++++++++++++ 3 files changed, 153 insertions(+) create mode 100644 httpdocs/css/colors.css diff --git a/httpdocs/css/colors.css b/httpdocs/css/colors.css new file mode 100644 index 0000000..d77a7fd --- /dev/null +++ b/httpdocs/css/colors.css @@ -0,0 +1,95 @@ +/* +created by atmos https://app.atmos.style/65cc9eaec76d443c0a796d4b + +** base configuration colors ** +Main: #f90 +Info: #231aee +Danger: #ff0000 +Success: #59ec04 +Neutral: #131211 +*/ + +[class*=color] { + --lightness: 67.66%; + --hue: 64.55; + --chroma: 0.007; + color: oklch(var(--lightness) var(--chroma) var(--hue)); + + &[class*=l1] {--lightness: 10%;} + &[class*=l2] {--lightness: 25%;} + &[class*=l3] {--lightness: 37.5%;} + &[class*=l4] {--lightness: 50%;} + &[class*=l5] {--lightness: 62.5%;} + &[class*=l6] {--lightness: 77.2%;} + &[class*=l7] {--lightness: 90%;} + + &[class*=main] { + --lightness: 77.2%; + --chroma: 0.1738; + --hue: 64.55; + + &[class*=l1] {--chroma: 0.02;} + &[class*=l2] {--chroma: 0.056;} + &[class*=l3] {--chroma: 0.085;} + &[class*=l4] {--chroma: 0.114;} + &[class*=l5] {--chroma: 0.142;} + &[class*=l6] {--chroma: 0.1738;} /* base */ + &[class*=l7] {--chroma: 0.06;} + } + + &[class*=info] { + --lightness: 44.87%; + --chroma: 0.2838; + --hue: 268.0; + + &[class*=l1] {--chroma: 0.055;} + &[class*=l2] {--chroma: 0.158;} + &[class*=l3] {--chroma: 0.237;} + &[class*=l4] {--chroma: 0.2838;} /* base */ + &[class*=l5] {--chroma: 0.19;} + &[class*=l6] {--chroma: 0.109;} + &[class*=l7] {--chroma: 0.04;} + } + + &[class*=alert] { + --lightness: 62.8%; + --chroma: 0.2577; + --hue: 29.23; + + &[class*=l1] {--chroma: 0.036;} + &[class*=l2] {--chroma: 0.103;} + &[class*=l3] {--chroma: 0.154;} + &[class*=l4] {--chroma: 0.195;} + &[class*=l5] {--chroma: 0.2577;} /* base */ + &[class*=l6] {--chroma: 0.133;} + &[class*=l7] {--chroma: 0.045;} + } + + &[class*=success] { + --lightness: 83%; + --chroma: 0.2607; + --hue: 138.96; + + &[class*=l1] {--chroma: 0.029;} + &[class*=l2] {--chroma: 0.083;} + &[class*=l3] {--chroma: 0.124;} + &[class*=l4] {--chroma: 0.157;} + &[class*=l5] {--chroma: 0.208;} + &[class*=l6] {--chroma: 0.2607;} /* base */ + &[class*=l7] {--chroma: 0.201;} + } + + &[class*=neutral] { + --lightness: 18.3%; + --chroma: 0.0026; + --hue: 67.66; + + &[class*=l1] {--chroma: 0.001;} + &[class*=l2] {--chroma: 0.0026;} /* base */ + &[class*=l3] {--chroma: 0.006;} + &[class*=l4] {--chroma: 0.007;} + &[class*=l5] {--chroma: 0.009;} + &[class*=l6] {--chroma: 0.011;} + &[class*=l7] {--chroma: 0.004;} + } +} diff --git a/httpdocs/js/login.js b/httpdocs/js/login.js index e69de29..8b13789 100644 --- a/httpdocs/js/login.js +++ b/httpdocs/js/login.js @@ -0,0 +1 @@ + diff --git a/types.d.ts b/types.d.ts index 0bab5de..328a687 100644 --- a/types.d.ts +++ b/types.d.ts @@ -8,11 +8,20 @@ namespace RateLimit { } } } +namespace RateLimit { + interface obj { + [key: string]: { + limitReachedOnError: boolean, + time: number + } + } +} namespace Response { interface Message { message: string; data?: string | JSON; + data?: string | JSON; } interface Error extends Response.Message { @@ -28,7 +37,18 @@ namespace File { } } +namespace File { + interface Obj { + path: string, + content?: Models.IEntries; + } +} + namespace Models { + interface IEntries { + entries: Models.IEntry[] + } + interface IEntries { entries: IEntry[] } @@ -43,16 +63,19 @@ namespace Models { * Direction in degrees between two coordinate pairs: 0°-360° */ angle?: number, + angle?: number, /** * object containing horizontal vertical and total distance, in meters */ distance: Models.IDistance, + distance: Models.IDistance, /** * object containing horizontal vertical and total speed, in km/h */ speed: Models.ISpeed, + speed: Models.ISpeed, /** * index, position of the entry point in the chain @@ -63,6 +86,7 @@ namespace Models { * Heading or Bearing as recieved from gps */ heading: number, + heading: number, /** * lat @@ -70,6 +94,7 @@ namespace Models { lat: number, + /** * lon */ @@ -90,6 +115,7 @@ namespace Models { * time object containing UNIX timestamps with milliseconds, gps creation time (as recieved via gps), server time (when the server recieved and computed it), differce to last entry (time between waypoints), upload time differnce */ time: Models.time, + time: Models.time, /** * user as recieved @@ -123,6 +149,37 @@ interface CSRFToken { expiry: number; } +interface HttpError extends Error { + status?: number; + statusCode?: number; +} + + interface ITime { + created: number, + recieved: number, + uploadDuration: number, + diff?: number + createdString: string + } + + interface ISpeed { + gps: number; + horizontal?: number, + vertical?: number, + total?: number + } + interface IDistance { + horizontal: number, + vertical: number, + total: number + } +} + +interface CSRFToken { + token: string; + expiry: number; +} + interface HttpError extends Error { status?: number; statusCode?: number;