Skip to content

Commit

Permalink
Merge pull request #226 from DecentralCardGame/goat_discord
Browse files Browse the repository at this point in the history
Goat discord
  • Loading branch information
lxgr-linux authored Jun 2, 2024
2 parents 507728c + 5f4c39f commit 669cfe1
Show file tree
Hide file tree
Showing 8 changed files with 1,071 additions and 1 deletion.
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -8,3 +8,4 @@ release/
.DS_Store
/build
/cs
/goat/node_modules
137 changes: 137 additions & 0 deletions config/nginx-test.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,137 @@

server {
listen 443 http2;
listen [::]:443 http2;
server_name cardchain.crowdcontrol.network;
#ssl_certificate /etc/letsencrypt/live/cardchain.crowdcontrol.network/fullchain.pem;
#ssl_certificate_key /etc/letsencrypt/live/cardchain.crowdcontrol.network/privkey.pem;

# Improve HTTPS performance with session resumption
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;

# Enable server-side protection against BEAST attacks
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384";

# RFC-7919 recommended: https://wiki.mozilla.org/Security/Server_Side_TLS#ffdhe4096
ssl_dhparam /etc/nginx/ssl/dhparam-4096.pem;
ssl_ecdh_curve secp521r1:secp384r1;

# Aditional Security Headers
# ref: https://developer.mozilla.org/en-US/docs/Security/HTTP_Strict_Transport_Security
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";

# ref: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
add_header X-Frame-Options DENY always;

# ref: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
add_header X-Content-Type-Options nosniff always;

# ref: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
add_header X-Xss-Protection "1; mode=block" always;

# Enable OCSP stapling
# ref. http://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/cardchain.crowdcontrol.network/fullchain.pem;
#resolver 1.1.1.1 1.0.0.1 [2606:4700:4700::1111] [2606:4700:4700::1001] valid=300s; # Cloudflare
resolver 127.0.0.11;
resolver_timeout 5s;

location ~ ^/cosmos(/.*)?$ {
# Not sending ACAO header because it is already being added by the upstream
#add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Headers' '*' always;
add_header 'Access-Control-Allow-Methods' '*' always;
add_header 'Access-Control-Max-Age' 1728000 always;

if ($request_method = 'OPTIONS') {
return 200;
}

proxy_redirect off;
proxy_set_header host $host;
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-forward-for $proxy_add_x_forwarded_for;
proxy_pass http://blockchain:1317$1$is_args$args;
}

location ~ ^/grpc(/.*)?$ {
grpc_pass grpcs://blockchain:9090$1$is_args$args;
}

location ~ ^/grpc2(/.*)?$ {
grpc_pass grpcs://blockchain:9091$1$is_args$args;
}

location ~ ^/tendermint(/.*)?$ {
# Not sending ACAO header because it is already being added by the upstream
#add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Headers' '*' always;
add_header 'Access-Control-Allow-Methods' '*' always;
add_header 'Access-Control-Max-Age' 1728000 always;

if ($request_method = 'OPTIONS') {
return 200;
}

proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
proxy_set_header host $host;
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-forward-for $proxy_add_x_forwarded_for;
proxy_set_header X-forwarded-proto $scheme;
proxy_intercept_errors on;
proxy_pass http://blockchain:26657$1$is_args$args;
}

location ~ ^/faucet(/.*)?$ {
# Not sending ACAO header because it is already being added by the upstream
#add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' '*' always;
add_header 'Access-Control-Allow-Headers' '*' always;
add_header 'Access-Control-Max-Age' 1728000 always;

if ($request_method = 'OPTIONS') {
return 200;
}

proxy_redirect off;
proxy_set_header host $host;
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-forward-for $proxy_add_x_forwarded_for;
proxy_pass http://blockchain:4500$1$is_args$args;
}

location /files/ {
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' '*' always;
add_header 'Access-Control-Allow-Headers' '*' always;
add_header 'Access-Control-Max-Age' 1728000 always;

root /;
}

location /goat/ {
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' '*' always;
add_header 'Access-Control-Allow-Headers' '*' always;
add_header 'Access-Control-Max-Age' 1728000 always;

proxy_redirect off;
proxy_set_header host $host;
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-forward-for $proxy_add_x_forwarded_for;
proxy_pass http://goat:31337;
}
}
18 changes: 17 additions & 1 deletion config/nginx.conf
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,22 @@ server {
add_header 'Access-Control-Allow-Headers' '*' always;
add_header 'Access-Control-Max-Age' 1728000 always;

root /;
root /;
}

location /goat/ {
rewrite ^/goat/(.*)$ /$1 break;

add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' '*' always;
add_header 'Access-Control-Allow-Headers' '*' always;
add_header 'Access-Control-Max-Age' 1728000 always;

proxy_redirect off;
proxy_set_header host $host;
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-forward-for $proxy_add_x_forwarded_for;
proxy_pass http://goat:31337;
}
}
6 changes: 6 additions & 0 deletions docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,11 @@ services:
- 9091:9091
- 4500:4500

goat:
build: ./goat/
ports:
- 31337:31337

herd:
image: nginx:latest
container_name: herd
Expand All @@ -31,3 +36,4 @@ services:
command: /bin/bash -c "exec nginx -g 'daemon off;'"
depends_on:
- blockchain
- goat
20 changes: 20 additions & 0 deletions goat/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
# Use the official Node.js image as the base image
FROM node:16.14.0-alpine

# Set the working directory
WORKDIR /usr/src/app

# Copy package.json and package-lock.json
COPY package*.json ./

# Install dependencies
RUN npm install

# Copy the application files
COPY . .

# Expose the port
EXPOSE 31337

# Start the application
CMD [ "node", "app.js" ]
61 changes: 61 additions & 0 deletions goat/app.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
const express = require('express');
const axios = require('axios');
const querystring = require('node:querystring');

const app = express();
const PORT = process.env.PORT || 31337;

//let codeValue = 'oHISzAR5RdTef7jVntWuA48Gf044Vr'

const fetchUser = code => {
let query = querystring.stringify({
'client_id': '1242405621815316502',
'client_secret': 'SdY9h2ilQb42AKV3dL8pscd9vcvUc0Bo',
'grant_type': 'authorization_code',
'code': code,
'redirect_uri': 'https://crowdcontrol.network/#/discord',
'scope': 'identify'
})
let headers = {
'Content-Type': 'application/x-www-form-urlencoded'
}

return axios.post('https://discordapp.com/api/oauth2/token', query, headers)
.then(token => {
return axios.get(`https://discordapp.com/api/users/@me`, {
headers: {
"Authorization": "Bearer " + token.data.access_token,
}
})
})

}

app.get('/', (req, res) => {
if (!req.query.code) {
throw new Error('No code provided - you must provide a token code from Discord')
}

console.log("code", req.query.code)

return fetchUser(req.query.code)
.then(user => {
console.log("response", user.data)
console.log("status", user.status, user.statusText);
res.send(user.data);
})
.catch(err => {
console.error(err.response)
res.status(500).send(err.message)
})

});

app.listen(PORT, () => {
console.log(`Server running on port ${PORT}`);
});





Loading

0 comments on commit 669cfe1

Please sign in to comment.