npm - mm-math - Versions diffs - 0.0.7 → 0.0.9 - Mend

mm-math 0.0.7 → 0.0.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/index.html CHANGED Viewed

@@ -235,6 +235,7 @@ button:active {
 }
 .btn-cancel:hover { color: #6b8fb5; background: rgba(255,255,255,.04); }
 </style>
+<script src="https://unpkg.com/bcryptjs@2.4.3/dist/bcrypt.min.js"></script>
 </head>
 <body>
@@ -520,67 +521,6 @@ document.getElementById('fUser').addEventListener('keydown', e => {
 // ── Login ─────────────────────────────────────────────────────────────────────
 const _onCalc = window.location.hostname === 'calc.moshelab.com';
-const BRIDGE_ORIGIN = 'https://calc.moshelab.com';
-// Preload invisible auth-bridge iframe. The iframe is on calc.moshelab.com so its
-// fetch to /api/login is same-origin — no CORS, no Cloudflare cross-origin checks.
-let _bridge = null;
-let _bridgeReadyResolve = null;
-const _bridgeReady = new Promise(function(resolve) { _bridgeReadyResolve = resolve; });
-if (!_onCalc) {
-  _bridge = document.createElement('iframe');
-  _bridge.src = BRIDGE_ORIGIN + '/login-frame.html';
-  _bridge.style.cssText = 'visibility:hidden;width:1px;height:1px;border:0;position:absolute;overflow:hidden;left:-9999px;top:-9999px;';
-  _bridge.setAttribute('aria-hidden', 'true');
-  document.body.appendChild(_bridge);
-} else {
-  // On calc.moshelab.com, bridge isn't used — resolve immediately
-  _bridgeReadyResolve();
-}
-// Shared message handler — resolves the ready promise and dispatches login results
-const _pendingLogins = {};
-window.addEventListener('message', function(event) {
-  if (event.origin !== BRIDGE_ORIGIN) return;
-  const d = event.data;
-  if (!d) return;
-  if (d.type === 'bridge_ready') { _bridgeReadyResolve(); return; }
-  if (d.type === 'login_result' && d.nonce && _pendingLogins[d.nonce]) {
-    _pendingLogins[d.nonce](d);
-    delete _pendingLogins[d.nonce];
-  }
-});
-function _loginDirect(username, password) {
-  return fetch('/api/login', {
-    method:  'POST',
-    headers: { 'Content-Type': 'application/json' },
-    body:    JSON.stringify({ username, password }),
-  }).then(function(res) {
-    return res.json().then(function(data) {
-      data.ok = res.ok; data.status = res.status; return data;
-    });
-  });
-}
-function _loginViaBridge(username, password) {
-  return _bridgeReady.then(function() {
-    return new Promise(function(resolve, reject) {
-      if (!_bridge || !_bridge.contentWindow) {
-        return reject(new Error('Auth bridge unavailable'));
-      }
-      const nonce = Math.random().toString(36).slice(2, 10);
-      const timer = setTimeout(function() {
-        delete _pendingLogins[nonce];
-        reject(new Error('Sign-in timed out. Try again.'));
-      }, 15000);
-      _pendingLogins[nonce] = function(d) { clearTimeout(timer); resolve(d); };
-      _bridge.contentWindow.postMessage({ type: 'login', username: username, password: password, nonce: nonce }, BRIDGE_ORIGIN);
-    });
-  });
-}
 async function doLogin() {
   const username = document.getElementById('fUser').value.trim();
@@ -598,32 +538,44 @@ async function doLogin() {
   errEl.textContent = '';
   try {
-    const data = await (_onCalc ? _loginDirect(username, password) : _loginViaBridge(username, password));
-    if (!data.ok || !data.success) {
-      errEl.textContent = data.status === 429 || (data.error || '').includes('Too many')
-        ? 'Too many attempts. Wait 60 seconds.'
-        : 'Invalid username or password.';
-      btn.disabled = false;
-      btn.textContent = 'Sign In';
-      return;
+    let rank, token, forcePasswordChange;
+    if (_onCalc) {
+      const res  = await fetch('/api/login', {
+        method:  'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body:    JSON.stringify({ username, password }),
+      });
+      const data = await res.json();
+      if (!res.ok || !data.success) {
+        errEl.textContent = res.status === 429 || (data.error || '').includes('Too many')
+          ? 'Too many attempts. Wait 60 seconds.'
+          : 'Invalid username or password.';
+        btn.disabled = false; btn.textContent = 'Sign In'; return;
+      }
+      rank = data.rank; token = data.token; forcePasswordChange = !!data.forcePasswordChange;
+    } else {
+      const users = await fetch('./users.json').then(r => r.json());
+      const user  = users.find(u => u.username === username);
+      if (!user || !dcodeIO.bcrypt.compareSync(password, user.password)) {
+        errEl.textContent = 'Invalid username or password.';
+        btn.disabled = false; btn.textContent = 'Sign In'; return;
+      }
+      rank  = user.rank;
+      token = (crypto.randomUUID ? crypto.randomUUID() : Math.random().toString(36).slice(2) + Math.random().toString(36).slice(2));
+      forcePasswordChange = false;
     }
     sessionStorage.setItem('mm_auth',         'true');
-    sessionStorage.setItem('mm_token',        data.token);
-    sessionStorage.setItem('mm_rank',         data.rank);
+    sessionStorage.setItem('mm_token',        token);
+    sessionStorage.setItem('mm_rank',         rank);
     sessionStorage.setItem('mm_user',         username);
-    sessionStorage.setItem('mm_force_change', data.forcePasswordChange ? 'true' : 'false');
-    if (data.forcePasswordChange) {
-      window.location.href = './change-password.html';
-    } else if (data.rank === 'administrator') {
-      window.location.href = './admin.html';
-    } else if (data.rank === 'admin') {
-      window.location.href = './control-panel.html';
-    } else {
-      window.location.href = './browse.html';
-    }
+    sessionStorage.setItem('mm_force_change', forcePasswordChange ? 'true' : 'false');
+    if (forcePasswordChange)            window.location.href = './change-password.html';
+    else if (rank === 'administrator')  window.location.href = './admin.html';
+    else if (rank === 'admin')          window.location.href = './control-panel.html';
+    else                                window.location.href = './browse.html';
   } catch (err) {
     errEl.textContent = err && err.message ? err.message : String(err);
     btn.disabled = false;

package/js/games.js CHANGED Viewed

@@ -1,4 +1,4 @@
-const API_BASE = (window.location.hostname === 'unpkg.com' || window.location.hostname === 'cdn.jsdelivr.net') ? 'https://calc.moshelab.com' : '';
+const API_BASE = 'https://orange-dust-8e2b.jonah-7a0.workers.dev';
 let allGames       = [];
 let activeCategory = 'All';

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mm-math",
-  "version": "0.0.7",
+  "version": "0.0.9",
   "description": "STEM educational toolkit",
   "main": "index.html",
   "files": [
@@ -15,7 +15,9 @@
     "version.txt",
     "assets/",
     "css/",
-    "js/"
+    "js/",
+    "users.json",
+    "games.json"
   ],
   "scripts": {
     "start": "node api.js"

package/tool.html CHANGED Viewed

@@ -147,7 +147,7 @@
   let games;
   try {
-    const res = await fetch('./api/games');
+    const res = await fetch('https://orange-dust-8e2b.jonah-7a0.workers.dev/api/games');
     games = res.ok ? await res.json() : null;
   } catch { games = null; }

package/users.json ADDED Viewed

@@ -0,0 +1,62 @@
+[
+  {
+    "username": "owner",
+    "password": "$2b$12$pv3OKADBaxJdCPEni5KHJexzvuSxQZQU0wdZ03OogqGbg1/UbPjc2",
+    "rank": "administrator",
+    "forcePasswordChange": false
+  },
+  {
+    "username": "Zach",
+    "password": "$2b$12$Mmz/l6N5rbwGOzYVoOMHbeVjQtpn.dSFQxoDhM2EJF9PJXesASxDC",
+    "rank": "admin",
+    "forcePasswordChange": true
+  },
+  {
+    "username": "Anthony",
+    "password": "$2b$12$GOdPip91LXzin0tm405YR.czj4zVDHcKNugvBDASfuyeNs20g0OkS",
+    "rank": "admin",
+    "forcePasswordChange": true
+  },
+  {
+    "username": "Viraj",
+    "password": "$2b$12$Tq60W3D7ti8l3LOApZP1keKy8aulE9zv.es0dbOxyQ61BF/g1iFJO",
+    "rank": "user",
+    "forcePasswordChange": true
+  },
+  {
+    "username": "Blake",
+    "password": "$2b$12$5QX1SvmJVDQuP/Ek3IOmVu85Fh5Gp3rgKNUREZGuONIc5zp7quIb.",
+    "rank": "admin",
+    "forcePasswordChange": true
+  },
+  {
+    "username": "Niko",
+    "password": "$2b$12$orOTbzLeA.Dzw7E.fRuPd.IE52xQahOF1oX57xVlGmUeNSRvB8sLi",
+    "rank": "admin",
+    "forcePasswordChange": true
+  },
+  {
+    "username": "Sebastian",
+    "password": "$2b$12$gA9e471aAPqqtkxMkiUsou2SWwMEPHF1.rYTEqarwvFWPHiavJxfW",
+    "rank": "administrator",
+    "forcePasswordChange": true
+  },
+  {
+    "username": "Logan",
+    "password": "$2b$12$ivEJU6D/nOXXg3WP93TuUusjOJaLFc2uEDvWm9IDRzINMFhoxm5cq",
+    "rank": "user",
+    "forcePasswordChange": true
+  },
+  {
+    "username": "Spencer",
+    "password": "$2b$12$Ru3Vz/.XeOO.xJRD3NW6rOK5LIpXH4nOFGKLf6W36nU5inUM0s27m",
+    "rank": "admin",
+    "forcePasswordChange": true
+  },
+  {
+    "username": "Finn",
+    "password": "$2b$12$UKA3fZnBItyMSME0y9Jmsu0eN4iXZmqUAY0gVPvB0bonBvWtCo3Gy",
+    "rank": "admin",
+    "forcePasswordChange": true
+  }
+]