Write metadata file option, rate limiting login attempts, generic failed login message

server/Auth.js

@@ -103,18 +103,18 @@ class Auth {
 
     var user = this.users.find(u => u.username === username)
 
-    if (!user) {
-      return res.json({ error: 'User not found' })
-    }
-
-    if (!user.isActive) {
-      return res.json({ error: 'User unavailable' })
+    if (!user || !user.isActive) {
+      Logger.debug(`[Auth] Failed login attempt ${req.rateLimit.current} of ${req.rateLimit.limit}`)
+      if (req.rateLimit.remaining <= 2) {
+        return res.status(401).send(`Invalid user or password (${req.rateLimit.remaining === 0 ? '1 attempt remaining' : `${req.rateLimit.remaining + 1} attempts remaining`})`)
+      }
+      return res.status(401).send('Invalid user or password')
     }
 
     // Check passwordless root user
     if (user.id === 'root' && (!user.pash || user.pash === '')) {
       if (password) {
-        return res.json({ error: 'Invalid root password (hint: there is none)' })
+        return res.status(401).send('Invalid root password (hint: there is none)')
       } else {
         return res.json({ user: user.toJSONForBrowser() })
       }
@@ -127,12 +127,24 @@ class Auth {
         user: user.toJSONForBrowser()
       })
     } else {
-      res.json({
-        error: 'Invalid Password'
-      })
+      Logger.debug(`[Auth] Failed login attempt ${req.rateLimit.current} of ${req.rateLimit.limit}`)
+      if (req.rateLimit.remaining <= 2) {
+        Logger.error(`[Auth] Failed login attempt for user ${user.username}. Attempts: ${req.rateLimit.current}`)
+        return res.status(401).send(`Invalid user or password (${req.rateLimit.remaining === 0 ? '1 attempt remaining' : `${req.rateLimit.remaining + 1} attempts remaining`})`)
+      }
+      return res.status(401).send('Invalid user or password')
     }
   }
 
+  // Not in use now
+  lockUser(user) {
+    user.isLocked = true
+    return this.db.updateEntity('user', user).catch((error) => {
+      Logger.error('[Auth] Failed to lock user', user.username, error)
+      return false
+    })
+  }
+
   comparePassword(password, user) {
     if (user.type === 'root' && !password && !user.pash) return true
     if (!password || !user.pash) return false

server/Scanner.js

@@ -13,6 +13,8 @@ class Scanner {
   constructor(AUDIOBOOK_PATH, METADATA_PATH, db, emitter) {
     this.AudiobookPath = AUDIOBOOK_PATH
     this.MetadataPath = METADATA_PATH
+    this.BookMetadataPath = Path.join(this.MetadataPath, 'books')
+
     this.db = db
     this.emitter = emitter
 
@@ -387,6 +389,39 @@ class Scanner {
     }
   }
 
+  async saveMetadata(audiobookId) {
+    if (audiobookId) {
+      var audiobook = this.db.audiobooks.find(ab => ab.id === audiobookId)
+      if (!audiobook) {
+        return {
+          error: 'Audiobook not found'
+        }
+      }
+      var savedPath = await audiobook.writeNfoFile()
+      return {
+        audiobookId,
+        audiobookTitle: audiobook.title,
+        savedPath
+      }
+    } else {
+      var response = {
+        success: 0,
+        failed: 0
+      }
+      for (let i = 0; i < this.db.audiobooks.length; i++) {
+        var audiobook = this.db.audiobooks[i]
+        var savedPath = await audiobook.writeNfoFile()
+        if (savedPath) {
+          Logger.info(`[Scanner] Saved metadata nfo ${savedPath}`)
+          response.success++
+        } else {
+          response.failed++
+        }
+      }
+      return response
+    }
+  }
+
   async find(req, res) {
     var method = req.params.method
     var query = req.query

server/Server.js

@@ -4,6 +4,7 @@ const http = require('http')
 const SocketIO = require('socket.io')
 const fs = require('fs-extra')
 const fileUpload = require('express-fileupload')
+const rateLimit = require('express-rate-limit')
 
 const Auth = require('./Auth')
 const Watcher = require('./Watcher')
@@ -110,6 +111,14 @@ class Server {
     this.scanner.cancelScan = true
   }
 
+  // Generates an NFO metadata file, if no audiobookId is passed then all audiobooks are done
+  async saveMetadata(socket, audiobookId = null) {
+    Logger.info('[Server] Starting save metadata files')
+    var response = await this.scanner.saveMetadata(audiobookId)
+    Logger.info(`[Server] Finished saving metadata files Successful: ${response.success}, Failed: ${response.failed}`)
+    socket.emit('save_metadata_complete', response)
+  }
+
   async init() {
     Logger.info('[Server] Init')
     await this.streamManager.ensureStreamsDir()
@@ -172,6 +181,21 @@ class Server {
     res.sendStatus(200)
   }
 
+  // First time login rate limit is hit
+  loginLimitReached(req, res, options) {
+    Logger.error(`[Server] Login rate limit (${options.max}) was hit for ip ${req.ip}`)
+    options.message = 'Too many attempts. Login temporarily locked.'
+  }
+
+  getLoginRateLimiter() {
+    return rateLimit({
+      windowMs: this.db.serverSettings.rateLimitLoginWindow, // 5 minutes
+      max: this.db.serverSettings.rateLimitLoginRequests,
+      skipSuccessfulRequests: true,
+      onLimitReached: this.loginLimitReached
+    })
+  }
+
   async start() {
     Logger.info('=== Starting Server ===')
     await this.init()
@@ -206,13 +230,18 @@ class Server {
 
     app.use('/api', this.authMiddleware.bind(this), this.apiController.router)
     app.use('/hls', this.authMiddleware.bind(this), this.hlsController.router)
+
+    // Incomplete work in progress
     // app.use('/ebook', this.ebookReader.router)
-    app.use('/feeds', this.rssFeeds.router)
+    // app.use('/feeds', this.rssFeeds.router)
 
     app.post('/upload', this.authMiddleware.bind(this), this.handleUpload.bind(this))
 
-    app.post('/login', (req, res) => this.auth.login(req, res))
+    var loginRateLimiter = this.getLoginRateLimiter()
+    app.post('/login', loginRateLimiter, (req, res) => this.auth.login(req, res))
+
     app.post('/logout', this.logout.bind(this))
+
     app.get('/ping', (req, res) => {
       Logger.info('Recieved ping')
       res.json({ success: true })
@@ -231,7 +260,6 @@ class Server {
       })
     }
 
-
     this.server.listen(this.Port, this.Host, () => {
       Logger.info(`Running on http://${this.Host}:${this.Port}`)
     })
@@ -259,6 +287,7 @@ class Server {
       socket.on('scan', this.scan.bind(this))
       socket.on('scan_covers', this.scanCovers.bind(this))
       socket.on('cancel_scan', this.cancelScan.bind(this))
+      socket.on('save_metadata', (audiobookId) => this.saveMetadata(socket, audiobookId))
 
       // Streaming
       socket.on('open_stream', (audiobookId) => this.streamManager.openStreamSocketRequest(socket, audiobookId))

server/objects/Audiobook.js

@@ -1,6 +1,7 @@
 const Path = require('path')
 const { bytesPretty, elapsedPretty } = require('../utils/fileUtils')
 const { comparePaths, getIno } = require('../utils/index')
+const nfoGenerator = require('../utils/nfoGenerator')
 const Logger = require('../Logger')
 const Book = require('./Book')
 const AudioTrack = require('./AudioTrack')
@@ -530,5 +531,9 @@ class Audiobook {
       })
     }
   }
+
+  writeNfoFile(nfoFilename = 'metadata.nfo') {
+    return nfoGenerator(this, nfoFilename)
+  }
 }
 module.exports = Audiobook

server/objects/Book.js

@@ -1,3 +1,4 @@
+const fs = require('fs-extra')
 const Path = require('path')
 const Logger = require('../Logger')
 const parseAuthors = require('../utils/parseAuthors')

server/objects/ServerSettings.js

@@ -3,10 +3,14 @@ const { CoverDestination } = require('../utils/constants')
 class ServerSettings {
   constructor(settings) {
     this.id = 'server-settings'
+
     this.autoTagNew = false
     this.newTagExpireDays = 15
     this.scannerParseSubtitle = false
     this.coverDestination = CoverDestination.METADATA
+    this.saveMetadataFile = false
+    this.rateLimitLoginRequests = 10
+    this.rateLimitLoginWindow = 10 * 60 * 1000 // 10 Minutes
 
     if (settings) {
       this.construct(settings)
@@ -18,6 +22,9 @@ class ServerSettings {
     this.newTagExpireDays = settings.newTagExpireDays
     this.scannerParseSubtitle = settings.scannerParseSubtitle
     this.coverDestination = settings.coverDestination || CoverDestination.METADATA
+    this.saveMetadataFile = !!settings.saveMetadataFile
+    this.rateLimitLoginRequests = !isNaN(settings.rateLimitLoginRequests) ? Number(settings.rateLimitLoginRequests) : 10
+    this.rateLimitLoginWindow = !isNaN(settings.rateLimitLoginWindow) ? Number(settings.rateLimitLoginWindow) : 10 * 60 * 1000 // 10 Minutes
   }
 
   toJSON() {
@@ -26,7 +33,10 @@ class ServerSettings {
       autoTagNew: this.autoTagNew,
       newTagExpireDays: this.newTagExpireDays,
       scannerParseSubtitle: this.scannerParseSubtitle,
-      coverDestination: this.coverDestination
+      coverDestination: this.coverDestination,
+      saveMetadataFile: !!this.saveMetadataFile,
+      rateLimitLoginRequests: this.rateLimitLoginRequests,
+      rateLimitLoginWindow: this.rateLimitLoginWindow
     }
   }
 

server/objects/User.js

@@ -9,6 +9,7 @@ class User {
     this.stream = null
     this.token = null
     this.isActive = true
+    this.isLocked = false
     this.createdAt = null
     this.audiobooks = null
 
@@ -76,6 +77,7 @@ class User {
       token: this.token,
       audiobooks: this.audiobooksToJSON(),
       isActive: this.isActive,
+      isLocked: this.isLocked,
       createdAt: this.createdAt,
       settings: this.settings,
       permissions: this.permissions
@@ -91,6 +93,7 @@ class User {
       token: this.token,
       audiobooks: this.audiobooksToJSON(),
       isActive: this.isActive,
+      isLocked: this.isLocked,
       createdAt: this.createdAt,
       settings: this.settings,
       permissions: this.permissions
@@ -112,7 +115,8 @@ class User {
         }
       }
     }
-    this.isActive = (user.isActive === undefined || user.id === 'root') ? true : !!user.isActive
+    this.isActive = (user.isActive === undefined || user.type === 'root') ? true : !!user.isActive
+    this.isLocked = user.type === 'root' ? false : !!user.isLocked
     this.createdAt = user.createdAt || Date.now()
     this.settings = user.settings || this.getDefaultUserSettings()
     this.permissions = user.permissions || this.getDefaultUserPermissions()

server/utils/fileUtils.js

@@ -29,9 +29,10 @@ function bytesPretty(bytes, decimals = 0) {
     return '0 Bytes'
   }
   const k = 1024
-  const dm = decimals < 0 ? 0 : decimals
+  var dm = decimals < 0 ? 0 : decimals
   const sizes = ['Bytes', 'KB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB']
   const i = Math.floor(Math.log(bytes) / Math.log(k))
+  if (i > 2 && dm === 0) dm = 1
   return parseFloat((bytes / Math.pow(k, i)).toFixed(dm)) + ' ' + sizes[i]
 }
 module.exports.bytesPretty = bytesPretty

server/utils/nfoGenerator.js

@@ -0,0 +1,91 @@
+const fs = require('fs-extra')
+const Path = require('path')
+const { bytesPretty } = require('./fileUtils')
+const Logger = require('../Logger')
+
+const LEFT_COL_LEN = 25
+
+function sectionHeaderLines(title) {
+  return [title, ''.padEnd(10, '=')]
+}
+
+function generateSection(sectionTitle, sectionData) {
+  var lines = sectionHeaderLines(sectionTitle)
+  for (const key in sectionData) {
+    var line = key.padEnd(LEFT_COL_LEN) + (sectionData[key] || '')
+    lines.push(line)
+  }
+  return lines
+}
+
+async function generate(audiobook, nfoFilename = 'metadata.nfo') {
+  var jsonObj = audiobook.toJSON()
+  var book = jsonObj.book
+
+  var generalSectionData = {
+    'Title': book.title,
+    'Subtitle': book.subtitle,
+    'Author': book.author,
+    'Narrator': book.narrarator,
+    'Series': book.series,
+    'Volume Number': book.volumeNumber,
+    'Publish Year': book.publishYear,
+    'Genre': book.genres ? book.genres.join(', ') : '',
+    'Duration': audiobook.durationPretty,
+    'Chapters': jsonObj.chapters.length
+  }
+
+  if (!book.subtitle) {
+    delete generalSectionData['Subtitle']
+  }
+
+  if (!book.series) {
+    delete generalSectionData['Series']
+    delete generalSectionData['Volume Number']
+  }
+
+  var tracks = audiobook.tracks
+  var audioTrack = tracks.length ? audiobook.tracks[0] : {}
+
+  var totalBitrate = 0
+  var numBitrates = 0
+  for (let i = 0; i < tracks.length; i++) {
+    if (tracks[i].bitRate) {
+      totalBitrate += tracks[i].bitRate
+      numBitrates++
+    }
+  }
+  var averageBitrate = numBitrates ? totalBitrate / numBitrates : 0
+
+  var mediaSectionData = {
+    'Tracks': jsonObj.tracks.length,
+    'Size': audiobook.sizePretty,
+    'Codec': audioTrack.codec,
+    'Ext': audioTrack.ext,
+    'Channels': audioTrack.channels,
+    'Channel Layout': audioTrack.channelLayout,
+    'Average Bitrate': bytesPretty(averageBitrate)
+  }
+
+  var bookSection = generateSection('Book Info', generalSectionData)
+
+  var descriptionSection = null
+  if (book.description) {
+    descriptionSection = sectionHeaderLines('Book Description')
+    descriptionSection.push(book.description)
+  }
+
+  var mediaSection = generateSection('Media Info', mediaSectionData)
+
+  var fullFile = bookSection.join('\n') + '\n\n'
+  if (descriptionSection) fullFile += descriptionSection.join('\n') + '\n\n'
+  fullFile += mediaSection.join('\n')
+
+  var nfoPath = Path.join(audiobook.fullPath, nfoFilename)
+  var relativePath = Path.join(audiobook.path, nfoFilename)
+  return fs.writeFile(nfoPath, fullFile).then(() => relativePath).catch((error) => {
+    Logger.error(`Failed to write nfo file ${error}`)
+    return false
+  })
+}
+module.exports = generate