COOKIE SESSION PROPAGATION

2023-03-27 17:26:19 +02:00 · 2023-03-27 17:26:19 +02:00 · 11d875ebf0
parent 79af5d395d
commit 11d875ebf0
8 changed files with 43 additions and 14 deletions
--- a/12345.sh
+++ b/12345.sh
@ -194,7 +194,7 @@ while true; do
        ;;

        "qrcode")
-            exec ${MY_PATH}/API/QRCODE.sh "$PORT" "$THAT" "$AND" "$THIS" "$APPNAME" "$WHAT" "$OBJ" "$VAL" "${MOATS}" &
+            exec ${MY_PATH}/API/QRCODE.sh "$PORT" "$THAT" "$AND" "$THIS" "$APPNAME" "$WHAT" "$OBJ" "$VAL" "${MOATS}" "$COOKIE" &
        ;;

        "")
--- a/API/QRCODE.sh
+++ b/API/QRCODE.sh
@ -12,11 +12,13 @@ MY_PATH="`( cd \"$MY_PATH\" && pwd )`"  # absolutized and normalized

 start=`date +%s`

-PORT=$1 THAT=$2 AND=$3 THIS=$4  APPNAME=$5 WHAT=$6 OBJ=$7 VAL=$8 MOATS=$9
+PORT=$1 THAT=$2 AND=$3 THIS=$4  APPNAME=$5 WHAT=$6 OBJ=$7 VAL=$8 MOATS=$9 COOKIE=$10
 ### transfer variables according to script
 QRCODE=$THAT
 TYPE=$WHAT

+echo "COOKIE : $COOKIE"
+
 HTTPCORS="HTTP/1.1 200 OK
 Access-Control-Allow-Origin: ${myASTROPORT}
 Access-Control-Allow-Credentials: true
@ -25,6 +27,7 @@ Server: Astroport.ONE
 Content-Type: text/html; charset=UTF-8

 "
+function urldecode() { : "${*//+/ }"; echo -e "${_//%/\\x}"; }

 ## GET TW
 mkdir -p ~/.zen/tmp/${MOATS}/
@ -63,12 +66,26 @@ fi

 ################################################################################
 ## MODE PGP ENCRYPTED QRCODE
+# http://127.0.0.1:1234/?qrcode=-----BEGIN%20PGP%20MESSAGE-----~~jA0ECQMCWZ%2BOT%2FstJiz%2B0koBBzdybjOYmFHlYSdta6YsO4VMPC%2BEL1tinYpWdIh1~q%2FIZGCu3ZXUK%2FfDmYED%2BKh0vzAJ%2ByBOjSAGaAFfigZYrAhNAPDP8jzZ14w%3D%3D~%3DN1Dz~-----END%20PGP%20MESSAGE-----~&pass=coucou
 ################################################################################
 if [[ ${QRCODE:0:5} == "-----" ]]; then
-   echo "## THIS IS A PGP ENCRYPTED QRCODE ASK FOR PASSWORD"
   echo ${QRCODE}
-   echo "${HTTPCORS}" > ~/.zen/tmp/${MOATS}/index.redirect
-    sed "s~encrypted pgp data here~${QRCODE}~g" $MY_PATH/../www/AESBox/index.htm  >> ~/.zen/tmp/${MOATS}/index.redirect
+   PASS=$(urldecode $THIS)
+   echo "## THIS IS A PGP ENCRYPTED QRCODE LOOK - PASS $PASS -"
+
+    if [[ $PASS != "" ]]; then
+        urldecode ${QRCODE} | tr '~' '\n' | tr '_' '+' > ~/.zen/tmp/${MOATS}/disco.aes
+        sed -i '$ d' ~/.zen/tmp/${MOATS}/disco.aes
+        echo ~/.zen/tmp/${MOATS}/disco.aes
+        cat ~/.zen/tmp/${MOATS}/disco.aes | gpg -d --passphrase "$PASS" --batch > ~/.zen/tmp/${MOATS}/disco
+        echo "DISCO"
+        cat ~/.zen/tmp/${MOATS}/disco
+    else
+        echo "PASS MISSING" > ~/.zen/tmp/${MOATS}/disco
+    fi
+
+    echo "${HTTPCORS}" > ~/.zen/tmp/${MOATS}/index.redirect
+    cat ~/.zen/tmp/${MOATS}/disco  >> ~/.zen/tmp/${MOATS}/index.redirect
    (
    cat ~/.zen/tmp/${MOATS}/index.redirect | nc -l -p ${PORT} -q 1 > /dev/null 2>&1
    echo "BLURP $PORT" && rm -Rf ~/.zen/tmp/${MOATS}
--- a/API/SALT.sh
+++ b/API/SALT.sh
@ -448,9 +448,12 @@ echo "" > ~/.zen/tmp/.ipfsgw.bad.twt # TODO move in 20h12.sh
            || REPLACE=${myIPFS}/ipns/${ASTRONAUTENS}

            ## SET COOKIE
+            USALT=$(echo "$SALT" | jq -Rr @uri)
+            UPEPPER=$(echo "$PEPPER" | jq -Rr @uri)
+            echo "/?salt=${USALT}&pepper=${UPEPPER}"
            sed "s~_TWLINK_~${REPLACE}~g" ~/.zen/Astroport.ONE/templates/index.302  > ~/.zen/tmp/coucou/${MOATS}.index.redirect
-            sed -i "s~_G1PUB_~${G1PUB}~g" ~/.zen/tmp/coucou/${MOATS}.index.redirect
-            sed -i "s~_ASTRONAUTENS_~${ASTRONAUTENS}~g" ~/.zen/tmp/coucou/${MOATS}.index.redirect
+            sed -i "s~_USALT_~${G1PUB}~g" ~/.zen/tmp/coucou/${MOATS}.index.redirect
+            sed -i "s~_UPEPPER_~${ASTRONAUTENS}~g" ~/.zen/tmp/coucou/${MOATS}.index.redirect
            echo "url='"${REPLACE}"'" >> ~/.zen/tmp/coucou/${MOATS}.index.redirect

            cat ~/.zen/tmp/coucou/${MOATS}.index.redirect | nc -l -p ${PORT} -q 1 > /dev/null 2>&1 &
--- a/templates/index.302
+++ b/templates/index.302
@ -3,6 +3,6 @@ Access-Control-Allow-Origin: *
 Access-Control-Allow-Credentials: true
 Access-Control-Allow-Methods: GET
 Content-Type: text/html; charset=UTF-8
-Set-Cookie: userId=_G1PUB_ ipnsId=_ASTRONAUTENS_
+Set-Cookie: /?salt=_USALT_&pepper=_UPEPPER_
 Location: _TWLINK_

--- a/templates/register.html
+++ b/templates/register.html
@ -200,6 +200,9 @@ function testLatency(cb) {
 </script>
 <script>

+    let cookies = document.cookie;
+    console.log(cookies);
+
    var timeLeft = 23;
    var elem = document.getElementById("countdown");
    var timerId = setInterval(countdown, 999);
--- a/tools/make_image_ipfs_index_carousel.sh
+++ b/tools/make_image_ipfs_index_carousel.sh
@ -21,9 +21,9 @@ if [[ ! -d $img_dir ]]; then

                # Get PLAYER wallet amount :: ~/.zen/game/players/${PLAYER}/ipfs/G1SSB/COINS
                echo "$MY_PATH/jaklis/jaklis.py -k ~/.zen/game/players/${PLAYER}/secret.dunikey balance"
-                $MY_PATH/COINScheck.sh $pub > ~/.zen/tmp/coins
-                cat ~/.zen/tmp/coins
-                COINS=$(cat ~/.zen/tmp/coins | tail -n 1)
+                $MY_PATH/COINScheck.sh $pub > ~/.zen/tmp/$PLAYER.coins
+                cat ~/.zen/tmp/$PLAYER.coins
+                COINS=$(cat ~/.zen/tmp/$PLAYER.coins | tail -n 1)
                echo "+++ ${PLAYER} have $COINS Ğ1 Coins +++"

                ## USE G1BARRE OR G1WorldMap.png AS 1ST IMAGE
--- a/www/G1PalPay/index.html
+++ b/www/G1PalPay/index.html
@ -106,7 +106,7 @@ a {
    <div id="description">
        <h1><a href="javascript:history.go(-1)">(Ğ1) <span>♥Box</span> Station</a></h1><br>
        <h2>Oubliez la crise... N'attendez pas la Retraite !</h2>
-        <h2>Essayez la Monnaie Libre. Découvrez le monde d'égale à égal.</h2>
+        <h2>Essayez la Monnaie Libre. Fabriquez un Monde Libre.</h2>
    </div>
 </div>
    <div id="showoff">
@ -208,6 +208,10 @@ a {
    </div>

    <script>
+
+    let cookies = document.cookie;
+    console.log(cookies);
+
    const el = document.getElementById('yellow');

    setTimeout(() => {
--- a/www/PasseportTerre/index.html
+++ b/www/PasseportTerre/index.html
@ -115,7 +115,7 @@

  <body>

-    <a href="javascript:FriendWithMe()"><img style="width:40% height:40% position: absolute; top: 0; right: 0; border: 0;" src="http://127.0.0.1:8080/ipfs/QmYdWBx32dP14XcbXF7hhtDq7Uu6jFmDaRnuL5t7ARPYkW/l0g0.png" alt="BAck in Le Claude"></a>
+    <a href="javascript:FriendWithMe()"><img title="Connect with Me" style="width:40% height:40% position: absolute; top: 0; right: 0; border: 0;" src="http://127.0.0.1:8080/ipfs/QmYdWBx32dP14XcbXF7hhtDq7Uu6jFmDaRnuL5t7ARPYkW/l0g0.png" alt="BAck in Le Claude"></a>
    <div id="countdown"></div>
    <div class="subtitle">A Friendly Planet of Friends</div>

@ -134,7 +134,9 @@
    function FriendWithMe() {
        let cookies = document.cookie;
        console.log(cookies);
-        let resultUt = 'http://astroport.localhost:1234' + cookies + '&friend=_G1PUB_';
+        let salt = prompt("Secret 1");
+        let pepper = prompt("Secret 2");
+        let resultUt = 'http://astroport.localhost:1234/?salt=' + salt + 'pepper=' + pepper + '&friend=_G1PUB_';
        console.log(resultUt)
        homeAstroportStation( resultUt,'aframe', 4000)
    }