-
Notifications
You must be signed in to change notification settings - Fork 0
done #35
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
toaru005
wants to merge
17
commits into
kyarasu/be-15-docker
Choose a base branch
from
toaru-blockchain
base: kyarasu/be-15-docker
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
done #35
Changes from 1 commit
Commits
Show all changes
17 commits
Select commit
Hold shift + click to select a range
b2878fd
Home
i-nayu 29995e1
ルーム作成画面
i-nayu 36504a9
Merge branch 'is0762ix/fe-7-home' into Edit
i-nayu 55f8252
done
toaru005 8a20a1c
done
toaru005 20188c9
done
toaru005 a0fe456
Merge pull request #36 from kc3hack/toaru-connect/Ver1
toaru005 69557c2
Done
i-nayu 103629a
Done
i-nayu c371efa
Update icon.png
RiST-Maomao c985b51
Done
i-nayu 042b6af
Update icon.png
RiST-Maomao 4bf38ce
Merge branch 'toaru-blockchain' of https://github.com/kc3hack/2026_te…
i-nayu 3f93a28
Done
toaru005 363da88
Merge pull request #37 from kc3hack/toaru-connect/Ver2
toaru005 b000859
done
toaru005 fec6bba
Merge pull request #38 from kc3hack/toaru-done
toaru005 File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,54 @@ | ||
| import express from 'express'; | ||
| import DBPerf from '../Tools/DBPerf.js'; | ||
| import VCM from '../Tools/VCM.js'; | ||
|
|
||
| const router = express.Router(); | ||
|
|
||
| router.use(express.json()); | ||
|
|
||
| router.post('/' , VCM('LOGIN_TOKEN', process.env.LOGIN_SECRET), async (req, res) => { | ||
| console.log('/JoinRoom-API is running'); | ||
|
|
||
| try { | ||
| const userId = req.auth.userId; | ||
| const inputRoomName = req.body?.roomName; | ||
| const roomName = typeof inputRoomName === 'string' ? inputRoomName.trim() : ''; | ||
|
|
||
| if (!roomName) { | ||
| return res.status(400).json({ message: 'Bad Request: roomNameが不足しています' }); | ||
| } | ||
|
|
||
| const roomExists = await DBPerf( | ||
| 'Check Room Exists', | ||
| 'SELECT RoomName FROM RoomDetails WHERE RoomName = ?', | ||
| [roomName] | ||
| ); | ||
|
|
||
| if (roomExists.length === 0) { | ||
| return res.status(404).json({ message: 'Not Found: 指定されたルームは存在しません' }); | ||
| } | ||
|
|
||
| const alreadyJoined = await DBPerf( | ||
| 'Check Already Joined', | ||
| 'SELECT 1 FROM Rooms WHERE UserID = ? AND RoomName = ?', | ||
| [userId, roomName] | ||
| ); | ||
|
|
||
| if (alreadyJoined.length > 0) { | ||
| return res.status(409).json({ message: 'Conflict: 既にこのルームに所属しています' }); | ||
| } | ||
|
|
||
| await DBPerf( | ||
| 'Insert Room Member', | ||
| 'INSERT INTO Rooms (UserID, RoomName) VALUES (?, ?)', | ||
| [userId, roomName] | ||
| ); | ||
|
|
||
| return res.status(201).json({ message: 'ルーム参加が完了しました' }); | ||
| } catch (err) { | ||
| console.error('JoinRoom-API Error:', err); | ||
| return res.status(500).json({ message: 'Internal Server Error' }); | ||
| } | ||
| }); | ||
|
|
||
| export default router; |
66 changes: 40 additions & 26 deletions
66
Backend/Workspace/tmp/NFC.js → Backend/Workspace/Routes/NFC.js
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,75 +1,89 @@ | ||
| const express = require('express'); | ||
| const path = require('path'); | ||
| const dotenv = require('dotenv').config(); | ||
| const DBPerf = require('../Tools/DBPerf'); | ||
| const argon2 = require('argon2'); | ||
| import express from 'express'; | ||
| import path from 'path'; // ※現在のコードでは使用されていないようですが残しています | ||
| import dotenv from 'dotenv'; | ||
| import DBPerf from '../Tools/DBPerf.js'; // ESMでは自作モジュールに拡張子(.js)が必須です | ||
| import argon2 from 'argon2'; | ||
|
|
||
| dotenv.config(); | ||
|
|
||
| const router = express.Router(); | ||
|
|
||
| let latestcardUid = null; // 最新のカードUIDを保存する変数 | ||
| let latestcardEncryptedPassword = null; // 最新のカードの暗号化されたパスワードを保存する変数 | ||
| let latestcardTime = null; // 最新のカード検知時間を保存する変数 | ||
|
|
||
| // NFCカードの紐づけエンドポイント | ||
| router.post('/NFC/Submit', async(req, res) => { | ||
| try{ | ||
| const {userID, password} = req.body | ||
| const nfcRead = false; // NFCカードが読み取られたかのフラグ(実際にはNFCStateなどで管理する) | ||
| router.post('/Submit', async (req, res) => { | ||
| // 0. 処理開始ログ | ||
| console.log("/NFC/Submit-API is running!"); | ||
| try { | ||
| const { userID, userId, password } = req.body; | ||
| const normalizedUserID = userID ?? userId; | ||
| // 【修正】後で true を代入するため、const ではなく let に変更しました | ||
| let nfcRead = false; | ||
|
|
||
| if(!latestcardTime || Date.now() - latestcardTime > 10000){ | ||
| if (!latestcardTime || Date.now() - latestcardTime > 10000) { | ||
| return res.status(400).send("カードをもう一度かざしてください"); | ||
| } | ||
|
|
||
| // ユーザーIDとパスワードが送られてきているかの確認 | ||
| if(!userID || !password){ | ||
| if (!normalizedUserID || !password) { | ||
| console.log("ユーザーIDまたはパスワードが送られてきていません!"); | ||
| return res.status(400).send({ message: 'User ID and password are required' }); | ||
| } | ||
|
|
||
| // カードUIDが送られてきているかの確認 | ||
| if(!latestcardUid){ | ||
| if (!latestcardUid) { | ||
| console.log("カードのUIDが送られてきていません!"); | ||
| return res.status(400).send({ message: 'Card UID is required' }); | ||
| } | ||
|
|
||
| // カードが既に紐づけられていないかの確認 | ||
| const exitUid = await DBPerf("カードが既に紐づけられていないかの確認","SELECT * FROM NFC WHERE UID = ?",[latestcardUid]) | ||
| if(exitUid.length != 0){ | ||
| const exitUid = await DBPerf("カードが既に紐づけられていないかの確認", "SELECT * FROM NFC WHERE UID = ?", [latestcardUid]); | ||
| if (exitUid.length != 0) { | ||
| console.log("このカードは既に紐づけられています!"); | ||
| return res.status(400).send({ message: 'This card is already linked to an account' }); | ||
| } | ||
|
|
||
| // ユーザーIDが存在するかの確認とパスワードの照合 | ||
| const userInfor = await DBPerf("存在するアカウントかの確認","SELECT userID, password FROM users WHERE userID = ?",[userID]) | ||
| const userInfor = await DBPerf("存在するアカウントかの確認", "SELECT UserID, Password FROM Identify WHERE UserID = ?", [normalizedUserID]); | ||
|
|
||
| // ユーザーIDが存在しない場合はダミーパスワードと照合して常に失敗させる(セキュリティ対策) | ||
| const comparePassword = userInfor.length == 0 ? process.env.DUMMY_PASSWORD : userInfor[0].password; | ||
| if (await argon2.verify(comparePassword, password + process.env.PEPPER)){ | ||
| const comparePassword = userInfor.length == 0 ? process.env.DUMMY_PASSWORD : userInfor[0].Password; | ||
|
|
||
| if (await argon2.verify(comparePassword, password + process.env.PEPPER)) { | ||
| // アカウントとNFCカードの紐づけ | ||
| await DBPerf("アカウントとNFCカードの紐づけ","INSERT INTO NFC (UID, userID) VALUES (?, ?)",[latestcardUid, userID]) | ||
| console.log(`カードUID: ${latestcardUid} とユーザーID: ${userID} を紐づけました!`); | ||
| await DBPerf("アカウントとNFCカードの紐づけ", "INSERT INTO NFC (UID, UserID) VALUES (?, ?)", [latestcardUid, normalizedUserID]); | ||
| console.log(`カードUID: ${latestcardUid} とユーザーID: ${normalizedUserID} を紐づけました!`); | ||
| latestcardUid = null; | ||
| latestcardTime = null; | ||
| nfcRead = true; | ||
| res.json({nfcRead: nfcRead}); | ||
| } | ||
| else{ | ||
| res.json({ nfcRead: nfcRead }); | ||
| } else { | ||
| console.log("パスワードが間違っています!"); | ||
| return res.status(401).send({ message: 'Invalid password' }); | ||
| } | ||
| }catch(err){ | ||
| } catch (err) { | ||
| console.error("NFCカードの紐づけに失敗しました!", err); | ||
| return res.status(500).send({ message: 'Failed to link NFC card' }); | ||
| } | ||
| }); | ||
|
|
||
| // PythonからカードUIDを受け取るエンドポイント | ||
| router.post('/NFC', (req, res) => { | ||
| router.post('/', (req, res) => { | ||
| latestcardUid = req.body.uid; // Pythonから送られてきたUID | ||
| latestcardEncryptedPassword = req.body.encrypted_password; // Pythonから送られてきた暗号化されたパスワードオブジェクト | ||
| latestcardTime = Date.now(); // カードが検知された時間を保存 | ||
| console.log(`カードを検知しました! UID: ${latestcardUid}`); | ||
| console.log(`暗号化されたパスワードデータ: ${JSON.stringify(latestcardEncryptedPassword)}`); | ||
| globalThis.io?.emit('nfc:detected', { | ||
| uid: latestcardUid, | ||
| encrypted_password: latestcardEncryptedPassword, | ||
| at: latestcardTime | ||
| }); | ||
|
|
||
| // Python側に「無事に受け取ったよ」と返事をする | ||
| res.status(200).send({ message: 'Success' }); | ||
| }); | ||
|
|
||
| module.exports = router; | ||
|
|
||
| export default router; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These new logs output sensitive credential material (
password + pepper, and the encrypted password). Secrets should never be written to logs. Remove these logs and log only non-sensitive metadata if needed.