Merge pull request #1460 from syuilo/koa

Koa
This commit is contained in:
syuilo 2018-04-13 14:30:10 +09:00 committed by GitHub
commit cdf13d30f2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
32 changed files with 819 additions and 870 deletions

View file

@ -30,20 +30,16 @@
"@fortawesome/fontawesome-free-brands": "5.0.2",
"@fortawesome/fontawesome-free-regular": "5.0.2",
"@fortawesome/fontawesome-free-solid": "5.0.2",
"@koa/cors": "2.2.1",
"@prezzemolo/rap": "0.1.2",
"@prezzemolo/zip": "0.0.3",
"@types/bcryptjs": "2.4.1",
"@types/body-parser": "1.16.8",
"@types/chai": "4.1.2",
"@types/chai-http": "3.0.4",
"@types/compression": "0.0.36",
"@types/cookie": "0.3.1",
"@types/cors": "2.8.3",
"@types/debug": "0.0.30",
"@types/deep-equal": "1.0.1",
"@types/elasticsearch": "5.0.22",
"@types/eventemitter3": "2.0.2",
"@types/express": "4.11.1",
"@types/gm": "1.17.33",
"@types/gulp": "3.8.36",
"@types/gulp-htmlmin": "1.3.32",
@ -56,18 +52,24 @@
"@types/is-root": "1.0.0",
"@types/is-url": "1.2.28",
"@types/js-yaml": "3.11.1",
"@types/kue": "^0.11.8",
"@types/koa": "2.0.45",
"@types/koa-bodyparser": "4.2.0",
"@types/koa-compress": "^2.0.8",
"@types/koa-favicon": "2.0.19",
"@types/koa-mount": "3.0.1",
"@types/koa-multer": "1.0.0",
"@types/koa-router": "7.0.27",
"@types/koa-send": "4.1.1",
"@types/koa__cors": "2.2.2",
"@types/kue": "0.11.8",
"@types/license-checker": "15.0.0",
"@types/mkdirp": "0.5.2",
"@types/mocha": "5.0.0",
"@types/mongodb": "3.0.12",
"@types/monk": "6.0.0",
"@types/morgan": "1.7.35",
"@types/ms": "0.7.30",
"@types/multer": "1.3.6",
"@types/node": "9.6.4",
"@types/nopt": "3.0.29",
"@types/proxy-addr": "2.0.0",
"@types/pug": "2.0.4",
"@types/qrcode": "0.8.1",
"@types/ratelimiter": "2.1.28",
@ -76,7 +78,6 @@
"@types/request-promise-native": "1.0.14",
"@types/rimraf": "2.0.2",
"@types/seedrandom": "2.4.27",
"@types/serve-favicon": "2.2.30",
"@types/speakeasy": "2.0.2",
"@types/tmp": "0.0.33",
"@types/uuid": "3.4.3",
@ -88,22 +89,18 @@
"autosize": "4.0.1",
"autwh": "0.1.0",
"bcryptjs": "2.4.3",
"body-parser": "1.18.2",
"bootstrap-vue": "2.0.0-rc.6",
"cafy": "3.2.1",
"chai": "4.1.2",
"chai-http": "4.0.0",
"chalk": "2.3.2",
"compression": "1.7.2",
"cookie": "0.3.1",
"cors": "2.8.4",
"crc-32": "1.2.0",
"css-loader": "0.28.11",
"debug": "3.1.0",
"deep-equal": "1.0.1",
"deepcopy": "0.6.3",
"diskusage": "0.2.4",
"dompurify": "^1.0.3",
"dompurify": "1.0.3",
"elasticsearch": "14.2.2",
"element-ui": "2.3.3",
"emojilib": "2.2.12",
@ -112,7 +109,6 @@
"eslint-plugin-vue": "4.4.0",
"eventemitter3": "3.0.1",
"exif-js": "2.3.0",
"express": "4.16.3",
"file-loader": "1.1.11",
"file-type": "7.6.0",
"fuckadblock": "3.2.1",
@ -134,12 +130,20 @@
"hard-source-webpack-plugin": "0.6.4",
"highlight.js": "9.12.0",
"html-minifier": "3.5.14",
"http-signature": "^1.2.0",
"http-signature": "1.2.0",
"inquirer": "5.2.0",
"is-root": "2.0.0",
"is-url": "1.2.4",
"js-yaml": "3.11.0",
"jsdom": "11.7.0",
"koa": "2.5.0",
"koa-bodyparser": "4.2.0",
"koa-compress": "^2.0.0",
"koa-favicon": "2.0.1",
"koa-mount": "3.0.0",
"koa-multer": "1.0.2",
"koa-router": "7.4.0",
"koa-send": "4.1.3",
"kue": "0.11.6",
"license-checker": "18.0.0",
"loader-utils": "1.1.0",
@ -149,9 +153,7 @@
"moji": "0.5.1",
"mongodb": "3.0.6",
"monk": "6.0.5",
"morgan": "1.9.0",
"ms": "2.1.1",
"multer": "1.3.0",
"nan": "2.10.0",
"node-sass": "4.8.3",
"node-sass-json-importer": "3.1.6",
@ -162,7 +164,6 @@
"os-utils": "0.0.14",
"progress-bar-webpack-plugin": "1.11.0",
"prominence": "0.2.0",
"proxy-addr": "2.0.3",
"pug": "2.0.3",
"punycode": "2.1.0",
"qrcode": "1.2.0",
@ -177,7 +178,6 @@
"s-age": "1.1.2",
"sass-loader": "6.0.7",
"seedrandom": "2.4.3",
"serve-favicon": "2.5.0",
"speakeasy": "2.0.0",
"style-loader": "0.20.3",
"stylus": "0.54.5",
@ -197,7 +197,6 @@
"url-loader": "1.0.1",
"uuid": "3.2.1",
"v-animate-css": "0.0.2",
"vhost": "3.0.2",
"vue": "2.5.16",
"vue-cropperjs": "2.2.0",
"vue-js-modal": "1.3.12",

View file

@ -97,6 +97,8 @@
// Compare versions
if (meta.version != ver) {
localStorage.setItem('v', meta.version);
alert(
'Misskeyの新しいバージョンがあります。ページを再度読み込みします。' +
'\n\n' +

View file

@ -444,9 +444,10 @@ export default class MiOS extends EventEmitter {
// Append a credential
if (this.isSignedIn) (data as any).i = this.i.token;
const viaStream = localStorage.getItem('apiViaStream') ? localStorage.getItem('apiViaStream') == 'true' : true;
return new Promise((resolve, reject) => {
const viaStream = this.stream.hasConnection &&
(localStorage.getItem('apiViaStream') ? localStorage.getItem('apiViaStream') == 'true' : true);
if (viaStream) {
const stream = this.stream.borrow();
const id = Math.random().toString();

View file

@ -45,7 +45,7 @@ export default Vue.extend({
} else if (url.hostname == 'youtu.be') {
this.youtubeId = url.pathname;
} else {
fetch('/api:url?url=' + this.url).then(res => {
fetch('/url?url=' + this.url).then(res => {
res.json().then(info => {
this.title = info.title;
this.description = info.description;

View file

@ -1,25 +0,0 @@
const yn = window.confirm(
'サーバー上に存在しないスクリプトがリクエストされました。お使いのMisskeyのバージョンが古いことが原因の可能性があります。Misskeyを更新しますか\n\nA script that does not exist on the server was requested. It may be caused by an old version of Misskey youre using. Do you want to delete the cache?');
const langYn = window.confirm('また、言語を日本語に設定すると解決する場合があります。日本語に設定しますか?\n\nAlso, setting the language to Japanese may solve the problem. Would you like to set it to Japanese?');
if (langYn) {
localStorage.setItem('lang', 'ja');
}
if (yn) {
// Clear cache (serive worker)
try {
navigator.serviceWorker.controller.postMessage('clear');
navigator.serviceWorker.getRegistrations().then(registrations => {
registrations.forEach(registration => registration.unregister());
});
} catch (e) {
console.error(e);
}
localStorage.removeItem('v');
location.reload(true);
}

View file

@ -6,7 +6,7 @@ html(lang= lang)
meta(name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1, maximum-scale=1, user-scalable=no")
title
| #{title} | Misskey Docs
link(rel="stylesheet" href="/assets/style.css")
link(rel="stylesheet" href="/docs/assets/style.css")
block meta
//- FontAwesome style

View file

@ -10,7 +10,6 @@ import * as debug from 'debug';
import chalk from 'chalk';
// import portUsed = require('tcp-port-used');
import isRoot = require('is-root');
import { master } from 'accesses';
import Xev from 'xev';
import Logger from './utils/logger';
@ -73,11 +72,6 @@ async function masterMain(opt) {
Logger.info(chalk.green('Successfully initialized :)'));
// Init accesses
if (config.accesses && config.accesses.enable) {
master();
}
spawnWorkers(() => {
if (!opt['only-processor']) {
Logger.info(chalk.bold.green(

142
src/server/activitypub.ts Normal file
View file

@ -0,0 +1,142 @@
import * as Router from 'koa-router';
import { parseRequest } from 'http-signature';
import { createHttp } from '../queue';
import context from '../remote/activitypub/renderer/context';
import render from '../remote/activitypub/renderer/note';
import Note from '../models/note';
import User, { isLocalUser } from '../models/user';
import renderNote from '../remote/activitypub/renderer/note';
import renderKey from '../remote/activitypub/renderer/key';
import renderPerson from '../remote/activitypub/renderer/person';
import renderOrderedCollection from '../remote/activitypub/renderer/ordered-collection';
//import parseAcct from '../acct/parse';
import config from '../config';
// Init router
const router = new Router();
//#region Routing
// inbox
router.post('/users/:user/inbox', ctx => {
let signature;
ctx.req.headers.authorization = 'Signature ' + ctx.req.headers.signature;
try {
signature = parseRequest(ctx.req);
} catch (e) {
ctx.status = 401;
return;
}
createHttp({
type: 'processInbox',
activity: ctx.request.body,
signature
}).save();
ctx.status = 202;
});
// note
router.get('/notes/:note', async (ctx, next) => {
const accepted = ctx.accepts('html', 'application/activity+json', 'application/ld+json');
if (!['application/activity+json', 'application/ld+json'].includes(accepted as string)) {
await next();
return;
}
const note = await Note.findOne({
_id: ctx.params.note
});
if (note === null) {
ctx.status = 404;
return;
}
const rendered = await render(note);
rendered['@context'] = context;
ctx.body = rendered;
});
// outbot
router.get('/users/:user/outbox', async ctx => {
const userId = ctx.params.user;
const user = await User.findOne({ _id: userId });
if (user === null) {
ctx.status = 404;
return;
}
const notes = await Note.find({ userId: user._id }, {
limit: 10,
sort: { _id: -1 }
});
const renderedNotes = await Promise.all(notes.map(note => renderNote(note)));
const rendered = renderOrderedCollection(`${config.url}/users/${userId}/inbox`, user.notesCount, renderedNotes);
rendered['@context'] = context;
ctx.body = rendered;
});
// publickey
router.get('/users/:user/publickey', async ctx => {
const userId = ctx.params.user;
const user = await User.findOne({ _id: userId });
if (user === null) {
ctx.status = 404;
return;
}
if (isLocalUser(user)) {
const rendered = renderKey(user);
rendered['@context'] = context;
ctx.body = rendered;
} else {
ctx.status = 400;
}
});
// user
router.get('/users/:user', async ctx => {
const userId = ctx.params.user;
const user = await User.findOne({ _id: userId });
if (user === null) {
ctx.status = 404;
return;
}
const rendered = renderPerson(user);
rendered['@context'] = context;
ctx.body = rendered;
});
// follow form
router.get('/authorize-follow', async ctx => {
/* TODO
const { username, host } = parseAcct(ctx.query.acct);
if (host === null) {
res.sendStatus(422);
return;
}
const finger = await request(`https://${host}`)
*/
});
//#endregion
export default router;

View file

@ -1,32 +0,0 @@
import * as bodyParser from 'body-parser';
import * as express from 'express';
import { parseRequest } from 'http-signature';
import { createHttp } from '../../queue';
const app = express.Router();
app.post('/users/:user/inbox', bodyParser.json({
type() {
return true;
}
}), async (req, res) => {
let signature;
req.headers.authorization = 'Signature ' + req.headers.signature;
try {
signature = parseRequest(req);
} catch (exception) {
return res.sendStatus(401);
}
createHttp({
type: 'processInbox',
activity: req.body,
signature,
}).save();
return res.status(202).end();
});
export default app;

View file

@ -1,18 +0,0 @@
import * as express from 'express';
import user from './user';
import inbox from './inbox';
import outbox from './outbox';
import publicKey from './publickey';
import note from './note';
const app = express();
app.disable('x-powered-by');
app.use(user);
app.use(inbox);
app.use(outbox);
app.use(publicKey);
app.use(note);
export default app;

View file

@ -1,28 +0,0 @@
import * as express from 'express';
import context from '../../remote/activitypub/renderer/context';
import render from '../../remote/activitypub/renderer/note';
import Note from '../../models/note';
const app = express.Router();
app.get('/notes/:note', async (req, res, next) => {
const accepted = req.accepts(['html', 'application/activity+json', 'application/ld+json']);
if (!(['application/activity+json', 'application/ld+json'] as any[]).includes(accepted)) {
return next();
}
const note = await Note.findOne({
_id: req.params.note
});
if (note === null) {
return res.sendStatus(404);
}
const rendered = await render(note);
rendered['@context'] = context;
res.json(rendered);
});
export default app;

View file

@ -1,28 +0,0 @@
import * as express from 'express';
import context from '../../remote/activitypub/renderer/context';
import renderNote from '../../remote/activitypub/renderer/note';
import renderOrderedCollection from '../../remote/activitypub/renderer/ordered-collection';
import config from '../../config';
import Note from '../../models/note';
import User from '../../models/user';
const app = express.Router();
app.get('/users/:user/outbox', async (req, res) => {
const userId = req.params.user;
const user = await User.findOne({ _id: userId });
const notes = await Note.find({ userId: user._id }, {
limit: 20,
sort: { _id: -1 }
});
const renderedNotes = await Promise.all(notes.map(note => renderNote(note)));
const rendered = renderOrderedCollection(`${config.url}/users/${userId}/inbox`, user.notesCount, renderedNotes);
rendered['@context'] = context;
res.json(rendered);
});
export default app;

View file

@ -1,23 +0,0 @@
import * as express from 'express';
import context from '../../remote/activitypub/renderer/context';
import render from '../../remote/activitypub/renderer/key';
import User, { isLocalUser } from '../../models/user';
const app = express.Router();
app.get('/users/:user/publickey', async (req, res) => {
const userId = req.params.user;
const user = await User.findOne({ _id: userId });
if (isLocalUser(user)) {
const rendered = render(user);
rendered['@context'] = context;
res.json(rendered);
} else {
res.sendStatus(400);
}
});
export default app;

View file

@ -1,19 +0,0 @@
import * as express from 'express';
import context from '../../remote/activitypub/renderer/context';
import render from '../../remote/activitypub/renderer/person';
import User from '../../models/user';
const app = express.Router();
app.get('/users/:user', async (req, res) => {
const userId = req.params.user;
const user = await User.findOne({ _id: userId });
const rendered = render(user);
rendered['@context'] = context;
res.json(rendered);
});
export default app;

View file

@ -1,4 +1,4 @@
import * as express from 'express';
import * as Koa from 'koa';
import { Endpoint } from './endpoints';
import authenticate from './authenticate';
@ -6,16 +6,19 @@ import call from './call';
import { IUser } from '../../models/user';
import { IApp } from '../../models/app';
export default async (endpoint: Endpoint, req: express.Request, res: express.Response) => {
export default async (endpoint: Endpoint, ctx: Koa.Context) => {
const body = ctx.is('multipart/form-data') ? (ctx.req as any).body : ctx.request.body;
const reply = (x?: any, y?: any) => {
if (x === undefined) {
res.sendStatus(204);
ctx.status = 204;
} else if (typeof x === 'number') {
res.status(x).send({
ctx.status = x;
ctx.body = {
error: x === 500 ? 'INTERNAL_ERROR' : y
});
};
} else {
res.send(x);
ctx.body = x;
}
};
@ -24,11 +27,21 @@ export default async (endpoint: Endpoint, req: express.Request, res: express.Res
// Authentication
try {
[user, app] = await authenticate(req.body['i']);
[user, app] = await authenticate(body['i']);
} catch (e) {
return reply(403, 'AUTHENTICATION_FAILED');
reply(403, 'AUTHENTICATION_FAILED');
return;
}
let res;
// API invoking
call(endpoint, user, app, req.body, req).then(reply).catch(e => reply(400, e));
try {
res = await call(endpoint, user, app, body, (ctx.req as any).file);
} catch (e) {
reply(400, e);
return;
}
reply(res);
};

View file

@ -1,5 +1,5 @@
import * as EventEmitter from 'events';
import * as express from 'express';
import * as Router from 'koa-router';
import * as request from 'request';
import * as crypto from 'crypto';
import User from '../../../../models/user';
@ -158,12 +158,9 @@ class LineBot extends BotCore {
}
}
module.exports = async (app: express.Application) => {
if (config.line_bot == null) return;
const handler = new EventEmitter();
const handler = new EventEmitter();
handler.on('event', async (ev) => {
handler.on('event', async (ev) => {
const sourceId = ev.source.userId;
const sessionId = `line-bot-sessions:${sourceId}`;
@ -213,27 +210,29 @@ module.exports = async (app: express.Application) => {
if (session != null) bot.refreshUser();
bot.react(ev);
});
});
app.post('/hooks/line', (req, res, next) => {
// req.headers['x-line-signature'] は常に string ですが、型定義の都合上
// string | string[] になっているので string を明示しています
const sig1 = req.headers['x-line-signature'] as string;
// Init router
const router = new Router();
if (config.line_bot) {
router.post('/hooks/line', ctx => {
const sig1 = ctx.headers['x-line-signature'];
const hash = crypto.createHmac('SHA256', config.line_bot.channel_secret)
.update((req as any).rawBody);
.update(ctx.request.rawBody);
const sig2 = hash.digest('base64');
// シグネチャ比較
if (sig1 === sig2) {
req.body.events.forEach(ev => {
ctx.request.body.events.forEach(ev => {
handler.emit('event', ev);
});
res.sendStatus(200);
} else {
res.sendStatus(400);
ctx.status = 400;
}
});
};
}
module.exports = router;

View file

@ -1,15 +1,11 @@
import * as express from 'express';
import endpoints, { Endpoint } from './endpoints';
import limitter from './limitter';
import { IUser } from '../../models/user';
import { IApp } from '../../models/app';
export default (endpoint: string | Endpoint, user: IUser, app: IApp, data: any, req?: express.Request) => new Promise(async (ok, rej) => {
export default (endpoint: string | Endpoint, user: IUser, app: IApp, data: any, file?: any) => new Promise<any>(async (ok, rej) => {
const isSecure = user != null && app == null;
//console.log(endpoint, user, app, data);
const ep = typeof endpoint == 'string' ? endpoints.find(e => e.name == endpoint) : endpoint;
if (ep.secure && !isSecure) {
@ -37,8 +33,8 @@ export default (endpoint: string | Endpoint, user: IUser, app: IApp, data: any,
let exec = require(`${__dirname}/endpoints/${ep.name}`);
if (ep.withFile && req) {
exec = exec.bind(null, req.file);
if (ep.withFile && file) {
exec = exec.bind(null, file);
}
let res;

View file

@ -1,19 +1,22 @@
import config from '../../../config';
import * as Koa from 'koa';
export default function(res, user, redirect: boolean) {
import config from '../../../config';
import { ILocalUser } from '../../../models/user';
export default function(ctx: Koa.Context, user: ILocalUser, redirect = false) {
const expires = 1000 * 60 * 60 * 24 * 365; // One Year
res.cookie('i', user.token, {
ctx.cookies.set('i', user.token, {
path: '/',
domain: `.${config.hostname}`,
secure: config.url.substr(0, 5) === 'https',
domain: config.hostname,
secure: config.url.startsWith('https'),
httpOnly: false,
expires: new Date(Date.now() + expires),
maxAge: expires
});
if (redirect) {
res.redirect(config.url);
ctx.redirect(config.url);
} else {
res.sendStatus(204);
ctx.status = 204;
}
}

View file

@ -2,53 +2,46 @@
* API Server
*/
import * as express from 'express';
import * as bodyParser from 'body-parser';
import * as cors from 'cors';
import * as multer from 'multer';
import * as Koa from 'koa';
import * as Router from 'koa-router';
import * as multer from 'koa-multer';
import * as bodyParser from 'koa-bodyparser';
import endpoints from './endpoints';
/**
* Init app
*/
const app = express();
const handler = require('./api-handler').default;
app.disable('x-powered-by');
app.set('etag', false);
app.use(bodyParser.urlencoded({ extended: true }));
app.use(bodyParser.json({
type: ['application/json', 'text/plain'],
verify: (req, res, buf, encoding) => {
if (buf && buf.length) {
(req as any).rawBody = buf.toString(encoding || 'utf8');
}
}
// Init app
const app = new Koa();
app.use(bodyParser({
// リクエストが multipart/form-data でない限りはJSONだと見なす
detectJSON: ctx => !ctx.is('multipart/form-data')
}));
app.use(cors());
app.get('/', (req, res) => {
res.send('YEE HAW');
// Init multer instance
const upload = multer({
storage: multer.diskStorage({})
});
// Init router
const router = new Router();
/**
* Register endpoint handlers
*/
endpoints.forEach(endpoint =>
endpoint.withFile ?
app.post(`/${endpoint.name}`,
endpoint.withFile ? multer({ storage: multer.diskStorage({}) }).single('file') : null,
require('./api-handler').default.bind(null, endpoint)) :
app.post(`/${endpoint.name}`,
require('./api-handler').default.bind(null, endpoint))
endpoints.forEach(endpoint => endpoint.withFile
? router.post(`/${endpoint.name}`, upload.single('file'), handler.bind(null, endpoint))
: router.post(`/${endpoint.name}`, handler.bind(null, endpoint))
);
app.post('/signup', require('./private/signup').default);
app.post('/signin', require('./private/signin').default);
router.post('/signup', require('./private/signup').default);
router.post('/signin', require('./private/signin').default);
require('./service/github')(app);
require('./service/twitter')(app);
router.use(require('./service/github').routes());
router.use(require('./service/twitter').routes());
router.use(require('./bot/interfaces/line').routes());
require('./bot/interfaces/line')(app);
// Register router
app.use(router.routes());
module.exports = app;

View file

@ -1,4 +1,4 @@
import * as express from 'express';
import * as Koa from 'koa';
import * as bcrypt from 'bcryptjs';
import * as speakeasy from 'speakeasy';
import User, { ILocalUser } from '../../../models/user';
@ -7,26 +7,26 @@ import event from '../../../publishers/stream';
import signin from '../common/signin';
import config from '../../../config';
export default async (req: express.Request, res: express.Response) => {
res.header('Access-Control-Allow-Origin', config.url);
res.header('Access-Control-Allow-Credentials', 'true');
export default async (ctx: Koa.Context) => {
ctx.set('Access-Control-Allow-Origin', config.url);
ctx.set('Access-Control-Allow-Credentials', 'true');
const username = req.body['username'];
const password = req.body['password'];
const token = req.body['token'];
const username = ctx.request.body['username'];
const password = ctx.request.body['password'];
const token = ctx.request.body['token'];
if (typeof username != 'string') {
res.sendStatus(400);
ctx.status = 400;
return;
}
if (typeof password != 'string') {
res.sendStatus(400);
ctx.status = 400;
return;
}
if (token != null && typeof token != 'string') {
res.sendStatus(400);
ctx.status = 400;
return;
}
@ -37,12 +37,12 @@ export default async (req: express.Request, res: express.Response) => {
}, {
fields: {
data: false,
'profile': false
profile: false
}
}) as ILocalUser;
if (user === null) {
res.status(404).send({
ctx.throw(404, {
error: 'user not found'
});
return;
@ -60,17 +60,17 @@ export default async (req: express.Request, res: express.Response) => {
});
if (verified) {
signin(res, user, false);
signin(ctx, user);
} else {
res.status(400).send({
ctx.throw(400, {
error: 'invalid token'
});
}
} else {
signin(res, user, false);
signin(ctx, user);
}
} else {
res.status(400).send({
ctx.throw(400, {
error: 'incorrect password'
});
}
@ -79,8 +79,8 @@ export default async (req: express.Request, res: express.Response) => {
const record = await Signin.insert({
createdAt: new Date(),
userId: user._id,
ip: req.ip,
headers: req.headers,
ip: ctx.ip,
headers: ctx.headers,
success: same
});

View file

@ -1,5 +1,5 @@
import * as uuid from 'uuid';
import * as express from 'express';
import * as Koa from 'koa';
import * as bcrypt from 'bcryptjs';
import { generate as generateKeypair } from '../../../crypto_key';
import recaptcha = require('recaptcha-promise');
@ -33,30 +33,30 @@ const home = {
]
};
export default async (req: express.Request, res: express.Response) => {
export default async (ctx: Koa.Context) => {
// Verify recaptcha
// ただしテスト時はこの機構は障害となるため無効にする
if (process.env.NODE_ENV !== 'test') {
const success = await recaptcha(req.body['g-recaptcha-response']);
const success = await recaptcha(ctx.request.body['g-recaptcha-response']);
if (!success) {
res.status(400).send('recaptcha-failed');
ctx.throw(400, 'recaptcha-failed');
return;
}
}
const username = req.body['username'];
const password = req.body['password'];
const username = ctx.request.body['username'];
const password = ctx.request.body['password'];
// Validate username
if (!validateUsername(username)) {
res.sendStatus(400);
ctx.status = 400;
return;
}
// Validate password
if (!validatePassword(password)) {
res.sendStatus(400);
ctx.status = 400;
return;
}
@ -71,7 +71,7 @@ export default async (req: express.Request, res: express.Response) => {
// Check username already used
if (usernameExist !== 0) {
res.sendStatus(400);
ctx.status = 400;
return;
}
@ -143,5 +143,5 @@ export default async (req: express.Request, res: express.Response) => {
});
// Response
res.send(await pack(account));
ctx.body = await pack(account);
};

View file

@ -1,41 +1,58 @@
import * as EventEmitter from 'events';
import * as express from 'express';
import * as Router from 'koa-router';
import * as request from 'request';
const crypto = require('crypto');
import User from '../../../models/user';
import User, { IUser } from '../../../models/user';
import createNote from '../../../services/note/create';
import config from '../../../config';
module.exports = async (app: express.Application) => {
if (config.github_bot == null) return;
const handler = new EventEmitter();
const bot = await User.findOne({
let bot: IUser;
const post = async text => {
if (bot == null) {
const account = await User.findOne({
usernameLower: config.github_bot.username.toLowerCase()
});
if (bot == null) {
if (account == null) {
console.warn(`GitHub hook bot specified, but not found: @${config.github_bot.username}`);
return;
} else {
bot = account;
}
}
const post = text => createNote(bot, { text });
createNote(bot, { text });
};
const handler = new EventEmitter();
// Init router
const router = new Router();
app.post('/hooks/github', (req, res, next) => {
// req.headers['x-hub-signature'] および
// req.headers['x-github-event'] は常に string ですが、型定義の都合上
// string | string[] になっているので string を明示しています
if ((new Buffer(req.headers['x-hub-signature'] as string)).equals(new Buffer(`sha1=${crypto.createHmac('sha1', config.github_bot.hook_secret).update(JSON.stringify(req.body)).digest('hex')}`))) {
handler.emit(req.headers['x-github-event'] as string, req.body);
res.sendStatus(200);
if (config.github_bot != null) {
const secret = config.github_bot.hook_secret;
router.post('/hooks/github', ctx => {
const body = JSON.stringify(ctx.request.body);
const hash = crypto.createHmac('sha1', secret).update(body).digest('hex');
const sig1 = new Buffer(ctx.headers['x-hub-signature']);
const sig2 = new Buffer(`sha1=${hash}`);
// シグネチャ比較
if (sig1.equals(sig2)) {
handler.emit(ctx.headers['x-github-event'], ctx.request.body);
ctx.status = 204;
} else {
res.sendStatus(400);
ctx.status = 400;
}
});
}
handler.on('status', event => {
module.exports = router;
handler.on('status', event => {
const state = event.state;
switch (state) {
case 'error':
@ -65,9 +82,9 @@ module.exports = async (app: express.Application) => {
});
break;
}
});
});
handler.on('push', event => {
handler.on('push', event => {
const ref = event.ref;
switch (ref) {
case 'refs/heads/master':
@ -84,9 +101,9 @@ module.exports = async (app: express.Application) => {
post(`RELEASED: ${commit.message}`);
break;
}
});
});
handler.on('issues', event => {
handler.on('issues', event => {
const issue = event.issue;
const action = event.action;
let title: string;
@ -97,9 +114,9 @@ module.exports = async (app: express.Application) => {
default: return;
}
post(`${title}: <${issue.number}>「${issue.title}\n${issue.html_url}`);
});
});
handler.on('issue_comment', event => {
handler.on('issue_comment', event => {
const issue = event.issue;
const comment = event.comment;
const action = event.action;
@ -109,19 +126,19 @@ module.exports = async (app: express.Application) => {
default: return;
}
post(text);
});
});
handler.on('watch', event => {
handler.on('watch', event => {
const sender = event.sender;
post(`⭐️ Starred by **${sender.login}** ⭐️`);
});
});
handler.on('fork', event => {
handler.on('fork', event => {
const repo = event.forkee;
post(`🍴 Forked:\n${repo.html_url} 🍴`);
});
});
handler.on('pull_request', event => {
handler.on('pull_request', event => {
const pr = event.pull_request;
const action = event.action;
let text: string;
@ -136,5 +153,4 @@ module.exports = async (app: express.Application) => {
default: return;
}
post(text);
});
};
});

View file

@ -1,42 +1,41 @@
import * as express from 'express';
import * as cookie from 'cookie';
import * as Koa from 'koa';
import * as Router from 'koa-router';
import * as uuid from 'uuid';
// import * as Twitter from 'twitter';
// const Twitter = require('twitter');
import autwh from 'autwh';
import redis from '../../../db/redis';
import User, { pack } from '../../../models/user';
import User, { pack, ILocalUser } from '../../../models/user';
import event from '../../../publishers/stream';
import config from '../../../config';
import signin from '../common/signin';
module.exports = (app: express.Application) => {
function getUserToken(req: express.Request) {
// req.headers['cookie'] は常に string ですが、型定義の都合上
// string | string[] になっているので string を明示しています
return ((req.headers['cookie'] as string || '').match(/i=(!\w+)/) || [null, null])[1];
}
function getUserToken(ctx: Koa.Context) {
return ((ctx.headers['cookie'] || '').match(/i=(!\w+)/) || [null, null])[1];
}
function compareOrigin(req: express.Request) {
function compareOrigin(ctx: Koa.Context) {
function normalizeUrl(url: string) {
return url[url.length - 1] === '/' ? url.substr(0, url.length - 1) : url;
}
// req.headers['referer'] は常に string ですが、型定義の都合上
// string | string[] になっているので string を明示しています
const referer = req.headers['referer'] as string;
const referer = ctx.headers['referer'];
return (normalizeUrl(referer) == normalizeUrl(config.url));
}
}
app.get('/disconnect/twitter', async (req, res): Promise<any> => {
if (!compareOrigin(req)) {
res.status(400).send('invalid origin');
// Init router
const router = new Router();
router.get('/disconnect/twitter', async ctx => {
if (!compareOrigin(ctx)) {
ctx.throw(400, 'invalid origin');
return;
}
const userToken = getUserToken(req);
if (userToken == null) return res.send('plz signin');
const userToken = getUserToken(ctx);
if (userToken == null) {
ctx.throw(400, 'signin required');
return;
}
const user = await User.findOneAndUpdate({
host: null,
@ -47,114 +46,110 @@ module.exports = (app: express.Application) => {
}
});
res.send(`Twitterの連携を解除しました :v:`);
ctx.body = `Twitterの連携を解除しました :v:`;
// Publish i updated event
event(user._id, 'i_updated', await pack(user, user, {
detail: true,
includeSecrets: true
}));
});
if (config.twitter == null) {
router.get('/connect/twitter', ctx => {
ctx.body = '現在Twitterへ接続できません (このインスタンスではTwitterはサポートされていません)';
});
if (config.twitter == null) {
app.get('/connect/twitter', (req, res) => {
res.send('現在Twitterへ接続できません (このインスタンスではTwitterはサポートされていません)');
router.get('/signin/twitter', ctx => {
ctx.body = '現在Twitterへ接続できません (このインスタンスではTwitterはサポートされていません)';
});
app.get('/signin/twitter', (req, res) => {
res.send('現在Twitterへ接続できません (このインスタンスではTwitterはサポートされていません)');
});
return;
}
} else {
const twAuth = autwh({
consumerKey: config.twitter.consumer_key,
consumerSecret: config.twitter.consumer_secret,
callbackUrl: `${config.url}/api/tw/cb`
});
app.get('/connect/twitter', async (req, res): Promise<any> => {
if (!compareOrigin(req)) {
res.status(400).send('invalid origin');
router.get('/connect/twitter', async ctx => {
if (!compareOrigin(ctx)) {
ctx.throw(400, 'invalid origin');
return;
}
const userToken = getUserToken(req);
if (userToken == null) return res.send('plz signin');
const userToken = getUserToken(ctx);
if (userToken == null) {
ctx.throw(400, 'signin required');
return;
}
const ctx = await twAuth.begin();
redis.set(userToken, JSON.stringify(ctx));
res.redirect(ctx.url);
const twCtx = await twAuth.begin();
redis.set(userToken, JSON.stringify(twCtx));
ctx.redirect(twCtx.url);
});
app.get('/signin/twitter', async (req, res): Promise<any> => {
const ctx = await twAuth.begin();
router.get('/signin/twitter', async ctx => {
const twCtx = await twAuth.begin();
const sessid = uuid();
redis.set(sessid, JSON.stringify(ctx));
redis.set(sessid, JSON.stringify(twCtx));
const expires = 1000 * 60 * 60; // 1h
res.cookie('signin_with_twitter_session_id', sessid, {
ctx.cookies.set('signin_with_twitter_session_id', sessid, {
path: '/',
domain: `.${config.host}`,
secure: config.url.substr(0, 5) === 'https',
domain: config.host,
secure: config.url.startsWith('https'),
httpOnly: true,
expires: new Date(Date.now() + expires),
maxAge: expires
});
res.redirect(ctx.url);
ctx.redirect(twCtx.url);
});
app.get('/tw/cb', (req, res): any => {
const userToken = getUserToken(req);
router.get('/tw/cb', ctx => {
const userToken = getUserToken(ctx);
if (userToken == null) {
// req.headers['cookie'] は常に string ですが、型定義の都合上
// string | string[] になっているので string を明示しています
const cookies = cookie.parse((req.headers['cookie'] as string || ''));
const sessid = ctx.cookies.get('signin_with_twitter_session_id');
const sessid = cookies['signin_with_twitter_session_id'];
if (sessid == undefined) {
res.status(400).send('invalid session');
if (sessid == null) {
ctx.throw(400, 'invalid session');
return;
}
redis.get(sessid, async (_, ctx) => {
const result = await twAuth.done(JSON.parse(ctx), req.query.oauth_verifier);
redis.get(sessid, async (_, twCtx) => {
const result = await twAuth.done(JSON.parse(twCtx), ctx.query.oauth_verifier);
const user = await User.findOne({
host: null,
'twitter.userId': result.userId
});
}) as ILocalUser;
if (user == null) {
res.status(404).send(`@${result.screenName}と連携しているMisskeyアカウントはありませんでした...`);
ctx.throw(404, `@${result.screenName}と連携しているMisskeyアカウントはありませんでした...`);
return;
}
signin(res, user, true);
signin(ctx, user, true);
});
} else {
const verifier = req.query.oauth_verifier;
const verifier = ctx.query.oauth_verifier;
if (verifier == null) {
res.status(400).send('invalid session');
ctx.throw(400, 'invalid session');
return;
}
redis.get(userToken, async (_, ctx) => {
const result = await twAuth.done(JSON.parse(ctx), verifier);
redis.get(userToken, async (_, twCtx) => {
const result = await twAuth.done(JSON.parse(twCtx), verifier);
const user = await User.findOneAndUpdate({
host: null,
'token': userToken
token: userToken
}, {
$set: {
'twitter': {
twitter: {
accessToken: result.accessToken,
accessTokenSecret: result.accessTokenSecret,
userId: result.userId,
@ -163,7 +158,7 @@ module.exports = (app: express.Application) => {
}
});
res.send(`Twitter: @${result.screenName} を、Misskey: @${user.username} に接続しました!`);
ctx.body = `Twitter: @${result.screenName} を、Misskey: @${user.username} に接続しました!`;
// Publish i updated event
event(user._id, 'i_updated', await pack(user, user, {
@ -173,4 +168,6 @@ module.exports = (app: express.Application) => {
});
}
});
};
}
module.exports = router;

View file

@ -3,171 +3,38 @@
*/
import * as fs from 'fs';
import * as express from 'express';
import * as bodyParser from 'body-parser';
import * as cors from 'cors';
import * as mongodb from 'mongodb';
import * as _gm from 'gm';
import * as stream from 'stream';
import * as Koa from 'koa';
import * as cors from '@koa/cors';
import * as Router from 'koa-router';
import pour from './pour';
import sendDriveFile from './send-drive-file';
import DriveFile, { getGridFSBucket } from '../../models/drive-file';
const gm = _gm.subClass({
imageMagick: true
});
/**
* Init app
*/
const app = express();
app.disable('x-powered-by');
app.locals.cache = true;
app.use(bodyParser.urlencoded({ extended: true }));
// Init app
const app = new Koa();
app.use(cors());
/**
* Statics
*/
app.use('/assets', express.static(`${__dirname}/assets`, {
maxAge: 1000 * 60 * 60 * 24 * 365 // 一年
}));
app.get('/', (req, res) => {
res.send('yee haw');
app.use(async (ctx, next) => {
ctx.set('Cache-Control', 'max-age=31536000, immutable');
await next();
});
app.get('/default-avatar.jpg', (req, res) => {
// Init router
const router = new Router();
router.get('/default-avatar.jpg', ctx => {
const file = fs.createReadStream(`${__dirname}/assets/avatar.jpg`);
send(file, 'image/jpeg', req, res);
pour(file, 'image/jpeg', ctx);
});
app.get('/app-default.jpg', (req, res) => {
router.get('/app-default.jpg', ctx => {
const file = fs.createReadStream(`${__dirname}/assets/dummy.png`);
send(file, 'image/png', req, res);
pour(file, 'image/png', ctx);
});
interface ISend {
contentType: string;
stream: stream.Readable;
}
router.get('/:id', sendDriveFile);
router.get('/:id/*', sendDriveFile);
function thumbnail(data: stream.Readable, type: string, resize: number): ISend {
const readable: stream.Readable = (() => {
// 動画であれば
if (/^video\/.*$/.test(type)) {
// TODO
// 使わないことになったストリームはしっかり取り壊す
data.destroy();
return fs.createReadStream(`${__dirname}/assets/thumbnail-not-available.png`);
// 画像であれば
// Note: SVGはapplication/xml
} else if (/^image\/.*$/.test(type) || type == 'application/xml') {
// 0フレーム目を送る
try {
return gm(data).selectFrame(0).stream();
// だめだったら
} catch (e) {
// 使わないことになったストリームはしっかり取り壊す
data.destroy();
return fs.createReadStream(`${__dirname}/assets/thumbnail-not-available.png`);
}
// 動画か画像以外
} else {
data.destroy();
return fs.createReadStream(`${__dirname}/assets/not-an-image.png`);
}
})();
let g = gm(readable);
if (resize) {
g = g.resize(resize, resize);
}
const stream = g
.compress('jpeg')
.quality(80)
.interlace('line')
.stream();
return {
contentType: 'image/jpeg',
stream
};
}
const commonReadableHandlerGenerator = (req: express.Request, res: express.Response) => (e: Error): void => {
console.dir(e);
req.destroy();
res.destroy(e);
};
function send(readable: stream.Readable, type: string, req: express.Request, res: express.Response): void {
readable.on('error', commonReadableHandlerGenerator(req, res));
const data = ((): ISend => {
if (req.query.thumbnail !== undefined) {
return thumbnail(readable, type, req.query.size);
}
return {
contentType: type,
stream: readable
};
})();
if (readable !== data.stream) {
data.stream.on('error', commonReadableHandlerGenerator(req, res));
}
if (req.query.download !== undefined) {
res.header('Content-Disposition', 'attachment');
}
res.header('Content-Type', data.contentType);
data.stream.pipe(res);
data.stream.on('end', () => {
res.end();
});
}
async function sendFileById(req: express.Request, res: express.Response): Promise<void> {
// Validate id
if (!mongodb.ObjectID.isValid(req.params.id)) {
res.status(400).send('incorrect id');
return;
}
const fileId = new mongodb.ObjectID(req.params.id);
// Fetch (drive) file
const file = await DriveFile.findOne({ _id: fileId });
// validate name
if (req.params.name !== undefined && req.params.name !== file.filename) {
res.status(404).send('there is no file has given name');
return;
}
if (file == null) {
res.status(404).sendFile(`${__dirname}/assets/dummy.png`);
return;
}
const bucket = await getGridFSBucket();
const readable = bucket.openDownloadStream(fileId);
send(readable, file.contentType, req, res);
}
/**
* Routing
*/
app.get('/:id', sendFileById);
app.get('/:id/:name', sendFileById);
// Register router
app.use(router.routes());
module.exports = app;

88
src/server/file/pour.ts Normal file
View file

@ -0,0 +1,88 @@
import * as fs from 'fs';
import * as stream from 'stream';
import * as Koa from 'koa';
import * as Gm from 'gm';
const gm = Gm.subClass({
imageMagick: true
});
interface ISend {
contentType: string;
stream: stream.Readable;
}
function thumbnail(data: stream.Readable, type: string, resize: number): ISend {
const readable: stream.Readable = (() => {
// 動画であれば
if (/^video\/.*$/.test(type)) {
// TODO
// 使わないことになったストリームはしっかり取り壊す
data.destroy();
return fs.createReadStream(`${__dirname}/assets/thumbnail-not-available.png`);
// 画像であれば
// Note: SVGはapplication/xml
} else if (/^image\/.*$/.test(type) || type == 'application/xml') {
// 0フレーム目を送る
try {
return gm(data).selectFrame(0).stream();
// だめだったら
} catch (e) {
// 使わないことになったストリームはしっかり取り壊す
data.destroy();
return fs.createReadStream(`${__dirname}/assets/thumbnail-not-available.png`);
}
// 動画か画像以外
} else {
data.destroy();
return fs.createReadStream(`${__dirname}/assets/not-an-image.png`);
}
})();
let g = gm(readable);
if (resize) {
g = g.resize(resize, resize);
}
const stream = g
.compress('jpeg')
.quality(80)
.interlace('line')
.stream();
return {
contentType: 'image/jpeg',
stream
};
}
const commonReadableHandlerGenerator = (ctx: Koa.Context) => (e: Error): void => {
console.error(e);
ctx.status = 500;
};
export default function(readable: stream.Readable, type: string, ctx: Koa.Context): void {
readable.on('error', commonReadableHandlerGenerator(ctx));
const data = ((): ISend => {
if (ctx.query.thumbnail !== undefined) {
return thumbnail(readable, type, ctx.query.size);
}
return {
contentType: type,
stream: readable
};
})();
if (readable !== data.stream) {
data.stream.on('error', commonReadableHandlerGenerator(ctx));
}
if (ctx.query.download !== undefined) {
ctx.set('Content-Disposition', 'attachment');
}
ctx.set('Content-Type', data.contentType);
ctx.body = data.stream;
}

View file

@ -0,0 +1,30 @@
import * as Koa from 'koa';
import * as send from 'koa-send';
import * as mongodb from 'mongodb';
import DriveFile, { getGridFSBucket } from '../../models/drive-file';
import pour from './pour';
export default async function(ctx: Koa.Context) {
// Validate id
if (!mongodb.ObjectID.isValid(ctx.params.id)) {
ctx.throw(400, 'incorrect id');
return;
}
const fileId = new mongodb.ObjectID(ctx.params.id);
// Fetch drive file
const file = await DriveFile.findOne({ _id: fileId });
if (file == null) {
ctx.status = 404;
await send(ctx, `${__dirname}/assets/dummy.png`);
return;
}
const bucket = await getGridFSBucket();
const readable = bucket.openDownloadStream(fileId);
pour(readable, file.contentType, ctx);
}

View file

@ -4,68 +4,48 @@
import * as fs from 'fs';
import * as http from 'http';
import * as https from 'https';
import * as express from 'express';
import * as morgan from 'morgan';
import * as http2 from 'http2';
import * as zlib from 'zlib';
import * as Koa from 'koa';
import * as Router from 'koa-router';
import * as mount from 'koa-mount';
import * as compress from 'koa-compress';
import activityPub from './activitypub';
import webFinger from './webfinger';
import log from './log-request';
import config from '../config';
/**
* Init app
*/
const app = express();
app.disable('x-powered-by');
app.set('trust proxy', 'loopback');
// Init app
const app = new Koa();
app.proxy = true;
app.use(morgan(process.env.NODE_ENV == 'production' ? 'combined' : 'dev', {
// create a write stream (in append mode)
stream: config.accesslog ? fs.createWriteStream(config.accesslog) : null
app.use(compress({
flush: zlib.constants.Z_SYNC_FLUSH
}));
app.use((req, res, next) => {
log(req);
next();
});
/**
* HSTS
* 6month(15552000sec)
*/
// HSTS
// 6months (15552000sec)
if (config.url.startsWith('https')) {
app.use((req, res, next) => {
res.header('strict-transport-security', 'max-age=15552000; preload');
next();
app.use(async (ctx, next) => {
ctx.set('strict-transport-security', 'max-age=15552000; preload');
await next();
});
}
// Drop request when without 'Host' header
app.use((req, res, next) => {
if (!req.headers['host']) {
res.sendStatus(400);
} else {
next();
}
});
app.use(mount('/api', require('./api')));
app.use(mount('/files', require('./file')));
// 互換性のため
app.post('/meta', (req, res) => {
res.header('Access-Control-Allow-Origin', '*');
res.json({
version: 'nighthike'
});
});
// Init router
const router = new Router();
/**
* Register modules
*/
app.use('/api', require('./api'));
app.use('/files', require('./file'));
app.use(activityPub);
app.use(webFinger);
app.use(require('./web'));
// Routing
router.use(activityPub.routes());
router.use(webFinger.routes());
// Register router
app.use(router.routes());
app.use(mount(require('./web')));
function createServer() {
if (config.https) {
@ -73,9 +53,9 @@ function createServer() {
Object.keys(config.https).forEach(k => {
certs[k] = fs.readFileSync(config.https[k]);
});
return https.createServer(certs, app);
return http2.createSecureServer(certs, app.callback());
} else {
return http.createServer(app);
return http.createServer(app.callback());
}
}

View file

@ -1,21 +0,0 @@
import * as crypto from 'crypto';
import * as express from 'express';
import * as proxyAddr from 'proxy-addr';
import Xev from 'xev';
const ev = new Xev();
export default function(req: express.Request) {
const ip = proxyAddr(req, () => true);
const md5 = crypto.createHash('md5');
md5.update(ip);
const hashedIp = md5.digest('hex').substr(0, 3);
ev.emit('request', {
ip: hashedIp,
method: req.method,
hostname: req.hostname,
path: req.originalUrl
});
}

View file

@ -1,24 +1,27 @@
/**
* Docs Server
* Docs
*/
import * as path from 'path';
import * as express from 'express';
import ms = require('ms');
import * as Router from 'koa-router';
import * as send from 'koa-send';
const docs = path.resolve(`${__dirname}/../../client/docs/`);
const docs = `${__dirname}/../../client/docs/`;
/**
* Init app
*/
const app = express();
app.disable('x-powered-by');
const router = new Router();
app.use('/assets', express.static(`${docs}/assets`));
router.get('/assets/*', async ctx => {
await send(ctx, ctx.params[0], {
root: docs + '/assets/',
maxage: ms('7 days'),
immutable: true
});
});
/**
* Routing
*/
app.get(/^\/([a-z_\-\/]+?)$/, (req, res) =>
res.sendFile(`${docs}/${req.params[0]}.html`));
router.get('*', async ctx => {
await send(ctx, `${ctx.params[0]}.html`, {
root: docs
});
});
module.exports = app;
export default router;

View file

@ -2,63 +2,75 @@
* Web Client Server
*/
import * as path from 'path';
import ms = require('ms');
import * as Koa from 'koa';
import * as Router from 'koa-router';
import * as send from 'koa-send';
import * as favicon from 'koa-favicon';
// express modules
import * as express from 'express';
import * as bodyParser from 'body-parser';
import * as favicon from 'serve-favicon';
import * as compression from 'compression';
import docs from './docs';
const client = path.resolve(`${__dirname}/../../client/`);
const client = `${__dirname}/../../client/`;
// Create server
const app = express();
app.disable('x-powered-by');
// Init app
const app = new Koa();
app.use('/docs', require('./docs'));
// Serve favicon
app.use(favicon(`${client}/assets/favicon.ico`));
app.use(bodyParser.urlencoded({ extended: true }));
app.use(bodyParser.json({
type: ['application/json', 'text/plain']
}));
app.use(compression());
app.use((req, res, next) => {
res.header('X-Frame-Options', 'DENY');
next();
// Common request handler
app.use(async (ctx, next) => {
// IFrameの中に入れられないようにする
ctx.set('X-Frame-Options', 'DENY');
await next();
});
// Init router
const router = new Router();
//#region static assets
app.use(favicon(`${client}/assets/favicon.ico`));
app.get('/apple-touch-icon.png', (req, res) => res.sendFile(`${client}/assets/apple-touch-icon.png`));
app.use('/assets', express.static(`${client}/assets`, {
maxAge: ms('7 days')
}));
app.use('/assets/*.js', (req, res) => res.sendFile(`${client}/assets/404.js`));
app.use('/assets', (req, res) => {
res.sendStatus(404);
});
// ServiceWroker
app.get(/^\/sw\.(.+?)\.js$/, (req, res) =>
res.sendFile(`${client}/assets/sw.${req.params[0]}.js`));
// Manifest
app.get('/manifest.json', (req, res) =>
res.sendFile(`${client}/assets/manifest.json`));
//#endregion
app.get(/\/api:url/, require('./url-preview'));
// Render base html for all requests
app.get('*', (req, res) => {
res.sendFile(path.resolve(`${client}/app/base.html`), {
maxAge: ms('7 days')
router.get('/assets/*', async ctx => {
await send(ctx, ctx.path, {
root: client,
maxage: ms('7 days'),
immutable: true
});
});
// Apple touch icon
router.get('/apple-touch-icon.png', async ctx => {
await send(ctx, `${client}/assets/apple-touch-icon.png`);
});
// ServiceWroker
router.get(/^\/sw\.(.+?)\.js$/, async ctx => {
await send(ctx, `${client}/assets/sw.${ctx.params[0]}.js`);
});
// Manifest
router.get('/manifest.json', async ctx => {
await send(ctx, `${client}/assets/manifest.json`);
});
//#endregion
// Docs
router.use('/docs', docs.routes());
// URL preview endpoint
router.get('url', require('./url-preview'));
// Render base html for all requests
router.get('*', async ctx => {
await send(ctx, `app/base.html`, {
root: client,
maxage: ms('3 days'),
immutable: true
});
});
// Register router
app.use(router.routes());
module.exports = app;

View file

@ -1,11 +1,11 @@
import * as express from 'express';
import * as Koa from 'koa';
import summaly from 'summaly';
module.exports = async (req: express.Request, res: express.Response) => {
const summary = await summaly(req.query.url);
module.exports = async (ctx: Koa.Context) => {
const summary = await summaly(ctx.query.url);
summary.icon = wrap(summary.icon);
summary.thumbnail = wrap(summary.thumbnail);
res.send(summary);
ctx.body = summary;
};
function wrap(url: string): string {

View file

@ -1,17 +1,19 @@
import * as express from 'express';
import * as Router from 'koa-router';
import config from '../config';
import parseAcct from '../acct/parse';
import User from '../models/user';
const app = express.Router();
// Init router
const router = new Router();
app.get('/.well-known/webfinger', async (req, res) => {
if (typeof req.query.resource !== 'string') {
return res.sendStatus(400);
router.get('/.well-known/webfinger', async ctx => {
if (typeof ctx.query.resource !== 'string') {
ctx.status = 400;
return;
}
const resourceLower = req.query.resource.toLowerCase();
const resourceLower = ctx.query.resource.toLowerCase();
const webPrefix = config.url.toLowerCase() + '/@';
let acctLower;
@ -25,15 +27,21 @@ app.get('/.well-known/webfinger', async (req, res) => {
const parsedAcctLower = parseAcct(acctLower);
if (![null, config.host.toLowerCase()].includes(parsedAcctLower.host)) {
return res.sendStatus(422);
ctx.status = 422;
return;
}
const user = await User.findOne({ usernameLower: parsedAcctLower.username, host: null });
const user = await User.findOne({
usernameLower: parsedAcctLower.username,
host: null
});
if (user === null) {
return res.sendStatus(404);
ctx.status = 404;
return;
}
return res.json({
ctx.body = {
subject: `acct:${user.username}@${config.host}`,
links: [{
rel: 'self',
@ -47,7 +55,7 @@ app.get('/.well-known/webfinger', async (req, res) => {
rel: 'http://ostatus.org/schema/1.0/subscribe',
template: `${config.url}/authorize-follow?acct={uri}`
}]
});
};
});
export default app;
export default router;