This commit is contained in:
syuilo 2018-04-13 06:06:18 +09:00
parent a3bd4ba426
commit 3368fe8552
20 changed files with 582 additions and 609 deletions

View file

@ -30,6 +30,7 @@
"@fortawesome/fontawesome-free-brands": "5.0.2", "@fortawesome/fontawesome-free-brands": "5.0.2",
"@fortawesome/fontawesome-free-regular": "5.0.2", "@fortawesome/fontawesome-free-regular": "5.0.2",
"@fortawesome/fontawesome-free-solid": "5.0.2", "@fortawesome/fontawesome-free-solid": "5.0.2",
"@koa/cors": "^2.2.1",
"@prezzemolo/rap": "0.1.2", "@prezzemolo/rap": "0.1.2",
"@prezzemolo/zip": "0.0.3", "@prezzemolo/zip": "0.0.3",
"@types/bcryptjs": "2.4.1", "@types/bcryptjs": "2.4.1",
@ -58,7 +59,12 @@
"@types/js-yaml": "3.11.1", "@types/js-yaml": "3.11.1",
"@types/koa": "^2.0.45", "@types/koa": "^2.0.45",
"@types/koa-bodyparser": "^4.2.0", "@types/koa-bodyparser": "^4.2.0",
"@types/koa-favicon": "^2.0.19",
"@types/koa-mount": "^3.0.1",
"@types/koa-multer": "^1.0.0",
"@types/koa-router": "^7.0.27", "@types/koa-router": "^7.0.27",
"@types/koa-send": "^4.1.1",
"@types/koa__cors": "^2.2.2",
"@types/kue": "^0.11.8", "@types/kue": "^0.11.8",
"@types/license-checker": "15.0.0", "@types/license-checker": "15.0.0",
"@types/mkdirp": "0.5.2", "@types/mkdirp": "0.5.2",
@ -144,7 +150,11 @@
"js-yaml": "3.11.0", "js-yaml": "3.11.0",
"jsdom": "11.7.0", "jsdom": "11.7.0",
"koa": "^2.5.0", "koa": "^2.5.0",
"koa-favicon": "^2.0.1",
"koa-mount": "^3.0.0",
"koa-multer": "^1.0.2",
"koa-router": "^7.4.0", "koa-router": "^7.4.0",
"koa-send": "^4.1.3",
"kue": "0.11.6", "kue": "0.11.6",
"license-checker": "18.0.0", "license-checker": "18.0.0",
"loader-utils": "1.1.0", "loader-utils": "1.1.0",

View file

@ -97,6 +97,8 @@
// Compare versions // Compare versions
if (meta.version != ver) { if (meta.version != ver) {
localStorage.setItem('v', meta.version);
alert( alert(
'Misskeyの新しいバージョンがあります。ページを再度読み込みします。' + 'Misskeyの新しいバージョンがあります。ページを再度読み込みします。' +
'\n\n' + '\n\n' +

View file

@ -1,25 +0,0 @@
const yn = window.confirm(
'サーバー上に存在しないスクリプトがリクエストされました。お使いのMisskeyのバージョンが古いことが原因の可能性があります。Misskeyを更新しますか\n\nA script that does not exist on the server was requested. It may be caused by an old version of Misskey youre using. Do you want to delete the cache?');
const langYn = window.confirm('また、言語を日本語に設定すると解決する場合があります。日本語に設定しますか?\n\nAlso, setting the language to Japanese may solve the problem. Would you like to set it to Japanese?');
if (langYn) {
localStorage.setItem('lang', 'ja');
}
if (yn) {
// Clear cache (serive worker)
try {
navigator.serviceWorker.controller.postMessage('clear');
navigator.serviceWorker.getRegistrations().then(registrations => {
registrations.forEach(registration => registration.unregister());
});
} catch (e) {
console.error(e);
}
localStorage.removeItem('v');
location.reload(true);
}

View file

@ -10,7 +10,6 @@ import * as debug from 'debug';
import chalk from 'chalk'; import chalk from 'chalk';
// import portUsed = require('tcp-port-used'); // import portUsed = require('tcp-port-used');
import isRoot = require('is-root'); import isRoot = require('is-root');
import { master } from 'accesses';
import Xev from 'xev'; import Xev from 'xev';
import Logger from './utils/logger'; import Logger from './utils/logger';
@ -73,11 +72,6 @@ async function masterMain(opt) {
Logger.info(chalk.green('Successfully initialized :)')); Logger.info(chalk.green('Successfully initialized :)'));
// Init accesses
if (config.accesses && config.accesses.enable) {
master();
}
spawnWorkers(() => { spawnWorkers(() => {
if (!opt['only-processor']) { if (!opt['only-processor']) {
Logger.info(chalk.bold.green( Logger.info(chalk.bold.green(

View file

@ -1,4 +1,4 @@
import * as express from 'express'; import * as Koa from 'koa';
import { Endpoint } from './endpoints'; import { Endpoint } from './endpoints';
import authenticate from './authenticate'; import authenticate from './authenticate';
@ -6,16 +6,17 @@ import call from './call';
import { IUser } from '../../models/user'; import { IUser } from '../../models/user';
import { IApp } from '../../models/app'; import { IApp } from '../../models/app';
export default async (endpoint: Endpoint, req: express.Request, res: express.Response) => { export default async (endpoint: Endpoint, ctx: Koa.Context) => {
const reply = (x?: any, y?: any) => { const reply = (x?: any, y?: any) => {
if (x === undefined) { if (x === undefined) {
res.sendStatus(204); ctx.status = 204;
} else if (typeof x === 'number') { } else if (typeof x === 'number') {
res.status(x).send({ ctx.status = x;
ctx.body = {
error: x === 500 ? 'INTERNAL_ERROR' : y error: x === 500 ? 'INTERNAL_ERROR' : y
}); };
} else { } else {
res.send(x); ctx.body = x;
} }
}; };
@ -24,11 +25,11 @@ export default async (endpoint: Endpoint, req: express.Request, res: express.Res
// Authentication // Authentication
try { try {
[user, app] = await authenticate(req.body['i']); [user, app] = await authenticate(ctx.body['i']);
} catch (e) { } catch (e) {
return reply(403, 'AUTHENTICATION_FAILED'); return reply(403, 'AUTHENTICATION_FAILED');
} }
// API invoking // API invoking
call(endpoint, user, app, req.body, req).then(reply).catch(e => reply(400, e)); call(endpoint, user, app, ctx.body, ctx.req).then(reply).catch(e => reply(400, e));
}; };

View file

@ -1,5 +1,5 @@
import * as EventEmitter from 'events'; import * as EventEmitter from 'events';
import * as express from 'express'; import * as Router from 'koa-router';
import * as request from 'request'; import * as request from 'request';
import * as crypto from 'crypto'; import * as crypto from 'crypto';
import User from '../../../../models/user'; import User from '../../../../models/user';
@ -158,9 +158,6 @@ class LineBot extends BotCore {
} }
} }
module.exports = async (app: express.Application) => {
if (config.line_bot == null) return;
const handler = new EventEmitter(); const handler = new EventEmitter();
handler.on('event', async (ev) => { handler.on('event', async (ev) => {
@ -215,25 +212,27 @@ module.exports = async (app: express.Application) => {
bot.react(ev); bot.react(ev);
}); });
app.post('/hooks/line', (req, res, next) => { // Init router
// req.headers['x-line-signature'] は常に string ですが、型定義の都合上 const router = new Router();
// string | string[] になっているので string を明示しています
const sig1 = req.headers['x-line-signature'] as string; if (config.line_bot) {
router.post('/hooks/line', ctx => {
const sig1 = ctx.headers['x-line-signature'];
const hash = crypto.createHmac('SHA256', config.line_bot.channel_secret) const hash = crypto.createHmac('SHA256', config.line_bot.channel_secret)
.update((req as any).rawBody); .update(ctx.request.rawBody);
const sig2 = hash.digest('base64'); const sig2 = hash.digest('base64');
// シグネチャ比較 // シグネチャ比較
if (sig1 === sig2) { if (sig1 === sig2) {
req.body.events.forEach(ev => { ctx.body.events.forEach(ev => {
handler.emit('event', ev); handler.emit('event', ev);
}); });
res.sendStatus(200);
} else { } else {
res.sendStatus(400); ctx.status = 400;
} }
}); });
}; }
module.exports = router;

View file

@ -1,11 +1,12 @@
import * as express from 'express'; import * as http from 'http';
import * as multer from 'koa-multer';
import endpoints, { Endpoint } from './endpoints'; import endpoints, { Endpoint } from './endpoints';
import limitter from './limitter'; import limitter from './limitter';
import { IUser } from '../../models/user'; import { IUser } from '../../models/user';
import { IApp } from '../../models/app'; import { IApp } from '../../models/app';
export default (endpoint: string | Endpoint, user: IUser, app: IApp, data: any, req?: express.Request) => new Promise(async (ok, rej) => { export default (endpoint: string | Endpoint, user: IUser, app: IApp, data: any, req?: http.IncomingMessage) => new Promise(async (ok, rej) => {
const isSecure = user != null && app == null; const isSecure = user != null && app == null;
//console.log(endpoint, user, app, data); //console.log(endpoint, user, app, data);
@ -38,7 +39,7 @@ export default (endpoint: string | Endpoint, user: IUser, app: IApp, data: any,
let exec = require(`${__dirname}/endpoints/${ep.name}`); let exec = require(`${__dirname}/endpoints/${ep.name}`);
if (ep.withFile && req) { if (ep.withFile && req) {
exec = exec.bind(null, req.file); exec = exec.bind(null, (req as multer.MulterIncomingMessage).file);
} }
let res; let res;

View file

@ -1,19 +1,20 @@
import config from '../../../config'; import * as Koa from 'koa';
export default function(res, user, redirect: boolean) { import config from '../../../config';
import { ILocalUser } from '../../../models/user';
export default function(ctx: Koa.Context, user: ILocalUser, redirect: boolean) {
const expires = 1000 * 60 * 60 * 24 * 365; // One Year const expires = 1000 * 60 * 60 * 24 * 365; // One Year
res.cookie('i', user.token, { ctx.cookies.set('i', user.token, {
path: '/', path: '/',
domain: `.${config.hostname}`, domain: config.hostname,
secure: config.url.substr(0, 5) === 'https', secure: config.url.startsWith('https'),
httpOnly: false, httpOnly: false,
expires: new Date(Date.now() + expires), expires: new Date(Date.now() + expires),
maxAge: expires maxAge: expires
}); });
if (redirect) { if (redirect) {
res.redirect(config.url); ctx.redirect(config.url);
} else {
res.sendStatus(204);
} }
} }

View file

@ -2,53 +2,41 @@
* API Server * API Server
*/ */
import * as express from 'express'; import * as Koa from 'koa';
import * as bodyParser from 'body-parser'; import * as Router from 'koa-router';
import * as cors from 'cors'; import * as multer from 'koa-multer';
import * as multer from 'multer';
import endpoints from './endpoints'; import endpoints from './endpoints';
/** const handler = require('./api-handler').default;
* Init app
*/
const app = express();
app.disable('x-powered-by'); // Init app
app.set('etag', false); const app = new Koa();
app.use(bodyParser.urlencoded({ extended: true }));
app.use(bodyParser.json({
type: ['application/json', 'text/plain'],
verify: (req, res, buf, encoding) => {
if (buf && buf.length) {
(req as any).rawBody = buf.toString(encoding || 'utf8');
}
}
}));
app.use(cors());
app.get('/', (req, res) => { // Init multer instance
res.send('YEE HAW'); const upload = multer({
storage: multer.diskStorage({})
}); });
// Init router
const router = new Router();
/** /**
* Register endpoint handlers * Register endpoint handlers
*/ */
endpoints.forEach(endpoint => endpoints.forEach(endpoint => endpoint.withFile
endpoint.withFile ? ? router.post(`/${endpoint.name}`, upload.single('file'), handler.bind(null, endpoint))
app.post(`/${endpoint.name}`, : router.post(`/${endpoint.name}`, handler.bind(null, endpoint))
endpoint.withFile ? multer({ storage: multer.diskStorage({}) }).single('file') : null,
require('./api-handler').default.bind(null, endpoint)) :
app.post(`/${endpoint.name}`,
require('./api-handler').default.bind(null, endpoint))
); );
app.post('/signup', require('./private/signup').default); router.post('/signup', require('./private/signup').default);
app.post('/signin', require('./private/signin').default); router.post('/signin', require('./private/signin').default);
require('./service/github')(app); router.use(require('./service/github').routes());
require('./service/twitter')(app); router.use(require('./service/twitter').routes());
router.use(require('./bot/interfaces/line').routes());
require('./bot/interfaces/line')(app); // Register router
app.use(router.routes());
module.exports = app; module.exports = app;

View file

@ -1,4 +1,4 @@
import * as express from 'express'; import * as Koa from 'koa';
import * as bcrypt from 'bcryptjs'; import * as bcrypt from 'bcryptjs';
import * as speakeasy from 'speakeasy'; import * as speakeasy from 'speakeasy';
import User, { ILocalUser } from '../../../models/user'; import User, { ILocalUser } from '../../../models/user';
@ -7,26 +7,26 @@ import event from '../../../publishers/stream';
import signin from '../common/signin'; import signin from '../common/signin';
import config from '../../../config'; import config from '../../../config';
export default async (req: express.Request, res: express.Response) => { export default async (ctx: Koa.Context) => {
res.header('Access-Control-Allow-Origin', config.url); ctx.set('Access-Control-Allow-Origin', config.url);
res.header('Access-Control-Allow-Credentials', 'true'); ctx.set('Access-Control-Allow-Credentials', 'true');
const username = req.body['username']; const username = ctx.body['username'];
const password = req.body['password']; const password = ctx.body['password'];
const token = req.body['token']; const token = ctx.body['token'];
if (typeof username != 'string') { if (typeof username != 'string') {
res.sendStatus(400); ctx.status = 400;
return; return;
} }
if (typeof password != 'string') { if (typeof password != 'string') {
res.sendStatus(400); ctx.status = 400;
return; return;
} }
if (token != null && typeof token != 'string') { if (token != null && typeof token != 'string') {
res.sendStatus(400); ctx.status = 400;
return; return;
} }
@ -37,12 +37,12 @@ export default async (req: express.Request, res: express.Response) => {
}, { }, {
fields: { fields: {
data: false, data: false,
'profile': false profile: false
} }
}) as ILocalUser; }) as ILocalUser;
if (user === null) { if (user === null) {
res.status(404).send({ ctx.throw(404, {
error: 'user not found' error: 'user not found'
}); });
return; return;
@ -60,17 +60,17 @@ export default async (req: express.Request, res: express.Response) => {
}); });
if (verified) { if (verified) {
signin(res, user, false); signin(ctx, user, false);
} else { } else {
res.status(400).send({ ctx.throw(400, {
error: 'invalid token' error: 'invalid token'
}); });
} }
} else { } else {
signin(res, user, false); signin(ctx, user, false);
} }
} else { } else {
res.status(400).send({ ctx.throw(400, {
error: 'incorrect password' error: 'incorrect password'
}); });
} }
@ -79,8 +79,8 @@ export default async (req: express.Request, res: express.Response) => {
const record = await Signin.insert({ const record = await Signin.insert({
createdAt: new Date(), createdAt: new Date(),
userId: user._id, userId: user._id,
ip: req.ip, ip: ctx.ip,
headers: req.headers, headers: ctx.headers,
success: same success: same
}); });

View file

@ -1,5 +1,5 @@
import * as uuid from 'uuid'; import * as uuid from 'uuid';
import * as express from 'express'; import * as Koa from 'koa';
import * as bcrypt from 'bcryptjs'; import * as bcrypt from 'bcryptjs';
import { generate as generateKeypair } from '../../../crypto_key'; import { generate as generateKeypair } from '../../../crypto_key';
import recaptcha = require('recaptcha-promise'); import recaptcha = require('recaptcha-promise');
@ -33,30 +33,30 @@ const home = {
] ]
}; };
export default async (req: express.Request, res: express.Response) => { export default async (ctx: Koa.Context) => {
// Verify recaptcha // Verify recaptcha
// ただしテスト時はこの機構は障害となるため無効にする // ただしテスト時はこの機構は障害となるため無効にする
if (process.env.NODE_ENV !== 'test') { if (process.env.NODE_ENV !== 'test') {
const success = await recaptcha(req.body['g-recaptcha-response']); const success = await recaptcha(ctx.body['g-recaptcha-response']);
if (!success) { if (!success) {
res.status(400).send('recaptcha-failed'); ctx.throw(400, 'recaptcha-failed');
return; return;
} }
} }
const username = req.body['username']; const username = ctx.body['username'];
const password = req.body['password']; const password = ctx.body['password'];
// Validate username // Validate username
if (!validateUsername(username)) { if (!validateUsername(username)) {
res.sendStatus(400); ctx.status = 400;
return; return;
} }
// Validate password // Validate password
if (!validatePassword(password)) { if (!validatePassword(password)) {
res.sendStatus(400); ctx.status = 400;
return; return;
} }
@ -71,7 +71,7 @@ export default async (req: express.Request, res: express.Response) => {
// Check username already used // Check username already used
if (usernameExist !== 0) { if (usernameExist !== 0) {
res.sendStatus(400); ctx.status = 400;
return; return;
} }
@ -143,5 +143,5 @@ export default async (req: express.Request, res: express.Response) => {
}); });
// Response // Response
res.send(await pack(account)); ctx.body = await pack(account);
}; };

View file

@ -1,39 +1,52 @@
import * as EventEmitter from 'events'; import * as EventEmitter from 'events';
import * as express from 'express'; import * as Router from 'koa-router';
import * as request from 'request'; import * as request from 'request';
const crypto = require('crypto'); const crypto = require('crypto');
import User from '../../../models/user'; import User, { IUser } from '../../../models/user';
import createNote from '../../../services/note/create'; import createNote from '../../../services/note/create';
import config from '../../../config'; import config from '../../../config';
module.exports = async (app: express.Application) => { const handler = new EventEmitter();
if (config.github_bot == null) return;
const bot = await User.findOne({ let bot: IUser;
const post = async text => {
if (bot == null) {
const account = await User.findOne({
usernameLower: config.github_bot.username.toLowerCase() usernameLower: config.github_bot.username.toLowerCase()
}); });
if (bot == null) { if (account == null) {
console.warn(`GitHub hook bot specified, but not found: @${config.github_bot.username}`); console.warn(`GitHub hook bot specified, but not found: @${config.github_bot.username}`);
return; return;
} else {
bot = account;
}
} }
const post = text => createNote(bot, { text }); createNote(bot, { text });
};
const handler = new EventEmitter(); // Init router
const router = new Router();
app.post('/hooks/github', (req, res, next) => { if (config.github_bot != null) {
// req.headers['x-hub-signature'] および const secret = config.github_bot.hook_secret;
// req.headers['x-github-event'] は常に string ですが、型定義の都合上
// string | string[] になっているので string を明示しています router.post('/hooks/github', ctx => {
if ((new Buffer(req.headers['x-hub-signature'] as string)).equals(new Buffer(`sha1=${crypto.createHmac('sha1', config.github_bot.hook_secret).update(JSON.stringify(req.body)).digest('hex')}`))) { const sig1 = new Buffer(ctx.headers['x-hub-signature']);
handler.emit(req.headers['x-github-event'] as string, req.body); const sig2 = new Buffer(`sha1=${crypto.createHmac('sha1', secret).update(JSON.stringify(ctx.body)).digest('hex')}`);
res.sendStatus(200); if (sig1.equals(sig2)) {
handler.emit(ctx.headers['x-github-event'], ctx.body);
ctx.status = 204;
} else { } else {
res.sendStatus(400); ctx.status = 400;
} }
}); });
}
module.exports = router;
handler.on('status', event => { handler.on('status', event => {
const state = event.state; const state = event.state;
@ -137,4 +150,3 @@ module.exports = async (app: express.Application) => {
} }
post(text); post(text);
}); });
};

View file

@ -1,42 +1,41 @@
import * as express from 'express'; import * as Koa from 'koa';
import * as cookie from 'cookie'; import * as Router from 'koa-router';
import * as uuid from 'uuid'; import * as uuid from 'uuid';
// import * as Twitter from 'twitter';
// const Twitter = require('twitter');
import autwh from 'autwh'; import autwh from 'autwh';
import redis from '../../../db/redis'; import redis from '../../../db/redis';
import User, { pack } from '../../../models/user'; import User, { pack, ILocalUser } from '../../../models/user';
import event from '../../../publishers/stream'; import event from '../../../publishers/stream';
import config from '../../../config'; import config from '../../../config';
import signin from '../common/signin'; import signin from '../common/signin';
module.exports = (app: express.Application) => { function getUserToken(ctx: Koa.Context) {
function getUserToken(req: express.Request) { return ((ctx.headers['cookie'] || '').match(/i=(!\w+)/) || [null, null])[1];
// req.headers['cookie'] は常に string ですが、型定義の都合上
// string | string[] になっているので string を明示しています
return ((req.headers['cookie'] as string || '').match(/i=(!\w+)/) || [null, null])[1];
} }
function compareOrigin(req: express.Request) { function compareOrigin(ctx: Koa.Context) {
function normalizeUrl(url: string) { function normalizeUrl(url: string) {
return url[url.length - 1] === '/' ? url.substr(0, url.length - 1) : url; return url[url.length - 1] === '/' ? url.substr(0, url.length - 1) : url;
} }
// req.headers['referer'] は常に string ですが、型定義の都合上 const referer = ctx.headers['referer'];
// string | string[] になっているので string を明示しています
const referer = req.headers['referer'] as string;
return (normalizeUrl(referer) == normalizeUrl(config.url)); return (normalizeUrl(referer) == normalizeUrl(config.url));
} }
app.get('/disconnect/twitter', async (req, res): Promise<any> => { // Init router
if (!compareOrigin(req)) { const router = new Router();
res.status(400).send('invalid origin');
router.get('/disconnect/twitter', async ctx => {
if (!compareOrigin(ctx)) {
ctx.throw(400, 'invalid origin');
return; return;
} }
const userToken = getUserToken(req); const userToken = getUserToken(ctx);
if (userToken == null) return res.send('plz signin'); if (userToken == null) {
ctx.throw(400, 'signin required');
return;
}
const user = await User.findOneAndUpdate({ const user = await User.findOneAndUpdate({
host: null, host: null,
@ -47,7 +46,7 @@ module.exports = (app: express.Application) => {
} }
}); });
res.send(`Twitterの連携を解除しました :v:`); ctx.body = `Twitterの連携を解除しました :v:`;
// Publish i updated event // Publish i updated event
event(user._id, 'i_updated', await pack(user, user, { event(user._id, 'i_updated', await pack(user, user, {
@ -57,104 +56,100 @@ module.exports = (app: express.Application) => {
}); });
if (config.twitter == null) { if (config.twitter == null) {
app.get('/connect/twitter', (req, res) => { router.get('/connect/twitter', ctx => {
res.send('現在Twitterへ接続できません (このインスタンスではTwitterはサポートされていません)'); ctx.body = '現在Twitterへ接続できません (このインスタンスではTwitterはサポートされていません)';
}); });
app.get('/signin/twitter', (req, res) => { router.get('/signin/twitter', ctx => {
res.send('現在Twitterへ接続できません (このインスタンスではTwitterはサポートされていません)'); ctx.body = '現在Twitterへ接続できません (このインスタンスではTwitterはサポートされていません)';
}); });
} else {
return;
}
const twAuth = autwh({ const twAuth = autwh({
consumerKey: config.twitter.consumer_key, consumerKey: config.twitter.consumer_key,
consumerSecret: config.twitter.consumer_secret, consumerSecret: config.twitter.consumer_secret,
callbackUrl: `${config.url}/api/tw/cb` callbackUrl: `${config.url}/api/tw/cb`
}); });
app.get('/connect/twitter', async (req, res): Promise<any> => { router.get('/connect/twitter', async ctx => {
if (!compareOrigin(req)) { if (!compareOrigin(ctx)) {
res.status(400).send('invalid origin'); ctx.throw(400, 'invalid origin');
return; return;
} }
const userToken = getUserToken(req); const userToken = getUserToken(ctx);
if (userToken == null) return res.send('plz signin'); if (userToken == null) {
ctx.throw(400, 'signin required');
return;
}
const ctx = await twAuth.begin(); const twCtx = await twAuth.begin();
redis.set(userToken, JSON.stringify(ctx)); redis.set(userToken, JSON.stringify(twCtx));
res.redirect(ctx.url); ctx.redirect(twCtx.url);
}); });
app.get('/signin/twitter', async (req, res): Promise<any> => { router.get('/signin/twitter', async ctx => {
const ctx = await twAuth.begin(); const twCtx = await twAuth.begin();
const sessid = uuid(); const sessid = uuid();
redis.set(sessid, JSON.stringify(ctx)); redis.set(sessid, JSON.stringify(twCtx));
const expires = 1000 * 60 * 60; // 1h const expires = 1000 * 60 * 60; // 1h
res.cookie('signin_with_twitter_session_id', sessid, { ctx.cookies.set('signin_with_twitter_session_id', sessid, {
path: '/', path: '/',
domain: `.${config.host}`, domain: config.host,
secure: config.url.substr(0, 5) === 'https', secure: config.url.startsWith('https'),
httpOnly: true, httpOnly: true,
expires: new Date(Date.now() + expires), expires: new Date(Date.now() + expires),
maxAge: expires maxAge: expires
}); });
res.redirect(ctx.url); ctx.redirect(twCtx.url);
}); });
app.get('/tw/cb', (req, res): any => { router.get('/tw/cb', ctx => {
const userToken = getUserToken(req); const userToken = getUserToken(ctx);
if (userToken == null) { if (userToken == null) {
// req.headers['cookie'] は常に string ですが、型定義の都合上 const sessid = ctx.cookies.get('signin_with_twitter_session_id');
// string | string[] になっているので string を明示しています
const cookies = cookie.parse((req.headers['cookie'] as string || ''));
const sessid = cookies['signin_with_twitter_session_id']; if (sessid == null) {
ctx.throw(400, 'invalid session');
if (sessid == undefined) {
res.status(400).send('invalid session');
return; return;
} }
redis.get(sessid, async (_, ctx) => { redis.get(sessid, async (_, twCtx) => {
const result = await twAuth.done(JSON.parse(ctx), req.query.oauth_verifier); const result = await twAuth.done(JSON.parse(twCtx), ctx.query.oauth_verifier);
const user = await User.findOne({ const user = await User.findOne({
host: null, host: null,
'twitter.userId': result.userId 'twitter.userId': result.userId
}); }) as ILocalUser;
if (user == null) { if (user == null) {
res.status(404).send(`@${result.screenName}と連携しているMisskeyアカウントはありませんでした...`); ctx.throw(404, `@${result.screenName}と連携しているMisskeyアカウントはありませんでした...`);
return; return;
} }
signin(res, user, true); signin(ctx, user, true);
}); });
} else { } else {
const verifier = req.query.oauth_verifier; const verifier = ctx.query.oauth_verifier;
if (verifier == null) { if (verifier == null) {
res.status(400).send('invalid session'); ctx.throw(400, 'invalid session');
return; return;
} }
redis.get(userToken, async (_, ctx) => { redis.get(userToken, async (_, twCtx) => {
const result = await twAuth.done(JSON.parse(ctx), verifier); const result = await twAuth.done(JSON.parse(twCtx), verifier);
const user = await User.findOneAndUpdate({ const user = await User.findOneAndUpdate({
host: null, host: null,
'token': userToken token: userToken
}, { }, {
$set: { $set: {
'twitter': { twitter: {
accessToken: result.accessToken, accessToken: result.accessToken,
accessTokenSecret: result.accessTokenSecret, accessTokenSecret: result.accessTokenSecret,
userId: result.userId, userId: result.userId,
@ -163,7 +158,7 @@ module.exports = (app: express.Application) => {
} }
}); });
res.send(`Twitter: @${result.screenName} を、Misskey: @${user.username} に接続しました!`); ctx.body = `Twitter: @${result.screenName} を、Misskey: @${user.username} に接続しました!`;
// Publish i updated event // Publish i updated event
event(user._id, 'i_updated', await pack(user, user, { event(user._id, 'i_updated', await pack(user, user, {
@ -173,4 +168,6 @@ module.exports = (app: express.Application) => {
}); });
} }
}); });
}; }
module.exports = router;

View file

@ -3,171 +3,33 @@
*/ */
import * as fs from 'fs'; import * as fs from 'fs';
import * as express from 'express'; import * as Koa from 'koa';
import * as bodyParser from 'body-parser'; import * as cors from '@koa/cors';
import * as cors from 'cors'; import * as Router from 'koa-router';
import * as mongodb from 'mongodb'; import pour from './pour';
import * as _gm from 'gm'; import sendDriveFile from './send-drive-file';
import * as stream from 'stream';
import DriveFile, { getGridFSBucket } from '../../models/drive-file'; // Init app
const app = new Koa();
const gm = _gm.subClass({
imageMagick: true
});
/**
* Init app
*/
const app = express();
app.disable('x-powered-by');
app.locals.cache = true;
app.use(bodyParser.urlencoded({ extended: true }));
app.use(cors()); app.use(cors());
/** // Init router
* Statics const router = new Router();
*/
app.use('/assets', express.static(`${__dirname}/assets`, {
maxAge: 1000 * 60 * 60 * 24 * 365 // 一年
}));
app.get('/', (req, res) => { router.get('/default-avatar.jpg', ctx => {
res.send('yee haw');
});
app.get('/default-avatar.jpg', (req, res) => {
const file = fs.createReadStream(`${__dirname}/assets/avatar.jpg`); const file = fs.createReadStream(`${__dirname}/assets/avatar.jpg`);
send(file, 'image/jpeg', req, res); pour(file, 'image/jpeg', ctx);
}); });
app.get('/app-default.jpg', (req, res) => { router.get('/app-default.jpg', ctx => {
const file = fs.createReadStream(`${__dirname}/assets/dummy.png`); const file = fs.createReadStream(`${__dirname}/assets/dummy.png`);
send(file, 'image/png', req, res); pour(file, 'image/png', ctx);
}); });
interface ISend { router.get('/:id', sendDriveFile);
contentType: string; router.get('/:id/:name', sendDriveFile);
stream: stream.Readable;
}
function thumbnail(data: stream.Readable, type: string, resize: number): ISend { // Register router
const readable: stream.Readable = (() => { app.use(router.routes());
// 動画であれば
if (/^video\/.*$/.test(type)) {
// TODO
// 使わないことになったストリームはしっかり取り壊す
data.destroy();
return fs.createReadStream(`${__dirname}/assets/thumbnail-not-available.png`);
// 画像であれば
// Note: SVGはapplication/xml
} else if (/^image\/.*$/.test(type) || type == 'application/xml') {
// 0フレーム目を送る
try {
return gm(data).selectFrame(0).stream();
// だめだったら
} catch (e) {
// 使わないことになったストリームはしっかり取り壊す
data.destroy();
return fs.createReadStream(`${__dirname}/assets/thumbnail-not-available.png`);
}
// 動画か画像以外
} else {
data.destroy();
return fs.createReadStream(`${__dirname}/assets/not-an-image.png`);
}
})();
let g = gm(readable);
if (resize) {
g = g.resize(resize, resize);
}
const stream = g
.compress('jpeg')
.quality(80)
.interlace('line')
.stream();
return {
contentType: 'image/jpeg',
stream
};
}
const commonReadableHandlerGenerator = (req: express.Request, res: express.Response) => (e: Error): void => {
console.dir(e);
req.destroy();
res.destroy(e);
};
function send(readable: stream.Readable, type: string, req: express.Request, res: express.Response): void {
readable.on('error', commonReadableHandlerGenerator(req, res));
const data = ((): ISend => {
if (req.query.thumbnail !== undefined) {
return thumbnail(readable, type, req.query.size);
}
return {
contentType: type,
stream: readable
};
})();
if (readable !== data.stream) {
data.stream.on('error', commonReadableHandlerGenerator(req, res));
}
if (req.query.download !== undefined) {
res.header('Content-Disposition', 'attachment');
}
res.header('Content-Type', data.contentType);
data.stream.pipe(res);
data.stream.on('end', () => {
res.end();
});
}
async function sendFileById(req: express.Request, res: express.Response): Promise<void> {
// Validate id
if (!mongodb.ObjectID.isValid(req.params.id)) {
res.status(400).send('incorrect id');
return;
}
const fileId = new mongodb.ObjectID(req.params.id);
// Fetch (drive) file
const file = await DriveFile.findOne({ _id: fileId });
// validate name
if (req.params.name !== undefined && req.params.name !== file.filename) {
res.status(404).send('there is no file has given name');
return;
}
if (file == null) {
res.status(404).sendFile(`${__dirname}/assets/dummy.png`);
return;
}
const bucket = await getGridFSBucket();
const readable = bucket.openDownloadStream(fileId);
send(readable, file.contentType, req, res);
}
/**
* Routing
*/
app.get('/:id', sendFileById);
app.get('/:id/:name', sendFileById);
module.exports = app; module.exports = app;

93
src/server/file/pour.ts Normal file
View file

@ -0,0 +1,93 @@
import * as fs from 'fs';
import * as stream from 'stream';
import * as Koa from 'koa';
import * as Gm from 'gm';
const gm = Gm.subClass({
imageMagick: true
});
interface ISend {
contentType: string;
stream: stream.Readable;
}
function thumbnail(data: stream.Readable, type: string, resize: number): ISend {
const readable: stream.Readable = (() => {
// 動画であれば
if (/^video\/.*$/.test(type)) {
// TODO
// 使わないことになったストリームはしっかり取り壊す
data.destroy();
return fs.createReadStream(`${__dirname}/assets/thumbnail-not-available.png`);
// 画像であれば
// Note: SVGはapplication/xml
} else if (/^image\/.*$/.test(type) || type == 'application/xml') {
// 0フレーム目を送る
try {
return gm(data).selectFrame(0).stream();
// だめだったら
} catch (e) {
// 使わないことになったストリームはしっかり取り壊す
data.destroy();
return fs.createReadStream(`${__dirname}/assets/thumbnail-not-available.png`);
}
// 動画か画像以外
} else {
data.destroy();
return fs.createReadStream(`${__dirname}/assets/not-an-image.png`);
}
})();
let g = gm(readable);
if (resize) {
g = g.resize(resize, resize);
}
const stream = g
.compress('jpeg')
.quality(80)
.interlace('line')
.stream();
return {
contentType: 'image/jpeg',
stream
};
}
const commonReadableHandlerGenerator = (ctx: Koa.Context) => (e: Error): void => {
console.error(e);
ctx.status = 500;
};
export default function(readable: stream.Readable, type: string, ctx: Koa.Context): void {
readable.on('error', commonReadableHandlerGenerator(ctx));
const data = ((): ISend => {
if (ctx.query.thumbnail !== undefined) {
return thumbnail(readable, type, ctx.query.size);
}
return {
contentType: type,
stream: readable
};
})();
if (readable !== data.stream) {
data.stream.on('error', commonReadableHandlerGenerator(ctx));
}
if (ctx.query.download !== undefined) {
ctx.header('Content-Disposition', 'attachment');
}
ctx.header('Content-Type', data.contentType);
data.stream.pipe(ctx.res);
data.stream.on('end', () => {
ctx.res.end();
});
}

View file

@ -0,0 +1,30 @@
import * as Koa from 'koa';
import * as send from 'koa-send';
import * as mongodb from 'mongodb';
import DriveFile, { getGridFSBucket } from '../../models/drive-file';
import pour from './pour';
export default async function(ctx: Koa.Context) {
// Validate id
if (!mongodb.ObjectID.isValid(ctx.params.id)) {
ctx.throw(400, 'incorrect id');
return;
}
const fileId = new mongodb.ObjectID(ctx.params.id);
// Fetch drive file
const file = await DriveFile.findOne({ _id: fileId });
if (file == null) {
ctx.status = 404;
await send(ctx, `${__dirname}/assets/dummy.png`);
return;
}
const bucket = await getGridFSBucket();
const readable = bucket.openDownloadStream(fileId);
pour(readable, file.contentType, ctx);
}

View file

@ -13,7 +13,7 @@ import activityPub from './activitypub';
import webFinger from './webfinger'; import webFinger from './webfinger';
import config from '../config'; import config from '../config';
// Init server // Init app
const app = new Koa(); const app = new Koa();
app.proxy = true; app.proxy = true;
app.use(bodyParser); app.use(bodyParser);
@ -46,9 +46,9 @@ function createServer() {
Object.keys(config.https).forEach(k => { Object.keys(config.https).forEach(k => {
certs[k] = fs.readFileSync(config.https[k]); certs[k] = fs.readFileSync(config.https[k]);
}); });
return https.createServer(certs, app); return https.createServer(certs, app.callback);
} else { } else {
return http.createServer(app); return http.createServer(app.callback);
} }
} }

View file

@ -1,24 +1,21 @@
/** /**
* Docs Server * Docs
*/ */
import * as path from 'path'; import * as path from 'path';
import * as express from 'express'; import * as Router from 'koa-router';
import * as send from 'koa-send';
const docs = path.resolve(`${__dirname}/../../client/docs/`); const docs = path.resolve(`${__dirname}/../../client/docs/`);
/** const router = new Router();
* Init app
*/
const app = express();
app.disable('x-powered-by');
app.use('/assets', express.static(`${docs}/assets`)); router.get('/assets', async ctx => {
await send(ctx, `${docs}/assets`);
});
/** router.get(/^\/([a-z_\-\/]+?)$/, async ctx => {
* Routing await send(ctx, `${docs}/${ctx.params[0]}.html`);
*/ });
app.get(/^\/([a-z_\-\/]+?)$/, (req, res) =>
res.sendFile(`${docs}/${req.params[0]}.html`));
module.exports = app; module.exports = router;

View file

@ -5,60 +5,71 @@
import * as path from 'path'; import * as path from 'path';
import ms = require('ms'); import ms = require('ms');
// express modules import * as Koa from 'koa';
import * as express from 'express'; import * as Router from 'koa-router';
import * as bodyParser from 'body-parser'; import * as send from 'koa-send';
import * as favicon from 'serve-favicon'; import * as favicon from 'koa-favicon';
import * as compression from 'compression';
const client = path.resolve(`${__dirname}/../../client/`); const client = path.resolve(`${__dirname}/../../client/`);
// Create server // Init app
const app = express(); const app = new Koa();
app.disable('x-powered-by');
app.use('/docs', require('./docs')); // Serve favicon
app.use(favicon(`${client}/assets/favicon.ico`));
app.use(bodyParser.urlencoded({ extended: true })); // Common request handler
app.use(bodyParser.json({ app.use((ctx, next) => {
type: ['application/json', 'text/plain'] // IFrameの中に入れられないようにする
})); ctx.set('X-Frame-Options', 'DENY');
app.use(compression());
app.use((req, res, next) => {
res.header('X-Frame-Options', 'DENY');
next(); next();
}); });
// Init router
const router = new Router();
//#region static assets //#region static assets
app.use(favicon(`${client}/assets/favicon.ico`)); router.get('/assets', async ctx => {
app.get('/apple-touch-icon.png', (req, res) => res.sendFile(`${client}/assets/apple-touch-icon.png`)); await send(ctx, ctx.path, {
app.use('/assets', express.static(`${client}/assets`, { root: `${client}/assets`,
maxAge: ms('7 days') maxage: ms('7 days'),
})); immutable: true
app.use('/assets/*.js', (req, res) => res.sendFile(`${client}/assets/404.js`)); });
app.use('/assets', (req, res) => { });
res.sendStatus(404);
// Apple touch icon
router.get('/apple-touch-icon.png', async ctx => {
await send(ctx, `${client}/assets/apple-touch-icon.png`);
}); });
// ServiceWroker // ServiceWroker
app.get(/^\/sw\.(.+?)\.js$/, (req, res) => router.get(/^\/sw\.(.+?)\.js$/, async ctx => {
res.sendFile(`${client}/assets/sw.${req.params[0]}.js`)); await send(ctx, `${client}/assets/sw.${ctx.params[0]}.js`);
});
// Manifest // Manifest
app.get('/manifest.json', (req, res) => router.get('/manifest.json', async ctx => {
res.sendFile(`${client}/assets/manifest.json`)); await send(ctx, `${client}/assets/manifest.json`);
});
//#endregion //#endregion
app.get(/\/api:url/, require('./url-preview')); // Docs
router.use('/docs', require('./docs').routes());
// URL preview endpoint
router.get('url', require('./url-preview'));
// Render base html for all requests // Render base html for all requests
app.get('*', (req, res) => { router.get('*', async ctx => {
res.sendFile(path.resolve(`${client}/app/base.html`), { await send(ctx, `${client}/app/base.html`, {
maxAge: ms('7 days') maxage: ms('7 days'),
immutable: true
}); });
}); });
// Register router
app.use(router.routes());
module.exports = app; module.exports = app;

View file

@ -1,11 +1,11 @@
import * as express from 'express'; import * as Koa from 'koa';
import summaly from 'summaly'; import summaly from 'summaly';
module.exports = async (req: express.Request, res: express.Response) => { module.exports = async (ctx: Koa.Context) => {
const summary = await summaly(req.query.url); const summary = await summaly(ctx.query.url);
summary.icon = wrap(summary.icon); summary.icon = wrap(summary.icon);
summary.thumbnail = wrap(summary.thumbnail); summary.thumbnail = wrap(summary.thumbnail);
res.send(summary); ctx.body = summary;
}; };
function wrap(url: string): string { function wrap(url: string): string {