batchGame/js/2.9.1/scripts.js

import sha256 from "./sha256.min.js";
import XORCipher from "./xorc.js";
import getBrowserFingerprint from "./identify.js"
import { loadNavBar } from "./web.js";

export const passwordHash = {
  toString: () => {
    let fp = getBrowserFingerprint( { hardwareOnly: true } );
    let data;
    try {
      data = window.sessionStorage.getItem(sha256(fp));
    } catch (e) {
      return "none";
    }
    if (data === null) return "none";
    return XORCipher.decode(fp, data);
  },

  set: (pw) => {
    let fp = getBrowserFingerprint( { hardwareOnly: true } );
    window.sessionStorage.setItem(sha256(fp), XORCipher.encode(fp, pw));
  }
}



function setPassword() {
  let x = document.getElementById("loginForm");
  let usr = x.elements[0].value; 
  let pw = x.elements[1].value;
  let cookieFlag = x.elements[1].value;

  if (pw != "" || pw !== "undefined") {
    let pwOld = pw;
    //console.log(sha256(pw));
    passwordHash.set(sha256(pw));
    let data = window.localStorage.getItem(sha256('chk'));
    if (data !== null) {
      let chk = XORCipher.decode(passwordHash.toString(), data);
      if (chk != "") {
        try {
          JSON.parse(chk);
        } catch (e) {
          document.getElementById("wrongPWAlert").style.display = "block";
          const alertTimeout = setTimeout(() => {
            document.getElementById("wrongPWAlert").style.display = "none";
          }, 5000);
          passwordHash.set(pwOld);
          x.elements[0].value = "";
          x.elements[1].value = "";
          window.localStorage.removeItem(sha256('chk'));
          return;
        }
      }
    } else {
      checkAuth(usr, pw, cookieFlag);
      return;
    }

    //user logged in
    //load NavigationBar with templates according to server

    //set cookie if flag is true
    loadNavBar();
    document.getElementById("login").style.display = "none";
    window.sessionStorage.setItem(sha256("verified"), XORCipher.encode(sha256("passwordHash"), passwordHash.toString()));
    if (cookieFlag == 'on') {
      setCookie(sha256("verified"), XORCipher.encode(sha256("passwordHash"), passwordHash.toString()), 30)
    }
  }
}

function checkAuth(usr, pw, cookieFlag) {
  let state;
  let msg;
  var xhttp = new XMLHttpRequest();
  xhttp.onreadystatechange = function () {
    if (this.readyState == 4 && this.status == 200) {
      let resCode = this.responseText;
      switch(resCode) {
        case '0':
            state = 'verified';
            msg = 'login successful'
          break;
        case '1':
          state = 'error';
          msg = 'wrong password'
          break;
        case '2':
          state = 'error';
          msg = 'user not found'
          break;
        case '3':
          state = 'error';
          msg = 'query error'
          break;
        default:
          state = 'error';
          msg = 'no response'
          break;
      }
      if (state == 'error') {
        document.getElementById("wrongPWAlert").style.display = "block";
        let orgMsg = document.getElementById("wrongPWAlertMsg").innerHtml;
        document.getElementById("wrongPWAlertMsg").innerHTML = msg;
        
        const alertTimeout = setTimeout(() => {
          document.getElementById("wrongPWAlert").style.display = "none";
          document.getElementById("wrongPWAlertMsg").innerHTML = orgMsg;
        }, 5000);
      } else {
        loadNavBar();
        document.getElementById("login").style.display = "none";
        window.sessionStorage.setItem(sha256("verified"), XORCipher.encode(sha256("passwordHash"), passwordHash.toString()));
        window.localStorage.setItem(sha256("chk"), XORCipher.encode(sha256(pw), JSON.stringify({verified: sha256(pw)})));
        if (cookieFlag == 'on') {
          setCookie(sha256("verified"), XORCipher.encode(sha256("passwordHash"), passwordHash.toString()), 30)
        }
      }
    }
  };
  xhttp.open("GET", "h.php/auth/m21"+sha256(pw)+"/m22"+sha256(usr), true);
  xhttp.send();
}

export function logoutServer() {
  var xhttp = new XMLHttpRequest();
  xhttp.onreadystatechange = function () {
    if (this.readyState == 4 && this.status == 200) {
      let resCode = this.responseText;
      console.log(resCode);
    }
  };
  xhttp.open("GET", "h.php/auth/logout", true);
  xhttp.send();
}

export function getUsrId() {
  const fingerprint = getBrowserFingerprint( { hardwareOnly: true } );
  return cyrb53(fingerprint + passwordHash);
}

const cyrb53 = (str, seed = 21) => {
  let h1 = 0xdeadbeef ^ seed,
    h2 = 0x41c6ce57 ^ seed;
  for (let i = 0, ch; i < str.length; i++) {
    ch = str.charCodeAt(i);
    h1 = Math.imul(h1 ^ ch, 2654435761);
    h2 = Math.imul(h2 ^ ch, 1597334677);
  }
  
  h1 = Math.imul(h1 ^ (h1 >>> 16), 2246822507) ^ Math.imul(h2 ^ (h2 >>> 13), 3266489909);
  h2 = Math.imul(h2 ^ (h2 >>> 16), 2246822507) ^ Math.imul(h1 ^ (h1 >>> 13), 3266489909);
  
  return 4294967296 * (2097151 & h2) + (h1 >>> 0);
};

function setCookie(cname, cvalue, exdays) {
  const d = new Date();
  d.setTime(d.getTime() + (exdays * 24 * 60 * 60 * 1000));
  let expires = "expires="+d.toUTCString();
  document.cookie = cname + "=" + cvalue + ";" + expires + ";path=/";
}

export function getCookie(cname) {
  let name = cname + "=";
  let ca = document.cookie.split(';');
  for(let i = 0; i < ca.length; i++) {
    let c = ca[i];
    while (c.charAt(0) == ' ') {
      c = c.substring(1);
    }
    if (c.indexOf(name) == 0) {
      return c.substring(name.length, c.length);
    }
  }
  return null;
}


export default setPassword;