fixing .gitignore

payatu · Jan 20, 2022 · a63f93b · a63f93b
1 parent a22f65f
commit a63f93b
Show file tree

Hide file tree

Showing 43 changed files with 10,714 additions and 0 deletions.
diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1 @@
+node_modules
diff --git a/.env b/.env
@@ -0,0 +1,5 @@
+DB_PORT=3306
+DB_NAME=vuln_nodejs_app
+DB_USER=vuln_nodejs_user
+DB_PASS=passw0rd
+HOST_PORT=9000
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,4 @@
+.vscode
+.eslintrc.json
+.eslintrc.js
+node_modules/
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,8 @@
+FROM node:16
+WORKDIR /usr/code
+COPY package*.json ./
+RUN npm install
+RUN npm install nodemon -g
+COPY . .
+EXPOSE 9000
+CMD ["node", "server.js"]
diff --git a/README.md b/README.md
@@ -0,0 +1,57 @@
+# Vulnerable NodeJS Application
+<br>
+<a href="https://github.com/tauh33dkhan/vuln-nodejs-app/blob/master/vuln-nodejs-app.png?raw=true"><img src="https://github.com/tauh33dkhan/vuln-nodejs-app/blob/master/vuln-nodejs-app.png?raw=true" alt="vuln-nodejs-app" border="0">
+<br>
+</a>
+
+## Installation
+
+1. Download
+
+```bash
+git clone https://github.com/tauh33dkhan/vuln-nodejs-app.git
+cd ./vuln-nodejs-app
+```
+
+2. Create **mysql** database.
+
+```bash
+$ mysql -u root -p
+
+mysql> create database vuln_nodejs_app;
+
+```
+
+3. Update your mysql username and password inside **env.js** file.
+
+```html
+module.exports = {
+  listen: "0.0.0.0",
+  port:	  "9000",
+  mySQLHost: "0.0.0.0",
+  mySQLPort: "3306",
+  mySQLUser: "root",
+  mySQLDB: "vuln_nodejs_app",
+  mySQLPass: "<your-password>"
+}
+```
+
+4. Install the dependencies.
+
+```bash
+npm install
+```
+
+5. Start the server
+
+```bash
+node server.js
+```
+
+## TODO:
+
+* Dockerize the application.
+* Add more vulnerabilites.
+* Use database to store user information.
+* Support both mysql and postgresql server for local installation.
+
diff --git a/assets/css/bootstrap.min.css b/assets/css/bootstrap.min.css
diff --git a/assets/js/bootstrap.min.js b/assets/js/bootstrap.min.js
diff --git a/assets/js/jquery-3.3.1.slim.min.js b/assets/js/jquery-3.3.1.slim.min.js
diff --git a/assets/js/popper.min.js b/assets/js/popper.min.js
diff --git a/assets/js/run_prettify.js b/assets/js/run_prettify.js
diff --git a/controllers/auth_controller.js b/controllers/auth_controller.js
@@ -0,0 +1,98 @@
+const jwt = require('jsonwebtoken');
+const secret = "secret";
+const md5 = require('md5');
+const crypto = require('crypto')
+const { Users, Org } = require('../models/db')
+const emailvalidator = require("email-validator");
+
+function generateAccessToken(username) {
+    const payload = { "username": username};
+    return jwt.sign(payload, secret);
+}
+
+function authenticateToken(req, res, next) {
+    const token = req.cookies.authToken;
+    if (token == null)
+        return res.redirect('/login')
+
+    jwt.verify(token, secret, (err, user) => {
+        if (err) return res.sendStatus(403)
+        Users.findOne({attributes: ['username', 'email', 'orgname', 'apiToken'], where: { username: user.username } })
+        .then((queryResult) => {
+            if (queryResult == null){
+                res.clearCookie('authToken', '')
+                res.redirect('/login');
+            } else {
+                req.user = queryResult
+                next()
+            }
+        }) 
+    })
+}
+
+const register_get = (req, res) => {
+    res.render('register.ejs');
+}
+
+const register_post = (req, res) => {
+    const username = req.body.username;
+    const email = req.body.email;
+    const password = req.body.password;
+    if(!emailvalidator.validate(email)){res.send(res.status(400).send("Invalid email"))}
+    Users.findAll({ where: { username: username } })
+        .then((count) => {
+            if (count.length != 0) {
+                res.status(403).send("User already registerd!")
+            } else {  
+                if (username !== '' & password !== '' & email !== '') {
+                    const apiToken = crypto.randomBytes(20).toString('hex');
+                    Users.create({ username: username, email: email, password: md5(password), orgname:'', apiToken: apiToken });
+                    Org.create({orgname:'', owner:username})
+                    const token = generateAccessToken(username, email);
+                    res.cookie('authToken', token);
+                    res.send(token);
+                } else {
+                    res.status(400).send("username/password/email can not be null");
+                }
+            }
+        })
+}
+
+const logout_get = (req, res) => {
+    res.clearCookie('authToken', '')
+    res.redirect('/login');
+}
+
+const login_get = (req, res) => {
+    res.render("login");
+}
+
+const login_post = (req, res) => {
+    const username = req.body.username;
+    const password = req.body.password;
+    if (username !== '' & password !== '') {
+        Users.findOne({ where: { username: username, password: md5(password) } })
+            .then(user => {
+                if (user) {
+                    const token = generateAccessToken(username, user.email);
+                    res.cookie('authToken', token);
+                    res.send(token);
+                }
+                else {
+
+                    res.status(403).send("Invalid username/password.");
+                }
+            })
+    } else {
+        res.status(400).send();
+    }
+}
+
+module.exports = {
+    register_get,
+    register_post,
+    authenticateToken,
+    logout_get,
+    login_get,
+    login_post
+}