423 lines
18 KiB
JavaScript
423 lines
18 KiB
JavaScript
app.use("/", express.static(path.join(rootDir, "/Web"), {
|
|
extensions: ["html"]
|
|
}))
|
|
|
|
app.use("/home", express.static(path.join(rootDir, "/Web/LandingPage")))
|
|
|
|
app.get("/", async (req, res) => {
|
|
res.redirect("/home")
|
|
})
|
|
|
|
app.get("/home", async (req, res) => {
|
|
res.sendFile(path.join(rootDir, "..", "Web", "LandingPage/index.html"))
|
|
})
|
|
|
|
app.use("/pushNewCharacter.lvorex", express.json())
|
|
app.post("/pushNewCharacter.lvorex", async (req, res) => {
|
|
if (req.socket.remoteAddress !== res.socket.remoteAddress) {
|
|
res.json({ code: 401, message: "Not authorized." })
|
|
return
|
|
}
|
|
|
|
const postBody = req.body
|
|
|
|
// Peak Players Configuration
|
|
let AllPlayers = exports["mAdmin"].GetAllPlayers()
|
|
if (AllPlayers && PeakPlayerCount < AllPlayers.length) {
|
|
PeakPlayerCount = AllPlayers.length
|
|
}
|
|
// Peak Players Configuration
|
|
|
|
const PlayerAvatar = await getPlayerDiscordProfile(postBody.discord)
|
|
DiscordProfilesCache.push({ uid: postBody.uid, avatar: PlayerAvatar })
|
|
const PlayerCache = CharactersCache.find(p => p[config.Framework.includes("qb") ? "citizenid" : "identifier"] === postBody.uid)
|
|
if (PlayerCache) {
|
|
PlayerCache.playerAvatar = PlayerAvatar
|
|
}
|
|
|
|
let result = await query(`SELECT * FROM \`madmin_characters\` WHERE \`identifier\` = '${postBody.identifier}'`)
|
|
if (result === false) return res.json({ code: 404, message: "SQL Error appeared." })
|
|
if (result.length > 0) {
|
|
result = await query(`UPDATE \`madmin_characters\` SET \`discord\` = '${postBody.discord}', \`steam\` = '${postBody.steam}', \`license\` = '${postBody.license}', \`discord_avatar\` = '${PlayerAvatar}' WHERE \`identifier\` = '${postBody.identifier}'`)
|
|
if (result === false) return res.json({ code: 404, message: "SQL Error appeared." })
|
|
res.json({ code: 200, message: "Character already in. Updated." })
|
|
return
|
|
}
|
|
|
|
result = await query(`INSERT INTO \`madmin_characters\` (\`name\`, \`identifier\`, \`discord\`, \`steam\`, \`license\`, \`discord_avatar\`) VALUES ('${postBody.name}', '${postBody.identifier}', '${postBody.discord}', '${postBody.steam}', '${postBody.license}', '${PlayerAvatar}')`)
|
|
if (result === false) return res.json({ code: 404, message: "SQL Error appeared." })
|
|
|
|
res.json({ code: 200, message: "Character successfully imported." })
|
|
})
|
|
|
|
app.post("/checkLocalhost.lvorex", async (req, res) => {
|
|
const requestedIp = req.socket.remoteAddress
|
|
|
|
if (
|
|
requestedIp !== req.socket.remoteAddress
|
|
) return res.json({
|
|
code: 404,
|
|
message: "Not authorized."
|
|
})
|
|
|
|
res.json({
|
|
code: 200,
|
|
message: "Authorized."
|
|
})
|
|
})
|
|
|
|
app.get("/checkIpFromDatabase.lvorex", async (req, res) => {
|
|
let result = await query(`SELECT * FROM \`madmin_accounts\` WHERE \`ip\` = '${sha1(req.socket.remoteAddress)}'`)
|
|
if (result === false) return res.json({ code: 404, message: "SQL Error appeared. Please check console." })
|
|
if (result.length === 0) return res.json({ code: 404, message: "IP Address is not authorized." })
|
|
|
|
res.json({
|
|
code: 200,
|
|
message: JSON.stringify(result[0])
|
|
})
|
|
})
|
|
|
|
app.use("/controlKeyWithServer.lvorex", express.json())
|
|
app.post("/controlKeyWithServer.lvorex", async (req, res) => {
|
|
const postBody = req.body
|
|
|
|
let keyCredits = await controlKey(req, postBody.key)
|
|
let keyFound = keyCredits.keyFound
|
|
let userKey = keyCredits.userKey
|
|
|
|
if (keyFound === false) return res.json({ code: 404, message: "Not authorized." })
|
|
|
|
let result = await query(`SELECT * FROM \`madmin_accounts\` WHERE \`id\` = ${userKey.userId}`)
|
|
if (result === false) return res.json({ code: 404, message: "SQL Error Appeared." })
|
|
if (result.length === 0) return res.json({ code: 404, message: "Not authorized." })
|
|
|
|
result[0].permissions = await getAllPermissions(result[0].rank)
|
|
|
|
res.json({ code: 200, message: JSON.stringify(result[0]) })
|
|
})
|
|
|
|
app.use("/controlUserVIPStatus.lvorex", express.json())
|
|
app.post("/controlUserVIPStatus.lvorex", async (req, res) => {
|
|
const postBody = req.body
|
|
const keyCredits = await controlKey(req, postBody.key)
|
|
const { keyFound } = keyCredits
|
|
if (keyFound === false) {
|
|
res.json({ code: 404, message: "Not authorized." })
|
|
return
|
|
}
|
|
|
|
let result = await query(`SELECT * FROM \`madmin_vips\` WHERE \`uid\` = '${postBody.uid}'`)
|
|
if (result === false) return res.json({ code: 404, message: "SQL Error Appeared." })
|
|
if (result.length === 0) return res.json({ code: 404, message: "No have." })
|
|
|
|
res.json({ code: 200, message: "VIP Granted." })
|
|
})
|
|
|
|
app.use("/changeUserVIPStatus.lvorex", express.json())
|
|
app.post("/changeUserVIPStatus.lvorex", async (req, res) => {
|
|
const postBody = req.body
|
|
const { keyFound, userKey } = await controlKey(req, postBody.key)
|
|
|
|
if (keyFound === false) return res.json({ code: 404, message: "Not authorized." })
|
|
const PermissionCheck = await checkPermission(userKey.rank, "Players", 5)
|
|
if (!PermissionCheck) return res.json({ code: 401, message: "Your rank is not enough." })
|
|
|
|
let result = await query(`SELECT * FROM \`madmin_vips\` WHERE \`uid\` = '${postBody.uid}'`)
|
|
if (result === false) return res.json({ code: 404, message: "SQL Error Appeared." })
|
|
if (result.length === 0) {
|
|
result = await query(`INSERT INTO \`madmin_vips\` (\`uid\`) VALUES ('${postBody.uid}')`)
|
|
if (result === false) return res.json({ code: 404, message: "SQL Error Appeared." })
|
|
res.json({ code: 200, message: "VIP Granted." })
|
|
} else {
|
|
result = await query(`DELETE FROM \`madmin_vips\` WHERE \`id\` = '${result[0].id}'`)
|
|
if (result === false) return res.json({ code: 404, message: "SQL Error Appeared." })
|
|
res.json({ code: 200, message: "VIP Removed." })
|
|
}
|
|
})
|
|
|
|
app.get("/machineCPUMemInfo.lvorex", async (req, res) => {
|
|
let cpuUsage = await ose.cpu.usage()
|
|
let totalMem = parseInt(os.totalmem() / 1048576 / 1024)
|
|
let freeMem = parseInt(os.freemem() / 1048576 / 1024)
|
|
const memUsage = freeMem / totalMem * 100
|
|
|
|
res.json({
|
|
cpuSpeed: os.cpus()[0].speed,
|
|
cpuCount: os.cpus().length / 2,
|
|
totalMem: totalMem,
|
|
freeMem: freeMem,
|
|
|
|
memUsage: parseInt(memUsage),
|
|
cpuUsage: parseInt(cpuUsage),
|
|
})
|
|
})
|
|
|
|
app.use("/changeJob.lvorex", express.json())
|
|
app.post("/changeJob.lvorex", async (req, res) => {
|
|
const postBody = req.body
|
|
const { keyFound } = await controlKey(req, postBody.key)
|
|
|
|
if (keyFound === false) return res.json({ code: 404, message: "Not authorized." })
|
|
postBody.job = postBody.job.replace(/\s/g, '')
|
|
|
|
if (postBody.playerId !== null) {
|
|
let qPlayer = config.Framework.includes("qb") ? FrameworkObject.Functions.GetPlayer(postBody.playerId) : FrameworkObject.GetPlayerFromId(postBody.playerId)
|
|
let changed = false
|
|
if (config.Framework.includes("qb")) {
|
|
changed = qPlayer.Functions.SetJob(String(postBody.job), Number(postBody.grade))
|
|
} else if (config.Framework.includes("esx")) {
|
|
changed = qPlayer.setJob(String(postBody.job), Number(postBody.grade))
|
|
}
|
|
qPlayer = config.Framework.includes("qb") ? FrameworkObject.Functions.GetPlayer(postBody.playerId) : FrameworkObject.GetPlayerFromId(postBody.playerId)
|
|
if (changed === false) {
|
|
res.json({ code: 404, message: "Can't change players job." })
|
|
} else {
|
|
res.json({ code: 200, message: config.Framework.includes("qb") ? qPlayer.PlayerData.job : {
|
|
label: qPlayer.job.label,
|
|
grade: {
|
|
name: qPlayer.job.grade_label
|
|
}
|
|
} })
|
|
}
|
|
} else {
|
|
if (config.Framework.includes("qb")) {
|
|
const jobCredentials = FrameworkObject.Shared.Jobs[postBody.job]
|
|
const jobGradeCredentials = jobCredentials.grades[String(postBody.grade)]
|
|
|
|
if (!jobCredentials || !jobGradeCredentials) return res.json({ code: 404, message: "Job not found." })
|
|
|
|
const JobLabel = jobCredentials.label
|
|
const JobGradeName = jobGradeCredentials.name
|
|
const isboss = jobGradeCredentials.isboss ? true : false
|
|
const payment = jobGradeCredentials.payment
|
|
const type = jobGradeCredentials.type
|
|
|
|
const newJob = {
|
|
type,
|
|
payment,
|
|
name: postBody.job,
|
|
isboss,
|
|
grade: {
|
|
level: Number(postBody.grade),
|
|
name: JobGradeName
|
|
},
|
|
onduty: true,
|
|
label: JobLabel
|
|
}
|
|
|
|
let result = await query(`UPDATE \`players\` SET \`job\` = '${JSON.stringify(newJob)}' WHERE \`citizenid\` = '${postBody.uid}'`)
|
|
if (result === false) return res.json({ code: 404, message: "SQL Error Appeared." })
|
|
|
|
res.json({ code: 200, message: newJob })
|
|
} else if (config.Framework.includes("esx")) {
|
|
let result = await query(`SELECT * FROM \`jobs\` WHERE \`name\` = '${postBody.job}'`)
|
|
if (result === false) return res.json({ code: 404, message: "SQL Error Appeared." })
|
|
if (result.length === 0) return res.json({ code: 404, message: "Job not found." })
|
|
result = result [0]
|
|
|
|
const { label: JobLabel } = result
|
|
|
|
result = await query(`SELECT * FROM \`job_grades\` WHERE \`job_name\` = '${postBody.job}' AND \`grade\` = ${Number(postBody.grade)}`)
|
|
if (result === false) return res.json({ code: 404, message: "SQL Error Appeared." })
|
|
if (result.length === 0) return res.json({ code: 404, message: "Job not found." })
|
|
result = result [0]
|
|
|
|
const { label: GradeLabel } = result
|
|
|
|
result = await query(`UPDATE \`users\` SET \`job\` = '${postBody.job}', \`job_grade\` = '${postBody.grade}' WHERE \`identifier\` = '${postBody.uid}'`)
|
|
if (result === false) return res.json({ code: 404, message: "SQL Error Appeared." })
|
|
|
|
res.json({ code: 200, message: {
|
|
label: JobLabel,
|
|
grade: {
|
|
name: GradeLabel
|
|
}
|
|
} })
|
|
}
|
|
}
|
|
})
|
|
|
|
app.use("/changeGang.lvorex", express.json())
|
|
app.post("/changeGang.lvorex", async (req, res) => {
|
|
const postBody = req.body
|
|
const { keyFound } = await controlKey(req, postBody.key)
|
|
|
|
if (keyFound === false) return res.json({ code: 404, message: "Not authorized." })
|
|
postBody.gang = postBody.gang.replace(/\s/g, '')
|
|
|
|
if (!config.Framework.includes("qb")) return res.json({ code: 404, message: "Gangs not allowed in ESX Framework." })
|
|
if (postBody.playerId === null) {
|
|
const gangCredentials = FrameworkObject.Shared.Gangs[postBody.gang]
|
|
if (!gangCredentials) return res.json({ code: 404, message: "Faction not found." })
|
|
const gangGradeCredentials = FrameworkObject.Shared.Gangs[postBody.gang].grades[String(postBody.grade)]
|
|
if (!gangGradeCredentials) return res.json({ code: 404, message: "Faction not found." })
|
|
|
|
const [
|
|
isboss,
|
|
gradeName,
|
|
label
|
|
] = [
|
|
gangGradeCredentials.isboss ? true : false,
|
|
gangGradeCredentials.name,
|
|
gangCredentials.label
|
|
]
|
|
|
|
const newGang = {
|
|
isboss,
|
|
name: postBody.gang,
|
|
grade: {
|
|
level: Number(postBody.grade),
|
|
name: gradeName
|
|
},
|
|
label
|
|
}
|
|
|
|
let result = await query(`UPDATE \`players\` SET \`gang\` = '${JSON.stringify(newGang)}' WHERE \`citizenid\` = '${postBody.uid}'`)
|
|
if (result === false) return res.json({ code: 404, message: "SQL Error Appeared." })
|
|
|
|
res.json({ code: 200, message: newGang })
|
|
} else {
|
|
let qPlayer = FrameworkObject.Functions.GetPlayer(Number(postBody.playerId))
|
|
if (qPlayer) {
|
|
let changed = qPlayer.Functions.SetGang(String(postBody.gang), Number(postBody.grade))
|
|
qPlayer = FrameworkObject.Functions.GetPlayer(Number(postBody.playerId))
|
|
res.json({ code: changed ? 200 : 404, message: changed ? qPlayer.PlayerData.gang : "Can't change players gang." })
|
|
} else return res.json({ code: 404, message: "Can't find player." })
|
|
}
|
|
})
|
|
|
|
app.use("/toggleOnlineTimer.lvorex", express.json())
|
|
app.post("/toggleOnlineTimer.lvorex", async (req, res) => {
|
|
if (req.socket.remoteAddress !== res.socket.remoteAddress) return res.json({ code: 404, message: "Not authorized." })
|
|
const postBody = req.body
|
|
|
|
const player = onlinePlayers.findIndex(w => w.uid === postBody.uid)
|
|
if (player !== -1) {
|
|
const totalOnline = Date.now() - onlinePlayers[player].onlineStart
|
|
onlinePlayers.splice(player, 1)
|
|
let result = await query(`SELECT * FROM \`madmin_characters\` WHERE \`identifier\` = '${postBody.uid}'`)
|
|
if (result === false) return res.json({ code: 404, message: "SQL Error Appeared." })
|
|
if (result.length === 0) return res.json({ code: 404, message: "Character not found." })
|
|
result = result [0]
|
|
const toInsertOnline = totalOnline + Number(result.online_time)
|
|
|
|
result = await query(`UPDATE \`madmin_characters\` SET \`online_time\` = '${toInsertOnline}' WHERE \`identifier\` = '${postBody.uid}'`)
|
|
if (result === false) return res.json({ code: 404, message: "SQL Error Appeared." })
|
|
} else {
|
|
onlinePlayers.push({
|
|
uid: postBody.uid,
|
|
onlineStart: Date.now()
|
|
})
|
|
}
|
|
|
|
res.json({ code: 200, message: "Timer toggled." })
|
|
})
|
|
|
|
app.use("/getSpecificLog.lvorex", express.json())
|
|
app.post("/getSpecificLog.lvorex", async (req, res) => {
|
|
const postBody = req.body
|
|
const { keyFound } = await controlKey(req, postBody.key)
|
|
|
|
if (keyFound === false) return res.json({ code: 404, message: "Not authorized." })
|
|
|
|
let result = await query(`SELECT * FROM \`madmin_logs\` WHERE \`type\` = '${postBody.type}' AND \`player_uid\` = '${postBody.uid}'`)
|
|
if (result === false) return res.json({ code: 404, message: "SQL Error Appeared." })
|
|
if (result.length === 0) return res.json({ code: 404, message: "Player not found." })
|
|
|
|
res.json({ code: 200, message: result })
|
|
})
|
|
|
|
app.use("/sendConsoleCommand.lvorex", express.json())
|
|
app.post("/sendConsoleCommand.lvorex", async (req, res) => {
|
|
const postBody = req.body
|
|
const { keyFound, userKey } = await controlKey(req, postBody.key)
|
|
|
|
if (keyFound === false) return res.json({ code: 404, message: "Not authorized." })
|
|
const PermissionCheck = await checkPermission(userKey.rank, "Dashboard", 5)
|
|
if (!PermissionCheck) return res.json({ code: 401, message: "Your rank is not enough." })
|
|
|
|
ExecuteCommand(postBody.command)
|
|
res.json({ code: 200, message: "Executed." })
|
|
})
|
|
|
|
app.use("/sendConsoleCommandLiveConsole.lvorex", express.json())
|
|
app.post("/sendConsoleCommandLiveConsole.lvorex", async (req, res) => {
|
|
const postBody = req.body
|
|
const { keyFound, userKey } = await controlKey(req, postBody.key)
|
|
|
|
if (keyFound === false) return res.json({ code: 404, message: "Not authorized." })
|
|
const PermissionCheck = await checkPermission(userKey.rank, "LiveConsole", 0)
|
|
if (!PermissionCheck) return res.json({ code: 401, message: "Your rank is not enough." })
|
|
|
|
ExecuteCommand(postBody.command)
|
|
res.json({ code: 200, message: "Executed." })
|
|
})
|
|
|
|
app.use("/sendAnnouncement.lvorex", express.json())
|
|
app.post("/sendAnnouncement.lvorex", async (req, res) => {
|
|
const postBody = req.body
|
|
const { keyFound, userKey } = await controlKey(req, postBody.key)
|
|
|
|
if (keyFound === false) return res.json({ code: 404, message: "Not authorized." })
|
|
const PermissionCheck = await checkPermission(userKey.rank, "Dashboard", 3)
|
|
if (!PermissionCheck) return res.json({ code: 401, message: "Your rank is not enough." })
|
|
|
|
if (keyFound === false) return res.json({ code: 404, message: "Not authorized." })
|
|
|
|
emit("mAdmin:makeAnnouncement", postBody.message)
|
|
res.json({ code: 200, message: "Sent." })
|
|
})
|
|
|
|
app.use("/kickAllPlayers.lvorex", express.json())
|
|
app.post("/kickAllPlayers.lvorex", async (req, res) => {
|
|
const postBody = req.body
|
|
const { keyFound, userKey } = await controlKey(req, postBody.key)
|
|
|
|
if (keyFound === false) return res.json({ code: 404, message: "Not authorized." })
|
|
const PermissionCheck = await checkPermission(userKey.rank, "Dashboard", 4)
|
|
if (!PermissionCheck) return res.json({ code: 401, message: "Your rank is not enough." })
|
|
|
|
emit("mAdmin:kickAllPlayers")
|
|
res.json({ code: 200, message: "Kicked." })
|
|
})
|
|
|
|
app.use("/sqlquery.lvorex", express.json())
|
|
app.post("/sqlquery.lvorex", async (req, res) => {
|
|
const postBody = req.body
|
|
if (req.socket.remoteAddress !== res.socket.remoteAddress) return res.json({ code: 404, message: "Not Authorized." })
|
|
|
|
if (SQLKeys[postBody.SQLKeyIndex].key === postBody.SQLKey) {
|
|
SQLKeys[postBody.SQLKeyIndex] = undefined
|
|
let result = await query(`${postBody.query}`)
|
|
if (result === false) return res.json({ code: 404, message: "SQL Error Appeared." })
|
|
res.json({ code: 200, message: "Query executed." })
|
|
} else return res.json({ code: 404, message: "Not authorized." })
|
|
})
|
|
|
|
app.use("/resetSqlKey.lvorex", express.json())
|
|
app.post("/resetSqlKey.lvorex", async (req, res) => {
|
|
const postBody = req.body
|
|
if (req.socket.remoteAddress !== res.socket.remoteAddress) return res.json({ code: 404, message: "Not Authorized." })
|
|
|
|
SQLKeys[postBody.SQLKeyIndex] = undefined
|
|
res.json({ code: 200, message: "Resetted." })
|
|
})
|
|
|
|
app.use("/getMAdminVersion.lvorex", express.json())
|
|
app.post("/getMAdminVersion.lvorex", async (req, res) => {
|
|
const postBody = req.body
|
|
const { keyFound, userKey } = await controlKey(req, postBody.key)
|
|
|
|
if (keyFound === false) return res.json({ code: 404, message: "Not authorized." })
|
|
const PermissionCheck = await checkPermission(userKey.rank, "Dashboard", 1)
|
|
if (!PermissionCheck) return res.json({ code: 401, message: "Your rank is not enough." })
|
|
|
|
res.json({ code: 200, message: VersionData })
|
|
})
|
|
|
|
app.use("/getBotClientId.lvorex", express.json())
|
|
app.post("/getBotClientId.lvorex", async (req, res) => {
|
|
res.json({ code: 200, message: config.clientId })
|
|
})
|
|
|
|
console.log(`^3API Hosting on ${GetConvar("mAdminPort", "40130")} Port.^7`) |