elestio
diff --git a/Diff for: ‎.gitignore
+3 b/Diff for: ‎.gitignore
+3
diff --git a/Diff for: ‎API/DB.js
+133 b/Diff for: ‎API/DB.js
+133
diff --git a/Diff for: ‎API/REST/GenerateJWT.js
+56 b/Diff for: ‎API/REST/GenerateJWT.js
+56
diff --git a/Diff for: ‎API/REST/Query.js
+127 b/Diff for: ‎API/REST/Query.js
+127
@@ -1,3 +1,6 @@
+memorystate.json
+core
+
 # Logs
 logs
 *.log
 
@@ -0,0 +1,133 @@
+const { Pool, Client } = require('pg')
+const pool = new Pool({
+  user: 'postgres',
+  password: '8ed89611-dff5-444f-867c-c66098a349cd',
+  host: '172.17.0.1',
+  database: 'ws_trail',
+  port: 5432,
+  max: 4
+})
+
+module.exports.SaveEvent = async function (data, sourceIP, country) {
+
+    var userID = data.uid;
+    var context = data.ctx;
+    var eventType = data.type;
+    var eventTitle = data.title;
+    var eventValue = data.val;
+    var eventData = data.data;
+    var wlid = data.wlid;
+
+    if ( country != null && country != ""){
+        if ( eventData == null ){
+            eventData = {};
+        }
+        eventData.country = country;
+    }
+    
+    var SQL = `INSERT INTO Logs (time, userID, context, eventType, eventTitle, eventValue, eventData, sourceIP, wlid)
+    VALUES (NOW(), '${Clean(userID)}', '${Clean(context)}', '${Clean(eventType)}', '${Clean(eventTitle)}', 
+    '${Clean(eventValue)}', '${Clean(JSON.stringify(eventData))}', '${sourceIP}', '${Clean(wlid)}' ) RETURNING time;`
+
+    //console.log(SQL);
+
+    var rez = null;
+    try{
+        rez = await pool.query(SQL);
+    }
+    catch(ex){
+        console.log("Crash in SQL Query for SaveEvent: " + SQL);
+        var obj = { count: 0, command: "INVALID_QUERY", time: 0 };
+        return obj
+    }
+    //console.log(rez);
+    var obj = { count: rez.rowCount, command: rez.command, time: rez.rows[0].time };
+    return obj
+}
+
+module.exports.Query = async function (SQL, sourceIP) {
+    var rez = await pool.query(SQL);
+    //console.log(rez);
+    var obj = { count: rez.rowCount, rows: rez.rows };
+    return obj
+}
+
+module.exports.StartOrUpdateSession = async function (data, sourceIP, userAgent) {
+
+    var userID = data.uid;
+    
+    var context = data.ctx;
+    if ( context == null ){
+        context = "";
+    }
+
+    var wlid = data.wlid;
+    
+    if ( wlid == null || wlid == "" ){
+        wlid = -1;
+    }
+    else{
+        try{
+            wlid = parseInt(wlid);
+        }catch(ex){}
+    }
+
+
+    var SQLSearch = `SELECT * FROM sessions WHERE lastupdate > ( now()::timestamp - INTERVAL '1 min' )::timestamp ORDER BY id desc LIMIT 1`;
+    var rezSearch = await pool.query(SQLSearch);
+
+    if ( rezSearch.rowCount == 0 ){
+        var SQL = `INSERT INTO sessions (start_time, is_active, wlid, userid, context, total_time, active_time, idle_time, user_agent, sourceip, lastupdate)
+        VALUES (NOW(), '1', '${Clean(wlid)}', '${Clean(userID)}', '${Clean(context)}', 0, 0, 0, '${Clean(userAgent)}', '${sourceIP}', NOW() ) RETURNING id;`
+        var rez = await pool.query(SQL);
+        //console.log(rez);
+        var obj = { count: rez.rowCount, command: rez.command, sessionID: rez.rows[0].id };
+        return obj
+    }
+    else{
+        var timeDiffInMinutes = `extract(epoch from (NOW()::timestamp - start_time::timestamp))::integer`;
+        var SQL = `UPDATE sessions SET is_active = '1', total_time = ${timeDiffInMinutes}, lastupdate = NOW() WHERE id = '${rezSearch.rows[0].id}';`
+        var rez = await pool.query(SQL);
+        //console.log(rez);
+        var obj = { count: rez.rowCount, command: rez.command, sessionID: rezSearch.rows[0].id };
+        return obj
+    }
+
+}
+
+module.exports.UpdateSession = async function (sessionID, active_time, is_active) {
+
+    var timeDiffInMinutes = `extract(epoch from (NOW() - start_time::timestamp))::integer`;
+
+    var SQL = `UPDATE sessions SET is_active = '${Clean(is_active)}', total_time = ${timeDiffInMinutes}, active_time = active_time + ${active_time}, idle_time = (${timeDiffInMinutes}) - (active_time + ${active_time}), lastupdate = NOW() WHERE id = '${sessionID}';`
+    //console.log(SQL);
+
+    var rez = await pool.query(SQL);
+    
+    var obj = { count: rez.rowCount, command: rez.command, sessionID: sessionID };
+    return obj
+
+}
+
+module.exports.CloseSession = async function (sessionID) {
+
+    /*
+    var timeDiffInMinutes = `(DATE_PART('day', end_time::timestamp - start_time::timestamp) * 24 + 
+               DATE_PART('hour', end_time::timestamp - start_time::timestamp)) * 60 +
+               DATE_PART('minute', end_time::timestamp - start_time::timestamp)`;
+    */
+
+    var timeDiffInMinutes = `extract(epoch from (NOW()::timestamp - start_time::timestamp))::integer`;
+
+    var SQL = `UPDATE sessions SET end_time = NOW(), is_active = '0', total_time = ${timeDiffInMinutes}, idle_time = (${timeDiffInMinutes}) - (active_time), lastupdate = NOW() WHERE id = '${sessionID}';`
+    var rez = await pool.query(SQL);
+    //console.log(rez);
+    var obj = { count: rez.rowCount, command: rez.command, sessionID: sessionID };
+    return obj
+
+}
+
+function Clean(txt){
+    if ( txt == null ){  return ""; }
+    else{ return (txt + "").replace(/\'/g, "''"); }
+}
@@ -0,0 +1,56 @@
+var jwt = require('jsonwebtoken');
+var JWTKey = require("../../appconfig.json").JWTKey;
+var hardcodedAPIKey = require("../../appconfig.json").ApiKey;
+
+exports.handler = async (event, context, callback) => {
+    
+    var beginPipeline = process.hrtime();
+
+    //debug
+    //var body = {"uid":"120", "token": "123615z1ef88136zg5e1"};
+
+    var ApiKey = event.headers["x-api-key"];
+    
+    //PROD
+    var body = null;
+    try{
+        body = JSON.parse(event.body);
+    }
+    catch(ex){
+        callback(null, {
+            status: 400,
+            content: "Invalid content provided, posted body must be in JSON"
+        });
+        return;
+    }
+    
+    
+    var uid = body.uid;
+    //if ( ApiKey != hardcodedAPIKey ){
+    if ( ApiKey != hardcodedAPIKey ){
+        //console.log(event);
+        callback(null, {
+            status: 400,
+            content: "Invalid token provided"
+        });
+        return;
+    }
+
+    var token = jwt.sign(body, JWTKey);
+    
+    
+    const nanoSeconds = process.hrtime(beginPipeline).reduce((sec, nano) => sec * 1e9 + nano);
+    var durationMS = (nanoSeconds/1000000);
+
+    var processTime = durationMS.toFixed(2) + "ms";
+
+    callback(null, {
+            status: 200,
+            content: {"jwt": token}, 
+            headers:{
+                "processTime": processTime,
+                "Content-Type": "application/json"
+            }
+    });
+
+};
@@ -0,0 +1,127 @@
+var DB = require("../DB.js");
+var hardcodedAPIKey = require("../../appconfig.json").ApiKey;
+
+exports.handler = async (event, context, callback) => {
+    
+    var beginPipeline = process.hrtime();
+
+    //debug
+    //var body = {"uid":"120", "ctx":"", "start":"", "end":"", "offset": 0, "token": "123615z1ef88136zg5e1"};
+    var ApiKey = event.headers["x-api-key"];
+    
+    //PROD
+    var body = null;
+    try{
+        body = JSON.parse(event.body);
+    }
+    catch(ex){
+        callback(null, {
+            status: 400,
+            content: "Invalid content provided, posted body must be in JSON"
+        });
+        return;
+    }
+    
+    var uid = body.uid;
+    var ctx = body.ctx;
+    var start = body.start;
+    var end = body.end;
+    
+    var offset = body.offset;
+    var pageSize = 200;
+    if ( offset == null || offset == ""){
+        offset = 0;
+    }
+
+    var pageSize = body.pageSize;
+    if ( pageSize == null || pageSize == ""){
+        pageSize = 25;
+    }
+
+    var eventType = body.eventType;
+    if ( eventType == null || eventType == ""){
+        eventType = "";
+    }
+
+    var showSession = body.session;
+    if ( showSession == null || showSession == ""){
+        showSession = "";
+    }
+
+    var wlid = body.wlid;
+    if ( wlid == null || wlid == ""){
+        wlid = "";
+    }
+    
+    if ( ApiKey != hardcodedAPIKey ){
+        callback(null, {
+            status: 400,
+            content: "Invalid token provided"
+        });
+        return;
+    }
+    
+    //TODO: ensure user is allowed to query this uid & ctx!
+
+    var SQL = "SELECT * FROM logs WHERE 1=1 ";
+    if ( uid != null && uid != "" ){
+        SQL += " AND userID = '" + Clean(uid) + "' ";
+    }
+    if ( ctx != null && ctx != "" ){
+        SQL += " AND context = '" + Clean(ctx) + "' ";
+    }
+    if ( start != null && start != "" ){
+        SQL += " AND time >= '" + Clean(start) + "' ";
+    }
+    if ( end != null && end != "" ){
+        SQL += " AND time <= '" + Clean(end) + "' ";
+    }
+
+    if ( eventType != "") {
+        SQL += " AND eventtype = '" + Clean(eventType) + "' ";
+    }
+
+    if ( eventType != "Session" && showSession == false ) {
+        SQL += " AND eventtype != 'Session' ";
+    }
+
+    if ( wlid != "") {
+        SQL += " AND wlid = '" + Clean(wlid) + "' ";
+    }
+
+    //ORDER
+    SQL += " ORDER BY time desc "
+
+    //add a LIMIT & OFFSET
+    SQL += " LIMIT " + pageSize + " OFFSET " + Clean(offset);
+
+    
+    
+    var obj = await DB.Query(SQL, event.ip);
+    
+    const nanoSeconds = process.hrtime(beginPipeline).reduce((sec, nano) => sec * 1e9 + nano);
+    var durationMS = (nanoSeconds/1000000);
+
+    obj.processTime = durationMS.toFixed(2) + "ms";
+
+    callback(null, {
+            status: 200,
+            content: obj, 
+            headers:{
+                "processTime": obj.processTime,
+                "Content-Type": "application/json; charset=utf-8"
+            }
+    });
+
+};
+
+
+
+function Clean(txt){
+    if ( txt == null ){
+        return "";
+    }
+    else{
+        return (txt + "").replace(/\'/g, "''");
+    }
+}
-Original file line number
+Diff line change
 +memorystate.json
 +core
++
 # Logs
 logs
 *.log