Commit 5ebcaef2 authored by Corentin Mors's avatar Corentin Mors
Browse files

Encrypt all users feeds for privacy

parent aa8f599d
......@@ -8,6 +8,7 @@ var express = require('express'),
port = process.env.PORT || 3000,
bodyParser = require('body-parser');
server.listen(port, () => {
console.log('Server listening at port %d', port);
});
......
......@@ -6,7 +6,7 @@ exports.home = function(req, res, next) {
}
exports.room = function(req, res, next) {
res.render('room', {room: req.body.room, username: req.body.username});
res.render('room', {room: req.body.room, username: req.body.username, password: req.body.password});
}
exports.redirect_home = function(req, res, next) {
......
......@@ -38,7 +38,7 @@ $(function() {
// Sends a chat message
const sendMessage = () => {
var message = $inputMessage.val();
var message = encrypt($inputMessage.val(), password);
// Prevent markup from being injected into the message
message = cleanInput(message);
// if there is a non-empty message and a socket connection
......@@ -73,7 +73,7 @@ $(function() {
.text(data.username)
.css('color', getUsernameColor(data.username));
var $messageBodyDiv = $('<span class="messageBody">')
.text(data.message);
.text(decrypt(data.message, password));
var typingClass = data.typing ? 'typing' : '';
var $messageDiv = $('<li class="message"/>')
......@@ -209,7 +209,7 @@ $(function() {
socket.on('login', (data) => {
connected = true;
// Display the welcome message
var message = "Welcome to onMap Chat – ";
var message = "Welcome to onMap Chat – ";
log(message, {
prepend: true
});
......@@ -264,8 +264,41 @@ $(function() {
log('attempt to reconnect has failed');
});
// Crypto functions
function encrypt(data, password){
try {
return CryptoJS.AES.encrypt(data, password).toString();
} catch (exception) {
throw new Error(exception.message);
}
}
function decrypt(data, password){
try {
let bytes = CryptoJS.AES.decrypt(data, password);
return bytes.toString(CryptoJS.enc.Utf8);
} catch (exception) {
throw new Error(exception.message);
}
}
function oencrypt(object, password){
try {
return CryptoJS.AES.encrypt(JSON.stringify(object), password).toString();
} catch (exception) {
throw new Error(exception.message);
}
}
function odecrypt(ocipher, password){
try {
var bytes = CryptoJS.AES.decrypt(ocipher, password);
return JSON.parse(bytes.toString(CryptoJS.enc.Utf8));
} catch (exception) {
throw new Error(exception.message);
}
}
var Map = ol.Map
......@@ -358,7 +391,8 @@ $(function() {
var coordinates = geolocation.getPosition();
positionFeature.setGeometry(coordinates ?
new Point(coordinates) : null);
socket.emit('geoloc', coordinates);
console.log(coordinates);
socket.emit('geoloc', oencrypt(coordinates, password));
});
var mylayer = new VectorLayer({
......@@ -390,8 +424,9 @@ $(function() {
mylayer.getSource().addFeature(userPositions[data.username]);
}
userPositions[data.username].setGeometry(data.coordinates ?
new Point(data.coordinates) : null);
var ucoord = odecrypt(data.coordinates, password);
userPositions[data.username].setGeometry(ucoord ?
new Point(ucoord) : null);
//console.log(mylayer.getSource().getFeatures());
}
......
{
"name": "onMap Assets",
"description": "",
"main": "",
"license": "MIT",
"homepage": "",
"ignore": [
"**/.*",
"node_modules",
"bower_components",
"test",
"tests"
],
"dependencies": {
"crypto-js": "^3.1.9"
}
}
{% extends '_layout.html' %}
{% block content %}
<div class="container-main">
<div id="map" class="map"></div>
<div id="info" style="display: none;"></div>
<p>
Position accuracy : <code id="accuracy"></code>&nbsp;&nbsp;
Altitude : <code id="altitude"></code>&nbsp;&nbsp;
Altitude accuracy : <code id="altitudeAccuracy"></code>&nbsp;&nbsp;
Heading : <code id="heading"></code>&nbsp;&nbsp;
Speed : <code id="speed"></code>
</p>
</div>
<div class="container-side">
<ul class="pages">
<li class="chat page">
<div class="chatArea">
<ul class="messages"></ul>
</div>
<input class="inputMessage" placeholder="Type here..."/>
</li>
<li class="login page">
<div class="form">
<h3 class="title">What's your nickname?</h3>
<input class="usernameInput" type="text" maxlength="14" />
</div>
</li>
</ul>
</div>
{% endblock %}
\ No newline at end of file
......@@ -8,6 +8,8 @@
<input id="room-name" type="text" name="room">
<label for="room-name">Username:</label>
<input id="user-name" type="text" name="username">
<label for="room-password">Password:</label>
<input id="room-password" type="text" name="password">
<button type="submit">Join</button>
</form>
</div>
......
......@@ -32,6 +32,7 @@
{% block scripts %}
<script src="/socket.io/socket.io.js"></script>
<script src="assets/openlayer.min.js"></script>
<script>var username = "{{ username | escape }}"; var room = "{{ room | escape }}";</script>
<script src="bower_components/crypto-js/crypto-js.js"></script>
<script>var username = "{{ username | escape }}"; var room = "{{ room | escape }}"; var password = "{{ password | escape }}";</script>
<script src="assets/main.js"></script>
{% endblock %}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment