From 65bbe1fb851ba14b7d0a14db243d4377bb4de5e5 Mon Sep 17 00:00:00 2001 From: Bojan Dedic Date: Sun, 6 Oct 2019 11:13:35 +0200 Subject: [PATCH 1/3] :tada: Moved sensitive informations to .env instead of json --- .env | 10 ++++++++++ .env.example | 9 +++++++++ README.md | 2 +- auth.json.example | 12 ------------ discord_bot.js | 20 ++++++-------------- package.json | 5 +++-- plugins/Google/google.js | 11 +++++------ plugins/Google/youtube_plugin.js | 3 +-- plugins/Imgflip/imgflip.js | 3 +-- plugins/Random/random.js | 10 ++++++---- plugins/Twitch/twitch.js | 8 +++----- plugins/Wolfram Alpha/wolfram_plugin.js | 3 +-- wolfram_plugin.js | 3 +-- youtube_plugin.js | 3 +-- 14 files changed, 48 insertions(+), 54 deletions(-) create mode 100644 .env create mode 100644 .env.example delete mode 100644 auth.json.example diff --git a/.env b/.env new file mode 100644 index 00000000..bb4ab3f7 --- /dev/null +++ b/.env @@ -0,0 +1,10 @@ +EMAIL= +PASSWORD= +BOT_TOKEN=MzQyODMwNjEzNDI3OTEyNzE0.XZlXTg.8dbexVdPsKyVPL1AG_hifr6HmNs +CLIENT_ID= +YOUTUBE_API_KEY= +GOOGLE_CUSTOM_SEARCH= +IMGFLIP_USERNAME= +IMGFLIP_PASSWORD= +WOLFRAM_API_KEY= +TWITCH_CLIENT_ID= \ No newline at end of file diff --git a/.env.example b/.env.example new file mode 100644 index 00000000..2ada6ceb --- /dev/null +++ b/.env.example @@ -0,0 +1,9 @@ +EMAIL= +PASSWORD= +BOT_TOKEN= +CLIENT_ID= +YOUTUBE_API_KEY= +GOOGLE_CUSTOM_SEARCH= +IMGFLIP_USERNAME= +IMGFLIP_PASSWORD= +WOLFRAM_API_KEY= \ No newline at end of file diff --git a/README.md b/README.md index 8027d821..972ba32d 100644 --- a/README.md +++ b/README.md @@ -59,7 +59,7 @@ You can create an rss.json file adding rss feeds as commands. See rss.json.examp Make sure you also have your Google server API key, which is located in the "youtube_api_key" section, or the search will fail. # Running -Before the first run you will need to create an `auth.json` file. A bot token or the email and password for a discord account are required. The other credentials are not required for the bot to run, but they are highly recommended as commands that depend on them will malfunction. See `auth.json.example`. +Before the first run you will need to create an `.env` file. A bot token or the email and password for a discord account are required. The other credentials are not required for the bot to run, but they are highly recommended as commands that depend on them will malfunction. See `.env.example`. To start the bot just run `node discord_bot.js`. diff --git a/auth.json.example b/auth.json.example deleted file mode 100644 index cb9ac29c..00000000 --- a/auth.json.example +++ /dev/null @@ -1,12 +0,0 @@ -{ - "email" : "email of the discord account here if using a user account", - "password" : "password of the discord account here if using a user account", - "bot_token" : "bot token if using a bot account", - "client_id" : "client id if using a bot account and you want people to be able to invite it to their server", - "youtube_api_key": "create one here https://console.developers.google.com", - "google_custom_search": "follow instructions at https://stackoverflow.com/questions/34035422/google-image-search-says-api-no-longer-available", - "imgflip_username": "https://imgflip.com/ username", - "imgflip_password": "https://imgflip.com/ password", - "wolfram_api_key": "go here and click sign up http://products.wolframalpha.com/api/", - "twitch_client_id": "create a twitch app here https://dev.twitch.tv/dashboard/apps/create (requires a twitch account)" -} diff --git a/discord_bot.js b/discord_bot.js index 0c981ef3..532a799c 100755 --- a/discord_bot.js +++ b/discord_bot.js @@ -1,4 +1,5 @@ -var fs = require('fs'); +const fs = require('fs'); +require('dotenv').config() process.on('unhandledRejection', (reason) => { console.error(reason); @@ -16,15 +17,6 @@ try { console.log("Starting DiscordBot\nNode version: " + process.version + "\nDiscord.js version: " + Discord.version); // send message notifying bot boot-up - -// Get authentication data -try { - var AuthDetails = require("./auth.json"); -} catch (e){ - console.log("Please create an auth.json like auth.json.example with a bot token or an email and password.\n"+e.stack); // send message for error - no token - process.exit(); -} - // Load custom permissions var dangerousCommands = ["eval","pullanddeploy","setUsername","cmdauth"]; // set array if dangerous commands var Permissions = {}; @@ -244,11 +236,11 @@ commands = { // all commands list below } }; -if(AuthDetails.hasOwnProperty("client_id")){ +if(process.env.hasOwnProperty("CLIENT_ID")){ commands["invite"] = { description: "Generates an invite link you can use to invite the bot to your server.", process: function(bot,msg,suffix){ - msg.channel.send("Invite link: https://discordapp.com/oauth2/authorize?&client_id=" + AuthDetails.client_id + "&scope=bot&permissions=470019135"); // send link to invite bot into server. + msg.channel.send("Invite link: https://discordapp.com/oauth2/authorize?&client_id=" + process.env.CLIENT_ID + "&scope=bot&permissions=470019135"); // send link to invite bot into server. } } } @@ -446,9 +438,9 @@ exports.addCommand = function(commandName, commandObject){ exports.commandCount = function(){ return Object.keys(commands).length; } -if(AuthDetails.bot_token){ +if(process.env.BOT_TOKEN){ console.log("logging in with token"); - bot.login(AuthDetails.bot_token); + bot.login(process.env.BOT_TOKEN); } else { console.log("Logging in with user credentials is no longer supported!\nYou can use token based log in with a user account; see\nhttps://discord.js.org/#/docs/main/master/general/updating."); } diff --git a/package.json b/package.json index 595604c6..60d1c523 100644 --- a/package.json +++ b/package.json @@ -24,6 +24,7 @@ "cleverbot-node": "^0.2.8", "d20": "^1.4.1", "discord.js": "^11.5.1", + "dotenv": "^8.1.0", "feedparser": "1.1.x", "html-to-text": "^3.3.0", "imgflipper": "^1.0.1", @@ -33,7 +34,7 @@ "node-wolfram": "0.0.1", "npm": "", "querystring": "0.2.x", - "request": "^2.85.0", + "request": "^2.88.0", "request-promise": "^4.2.1", "sinon": "1.14.x", "tumblr.js": "0.0.x", @@ -41,7 +42,7 @@ "urban": "^0.3.1", "wikijs": "^0.1.4", "youtube-dl": "^2.0.0", - "youtube-node": "^1.3.3", + "youtube-node": "^1.2.0", "ytdl-core": "^0.29.3", "zucc": "^0.1.2" }, diff --git a/plugins/Google/google.js b/plugins/Google/google.js index a8e98d91..b62a55b2 100644 --- a/plugins/Google/google.js +++ b/plugins/Google/google.js @@ -1,5 +1,4 @@ var request = require("request"); -var AuthDetails = require("../../auth.json"); try { var yt = require("./youtube_plugin"); var youtube_plugin = new yt(); @@ -18,13 +17,13 @@ exports.image = { usage: "", description: "gets the top matching image from google", process: function(bot, msg, args) { - if(!AuthDetails || !AuthDetails.youtube_api_key || !AuthDetails.google_custom_search){ + if(!process.env.YOUTUBE_API_KEY || !process.env.GOOGLE_CUSTOM_SEARCH){ msg.channel.send("Image search requires both a YouTube API key and a Google Custom Search key!"); return; } //gets us a random result in first 5 pages var page = 1; //we request 10 items - request("https://www.googleapis.com/customsearch/v1?key=" + AuthDetails.youtube_api_key + "&cx=" + AuthDetails.google_custom_search + "&q=" + (args.replace(/\s/g, '+')) + "&searchType=image&alt=json&num=10&start="+page, function(err, res, body) { + request("https://www.googleapis.com/customsearch/v1?key=" + process.env.YOUTUBE_API_KEY + "&cx=" + process.env.GOOGLE_CUSTOM_SEARCH + "&q=" + (args.replace(/\s/g, '+')) + "&searchType=image&alt=json&num=10&start="+page, function(err, res, body) { var data, error; try { data = JSON.parse(body); @@ -52,13 +51,13 @@ exports.rimage = { usage: "", description: "gets a random image matching tags from google", process: function(bot, msg, args) { - if(!AuthDetails || !AuthDetails.youtube_api_key || !AuthDetails.google_custom_search){ + if(!process.env.YOUTUBE_API_KEY || !process.env.GOOGLE_CUSTOM_SEARCH){ msg.channel.send( "Image search requires both a YouTube API key and a Google Custom Search key!"); return; } //gets us a random result in first 5 pages var page = 1 + Math.floor(Math.random() * 5) * 10; //we request 10 items - request("https://www.googleapis.com/customsearch/v1?key=" + AuthDetails.youtube_api_key + "&cx=" + AuthDetails.google_custom_search + "&q=" + (args.replace(/\s/g, '+')) + "&searchType=image&alt=json&num=10&start="+page, function(err, res, body) { + request("https://www.googleapis.com/customsearch/v1?key=" + process.env.YOUTUBE_API_KEY + "&cx=" + process.env.GOOGLE_CUSTOM_SEARCH + "&q=" + (args.replace(/\s/g, '+')) + "&searchType=image&alt=json&num=10&start="+page, function(err, res, body) { var data, error; try { data = JSON.parse(body); @@ -88,7 +87,7 @@ exports.ggif = { process : function(bot, msg, args) { //gets us a random result in first 5 pages var page = 1 + Math.floor(Math.random() * 5) * 10; //we request 10 items - request("https://www.googleapis.com/customsearch/v1?key=" + AuthDetails.youtube_api_key + "&cx=" + AuthDetails.google_custom_search + "&q=" + (args.replace(/\s/g, '+')) + "&searchType=image&alt=json&num=10&start="+page+"&fileType=gif", function(err, res, body) { + request("https://www.googleapis.com/customsearch/v1?key=" + process.env.YOUTUBE_API_KEY + "&cx=" + process.env.GOOGLE_CUSTOM_SEARCH + "&q=" + (args.replace(/\s/g, '+')) + "&searchType=image&alt=json&num=10&start="+page+"&fileType=gif", function(err, res, body) { var data, error; try { data = JSON.parse(body); diff --git a/plugins/Google/youtube_plugin.js b/plugins/Google/youtube_plugin.js index 8117fab0..8001fd4e 100644 --- a/plugins/Google/youtube_plugin.js +++ b/plugins/Google/youtube_plugin.js @@ -1,13 +1,12 @@ var util = require('util'); var youtube_node = require('youtube-node'); -var AuthDetails = require("../../auth.json"); var Config = require("../../config.json"); function YoutubePlugin () { this.RickrollUrl = 'http://www.youtube.com/watch?v=oHg5SJYRHA0'; this.youtube = new youtube_node(); - this.youtube.setKey(AuthDetails.youtube_api_key); + this.youtube.setKey(process.env.YOUTUBE_API_KEY); this.youtube.addParam('type', 'video'); }; diff --git a/plugins/Imgflip/imgflip.js b/plugins/Imgflip/imgflip.js index eef705a9..bd4d5add 100644 --- a/plugins/Imgflip/imgflip.js +++ b/plugins/Imgflip/imgflip.js @@ -2,7 +2,6 @@ exports.commands = [ "meme" ] -var AuthDetails = require("../../auth.json"); var Config = require("../../config.json"); //https://api.imgflip.com/popular_meme_ids @@ -36,7 +35,7 @@ exports.meme = { var memetype = tags[0].split(" ")[1]; //msg.channel.send(tags); var Imgflipper = require("imgflipper"); - var imgflipper = new Imgflipper(AuthDetails.imgflip_username, AuthDetails.imgflip_password); + var imgflipper = new Imgflipper(process.env.IMGFLIP_USERNAME, process.env.IMGFLIP_PASSWORD); imgflipper.generateMeme(meme[memetype], tags[1]?tags[1]:"", tags[3]?tags[3]:"", function(err, image){ console.log(arguments); console.log(image); diff --git a/plugins/Random/random.js b/plugins/Random/random.js index 59186895..6a868e9c 100644 --- a/plugins/Random/random.js +++ b/plugins/Random/random.js @@ -1,3 +1,5 @@ +const request = require("request") + exports.commands = [ "date_fact", "year_fact", @@ -9,7 +11,7 @@ exports.math_fact = { usage: "", description: "Gives a Random Math Fact", process: function(bot, msg, suffix) { - require("request")("http://numbersapi.com/random/math?json", + request("http://numbersapi.com/random/math?json", function(err, res, body) { var data = JSON.parse(body); if (data && data.text) { @@ -22,7 +24,7 @@ exports.math_fact = { exports.year_fact = { description: "Gives a Random Year Fact", process: function(bot, msg, suffix) { - require("request")("http://numbersapi.com/random/year?json", + request("http://numbersapi.com/random/year?json", function(err, res, body) { var data = JSON.parse(body); if (data && data.text) { @@ -35,7 +37,7 @@ exports.math_fact = { exports.joke = { description: "Gives a Random Joke", process: function(bot, msg, suffix) { - require("request")("http://tambal.azurewebsites.net/joke/random", + request("http://tambal.azurewebsites.net/joke/random", function(err, res, body) { var data = JSON.parse(body); if (data && data.joke) { @@ -48,7 +50,7 @@ exports.math_fact = { exports.date_fact = { description: "Gives a Random Date Fact", process: function(bot, msg, suffix) { - require("request")("http://numbersapi.com/random/date?json", + request("http://numbersapi.com/random/date?json", function(err, res, body) { var data = JSON.parse(body); if (data && data.text) { diff --git a/plugins/Twitch/twitch.js b/plugins/Twitch/twitch.js index c52eab7a..acdee88f 100644 --- a/plugins/Twitch/twitch.js +++ b/plugins/Twitch/twitch.js @@ -1,6 +1,4 @@ var request = require("request"); -var AuthDetails = require("../../auth.json"); -var Discord = require("discord.js"); exports.commands = [ "twitch_user", @@ -16,7 +14,7 @@ exports.twitch_user = { request({ url: "https://api.twitch.tv/helix/"+user_query, headers: { - 'Client-ID': AuthDetails.twitch_client_id + 'Client-ID': process.env.TWITCH_CLIENT_ID } }, function(err,res,body){ @@ -53,7 +51,7 @@ exports.twitch = { request({ url: twitch_api+user_query, headers: { - 'Client-ID': AuthDetails.twitch_client_id + 'Client-ID': process.env.TWITCH_CLIENT_ID } }, function(err,res,body){ @@ -77,7 +75,7 @@ exports.twitch = { request({ url: twitch_api+stream_query, headers: { - 'Client-ID': AuthDetails.twitch_client_id + 'Client-ID': process.env.TWITCH_CLIENT_ID } }, diff --git a/plugins/Wolfram Alpha/wolfram_plugin.js b/plugins/Wolfram Alpha/wolfram_plugin.js index 24151d39..53bcd7c4 100644 --- a/plugins/Wolfram Alpha/wolfram_plugin.js +++ b/plugins/Wolfram Alpha/wolfram_plugin.js @@ -1,8 +1,7 @@ var Wolfram = require('node-wolfram'); -var AuthDetails = require("../../auth.json"); function WolframPlugin () { - this.wolfram = new Wolfram(AuthDetails.wolfram_api_key) + this.wolfram = new Wolfram(process.env.WOLFRAM_API_KEY) }; WolframPlugin.prototype.respond = function (query, channel, bot,tmpMsg) { diff --git a/wolfram_plugin.js b/wolfram_plugin.js index dd657b6e..25557024 100644 --- a/wolfram_plugin.js +++ b/wolfram_plugin.js @@ -1,8 +1,7 @@ var Wolfram = require('node-wolfram'); -var AuthDetails = require("./auth.json"); function WolframPlugin () { - this.wolfram = new Wolfram(AuthDetails.wolfram_api_key) + this.wolfram = new Wolfram(process.env.WOLFRAM_API_KEY) }; WolframPlugin.prototype.respond = function (query, channel, bot,tmpMsg) { diff --git a/youtube_plugin.js b/youtube_plugin.js index 9cb42bbd..b134fc3b 100644 --- a/youtube_plugin.js +++ b/youtube_plugin.js @@ -1,12 +1,11 @@ var util = require('util'); var youtube_node = require('youtube-node'); -var AuthDetails = require("./auth.json"); function YoutubePlugin () { this.RickrollUrl = 'http://www.youtube.com/watch?v=oHg5SJYRHA0'; this.youtube = new youtube_node(); - this.youtube.setKey(AuthDetails.youtube_api_key); + this.youtube.setKey(process.env.YOUTUBE_API_KEY); this.youtube.addParam('type', 'video'); }; From 5d6bf3d99a2e59b8d0357223ac24c39e046346ab Mon Sep 17 00:00:00 2001 From: Bojan Dedic Date: Sun, 6 Oct 2019 11:15:44 +0200 Subject: [PATCH 2/3] :tada: Moved sensitive informations to .env instead of json --- .gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index eac8d033..6e9e5786 100644 --- a/.gitignore +++ b/.gitignore @@ -2,6 +2,8 @@ logs *.log +.env + # Runtime data pids *.pid From 7a54e054df08742578ce3a9b1d09c99d87d52b8b Mon Sep 17 00:00:00 2001 From: Bojan Dedic Date: Sun, 6 Oct 2019 11:17:11 +0200 Subject: [PATCH 3/3] :tada: Moved sensitive informations to .env instead of json --- .env | 10 ---------- 1 file changed, 10 deletions(-) delete mode 100644 .env diff --git a/.env b/.env deleted file mode 100644 index bb4ab3f7..00000000 --- a/.env +++ /dev/null @@ -1,10 +0,0 @@ -EMAIL= -PASSWORD= -BOT_TOKEN=MzQyODMwNjEzNDI3OTEyNzE0.XZlXTg.8dbexVdPsKyVPL1AG_hifr6HmNs -CLIENT_ID= -YOUTUBE_API_KEY= -GOOGLE_CUSTOM_SEARCH= -IMGFLIP_USERNAME= -IMGFLIP_PASSWORD= -WOLFRAM_API_KEY= -TWITCH_CLIENT_ID= \ No newline at end of file