From f8e9426350e5cb04e145210cced618b8e387608d Mon Sep 17 00:00:00 2001 From: Ylian Saint-Hilaire Date: Mon, 10 Jan 2022 12:25:31 -0800 Subject: [PATCH] Improved MongoDB indexes. --- db.js | 18 +++++++++--------- meshuser.js | 7 ++++--- webserver.js | 2 +- 3 files changed, 14 insertions(+), 13 deletions(-) diff --git a/db.js b/db.js index 6b3b7e0b..51d8c236 100644 --- a/db.js +++ b/db.js @@ -784,12 +784,11 @@ module.exports.CreateDB = function (parent, func) { // Check if we need to reset indexes var indexesByName = {}, indexCount = 0; for (var i in indexes) { indexesByName[indexes[i].name] = indexes[i]; indexCount++; } - if ((indexCount != 6) || (indexesByName['UsernameAction1'] == null) || (indexesByName['UserIdAction1'] == null) || (indexesByName['DomainNodeTime1'] == null) || (indexesByName['IdsAndTime1'] == null) || (indexesByName['ExpireTime1'] == null)) { + if ((indexCount != 5) || (indexesByName['UsernameAction1'] == null) || (indexesByName['DomainNodeTime1'] == null) || (indexesByName['IdsAndTime1'] == null) || (indexesByName['ExpireTime1'] == null)) { // Reset all indexes console.log("Resetting events indexes..."); obj.eventsfile.dropIndexes(function (err) { obj.eventsfile.createIndex({ username: 1, action: 1 }, { sparse: 1, name: 'UsernameAction1' }); - obj.eventsfile.createIndex({ userid: 1, action: 1 }, { sparse: 1, name: 'UserIdAction1' }); obj.eventsfile.createIndex({ domain: 1, nodeid: 1, time: -1 }, { sparse: 1, name: 'DomainNodeTime1' }); obj.eventsfile.createIndex({ ids: 1, time: -1 }, { sparse: 1, name: 'IdsAndTime1' }); obj.eventsfile.createIndex({ time: 1 }, { expireAfterSeconds: expireEventsSeconds, name: 'ExpireTime1' }); @@ -873,12 +872,13 @@ module.exports.CreateDB = function (parent, func) { // Check if we need to reset indexes var indexesByName = {}, indexCount = 0; for (var i in indexes) { indexesByName[indexes[i].name] = indexes[i]; indexCount++; } - if ((indexCount != 4) || (indexesByName['TypeDomainMesh1'] == null) || (indexesByName['Email1'] == null) || (indexesByName['Mesh1'] == null)) { + if ((indexCount != 5) || (indexesByName['TypeDomainMesh1'] == null) || (indexesByName['Email1'] == null) || (indexesByName['Mesh1'] == null) || (indexesByName['AmtUuid1'] == null)) { console.log("Resetting main indexes..."); obj.file.dropIndexes(function (err) { obj.file.createIndex({ type: 1, domain: 1, meshid: 1 }, { sparse: 1, name: 'TypeDomainMesh1' }); // Speeds up GetAllTypeNoTypeField() and GetAllTypeNoTypeFieldMeshFiltered() obj.file.createIndex({ email: 1 }, { sparse: 1, name: 'Email1' }); // Speeds up GetUserWithEmail() and GetUserWithVerifiedEmail() obj.file.createIndex({ meshid: 1 }, { sparse: 1, name: 'Mesh1' }); // Speeds up RemoveMesh() + obj.file.createIndex({ 'intelamt.uuid': 1 }, { sparse: 1, name: 'AmtUuid1' }); // Speeds up getAmtUuidMeshNode() }); } }); @@ -889,11 +889,11 @@ module.exports.CreateDB = function (parent, func) { // Check if we need to reset indexes var indexesByName = {}, indexCount = 0; for (var i in indexes) { indexesByName[indexes[i].name] = indexes[i]; indexCount++; } - if ((indexCount != 5) || (indexesByName['Username1'] == null) || (indexesByName['DomainNodeTime1'] == null) || (indexesByName['IdsAndTime1'] == null) || (indexesByName['ExpireTime1'] == null)) { + if ((indexCount != 5) || (indexesByName['UsernameAction1'] == null) || (indexesByName['DomainNodeTime1'] == null) || (indexesByName['IdsAndTime1'] == null) || (indexesByName['ExpireTime1'] == null)) { // Reset all indexes console.log("Resetting events indexes..."); obj.eventsfile.dropIndexes(function (err) { - obj.eventsfile.createIndex({ username: 1 }, { sparse: 1, name: 'Username1' }); + obj.eventsfile.createIndex({ username: 1, action: 1 }, { sparse: 1, name: 'UsernameAction1' }); obj.eventsfile.createIndex({ domain: 1, nodeid: 1, time: -1 }, { sparse: 1, name: 'DomainNodeTime1' }); obj.eventsfile.createIndex({ ids: 1, time: -1 }, { sparse: 1, name: 'IdsAndTime1' }); obj.eventsfile.createIndex({ time: 1 }, { expireAfterSeconds: expireEventsSeconds, name: 'ExpireTime1' }); @@ -1638,7 +1638,7 @@ module.exports.CreateDB = function (parent, func) { obj.GetUserEvents = function (ids, domain, username, func) { obj.eventsfile.find({ domain: domain, $or: [{ ids: { $in: ids } }, { username: username }] }).project({ type: 0, _id: 0, domain: 0, ids: 0, node: 0 }).sort({ time: -1 }).toArray(func); }; obj.GetUserEventsWithLimit = function (ids, domain, username, limit, func) { obj.eventsfile.find({ domain: domain, $or: [{ ids: { $in: ids } }, { username: username }] }).project({ type: 0, _id: 0, domain: 0, ids: 0, node: 0 }).sort({ time: -1 }).limit(limit).toArray(func); }; obj.GetEventsTimeRange = function (ids, domain, msgids, start, end, func) { obj.eventsfile.find({ domain: domain, $or: [{ ids: { $in: ids } }], msgid: { $in: msgids }, time: { $gte: start, $lte: end } }).project({ type: 0, _id: 0, domain: 0, node: 0 }).sort({ time: 1 }).toArray(func); }; - obj.GetUserLoginEvents = function (domain, userid, func) { obj.eventsfile.find({ domain: domain, action: { $in: ['authfail', 'login'] }, userid: userid, msgArgs: { $exists: true } }).project({ action: 1, time: 1, msgid: 1, msgArgs: 1, tokenName: 1 }).sort({ time: -1 }).toArray(func); }; + obj.GetUserLoginEvents = function (domain, username, func) { obj.eventsfile.find({ domain: domain, action: { $in: ['authfail', 'login'] }, username: username, msgArgs: { $exists: true } }).project({ action: 1, time: 1, msgid: 1, msgArgs: 1, tokenName: 1 }).sort({ time: -1 }).toArray(func); }; obj.GetNodeEventsWithLimit = function (nodeid, domain, limit, func) { obj.eventsfile.find({ domain: domain, nodeid: nodeid }).project({ type: 0, etype: 0, _id: 0, domain: 0, ids: 0, node: 0, nodeid: 0 }).sort({ time: -1 }).limit(limit).toArray(func); }; obj.GetNodeEventsSelfWithLimit = function (nodeid, domain, userid, limit, func) { obj.eventsfile.find({ domain: domain, nodeid: nodeid, userid: { $in: [userid, null] } }).project({ type: 0, etype: 0, _id: 0, domain: 0, ids: 0, node: 0, nodeid: 0 }).sort({ time: -1 }).limit(limit).toArray(func); }; obj.RemoveAllEvents = function (domain) { obj.eventsfile.deleteMany({ domain: domain }, { multi: true }); }; @@ -1831,11 +1831,11 @@ module.exports.CreateDB = function (parent, func) { obj.eventsfile.find({ domain: domain, $or: [{ ids: { $in: ids } }], msgid: { $in: msgids }, time: { $gte: start, $lte: end } }, { type: 0, _id: 0, domain: 0, node: 0 }).sort({ time: 1 }, func); } }; - obj.GetUserLoginEvents = function (domain, userid, func) { + obj.GetUserLoginEvents = function (domain, username, func) { if (obj.databaseType == 1) { - obj.eventsfile.find({ domain: domain, action: { $in: ['authfail', 'login'] }, userid: userid, msgArgs: { $exists: true } }, { action: 1, time: 1, msgid: 1, msgArgs: 1, tokenName: 1 }).sort({ time: -1 }).exec(func); + obj.eventsfile.find({ domain: domain, action: { $in: ['authfail', 'login'] }, username: username, msgArgs: { $exists: true } }, { action: 1, time: 1, msgid: 1, msgArgs: 1, tokenName: 1 }).sort({ time: -1 }).exec(func); } else { - obj.eventsfile.find({ domain: domain, action: { $in: ['authfail', 'login'] }, userid: userid, msgArgs: { $exists: true } }, { action: 1, time: 1, msgid: 1, msgArgs: 1, tokenName: 1 }).sort({ time: -1 }, func); + obj.eventsfile.find({ domain: domain, action: { $in: ['authfail', 'login'] }, username: username, msgArgs: { $exists: true } }, { action: 1, time: 1, msgid: 1, msgArgs: 1, tokenName: 1 }).sort({ time: -1 }, func); } }; obj.GetNodeEventsWithLimit = function (nodeid, domain, limit, func) { if (obj.databaseType == 1) { obj.eventsfile.find({ domain: domain, nodeid: nodeid }, { type: 0, etype: 0, _id: 0, domain: 0, ids: 0, node: 0, nodeid: 0 }).sort({ time: -1 }).limit(limit).exec(func); } else { obj.eventsfile.find({ domain: domain, nodeid: nodeid }, { type: 0, etype: 0, _id: 0, domain: 0, ids: 0, node: 0, nodeid: 0 }).sort({ time: -1 }).limit(limit, func); } }; diff --git a/meshuser.js b/meshuser.js index e8c4d442..88eb2fbd 100644 --- a/meshuser.js +++ b/meshuser.js @@ -4327,10 +4327,11 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use case 'previousLogins': { // TODO: Make a better database call to get filtered data. if (command.userid == null) { + var splitUser = user._id.split('/'); // Get previous logins for self if (db.GetUserLoginEvents) { // New way - db.GetUserLoginEvents(domain.id, user._id, function (err, docs) { + db.GetUserLoginEvents(domain.id, splitUser[2], function (err, docs) { if (err != null) return; var e = []; for (var i in docs) { e.push({ t: docs[i].time, m: docs[i].msgid, a: docs[i].msgArgs, tn: docs[i].tokenName }); } @@ -4338,7 +4339,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use }); } else { // Old way - db.GetUserEvents([user._id], domain.id, user._id.split('/')[2], function (err, docs) { + db.GetUserEvents([user._id], domain.id, splitUser[2], function (err, docs) { if (err != null) return; var e = []; for (var i in docs) { @@ -4356,7 +4357,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use if ((obj.crossDomain === true) || (splitUser[1] === domain.id)) { if (db.GetUserLoginEvents) { // New way - db.GetUserLoginEvents(splitUser[1], command.userid, function (err, docs) { + db.GetUserLoginEvents(splitUser[1], splitUser[2], function (err, docs) { if (err != null) return; var e = []; for (var i in docs) { e.push({ t: docs[i].time, m: docs[i].msgid, a: docs[i].msgArgs }); } diff --git a/webserver.js b/webserver.js index 4f64028b..009b946d 100644 --- a/webserver.js +++ b/webserver.js @@ -6361,7 +6361,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF if ((domain == null) || (domain.auth == 'sspi')) { res.sendStatus(404); return; } if ((domain.loginkey != null) && (domain.loginkey.indexOf(req.query.key) == -1)) { res.sendStatus(404); return; } // Check 3FA URL const cspNonce = obj.crypto.randomBytes(15).toString('base64'); - res.set({ 'Content-Security-Policy': "default-src 'none'; script-src 'self' 'nonce-" + cspNonce + "'; img-src 'self'; style-src 'self' 'nonce-" + cspNonce + "';" }); + res.set({ 'Content-Security-Policy': "default-src 'none'; script-src 'self' 'nonce-" + cspNonce + "'; img-src 'self'; style-src 'self' 'nonce-" + cspNonce + "';" }); // This page supports very tight CSP policy res.status(404).render(getRenderPage((domain.sitestyle == 2) ? 'error4042' : 'error404', req, domain), getRenderArgs({ cspNonce: cspNonce }, req, domain)); }); }