1
0
mirror of https://github.com/spacebarchat/server.git synced 2024-11-08 11:52:55 +01:00
This commit is contained in:
Madeline 2022-09-26 22:29:30 +10:00
parent fcc0884e36
commit 99ee7e9400
280 changed files with 6800 additions and 3908 deletions

View File

@ -1,11 +1,11 @@
blank_issues_enabled: true blank_issues_enabled: true
contact_links: contact_links:
- name: Fosscord Documentation - name: Fosscord Documentation
url: https://docs.fosscord.com/ url: https://docs.fosscord.com/
about: Need documentation and examples for the Fosscord? Head over to Fosscord's official documentation. about: Need documentation and examples for the Fosscord? Head over to Fosscord's official documentation.
- name: Discord's Developer Documentation - name: Discord's Developer Documentation
url: https://discord.com/developers/docs/intro url: https://discord.com/developers/docs/intro
about: Need help with the Discord resources? Head here instead of asking on Fosscord! about: Need help with the Discord resources? Head here instead of asking on Fosscord!
- name: Fosscord' Official Discord server - name: Fosscord' Official Discord server
url: https://discord.com/invite/Ms5Ev7S6bF url: https://discord.com/invite/Ms5Ev7S6bF
about: Need help with the server? Talk with us in our official server. about: Need help with the server? Talk with us in our official server.

View File

@ -1,13 +1,17 @@
## Notes ## Notes
## Additions ## Additions
-
-
## Fixes ## Fixes
- -
## Download ## Download
- [Windows]()
- [MacOS]() - [Windows]()
- [Linux]() - [MacOS]()
- [Linux]()
After (extracting) and starting the server executable you can access your own Fosscord server on http://localhost:3001/ After (extracting) and starting the server executable you can access your own Fosscord server on http://localhost:3001/

2
.prettierignore Normal file
View File

@ -0,0 +1,2 @@
assets
dist

11
.prettierrc.json Normal file
View File

@ -0,0 +1,11 @@
{
"trailingComma": "all",
"tabWidth": 4,
"semi": true,
"arrowParens": "always",
"bracketSameLine": false,
"bracketSpacing": true,
"quoteProps": "as-needed",
"useTabs": true,
"singleQuote": false
}

12
.vscode/launch.json vendored
View File

@ -8,21 +8,17 @@
"name": "Launch current file", "name": "Launch current file",
"program": "${relativeFile}", "program": "${relativeFile}",
"request": "launch", "request": "launch",
"skipFiles": [ "skipFiles": ["<node_internals>/**"],
"<node_internals>/**"
],
"type": "node" "type": "node"
}, },
{ {
"type": "node", "type": "node",
"request": "launch", "request": "launch",
"name": "Bundle", "name": "Bundle",
"skipFiles": [ "skipFiles": ["<node_internals>/**"],
"<node_internals>/**"
],
"program": "${workspaceFolder}/src/bundle/start.ts", "program": "${workspaceFolder}/src/bundle/start.ts",
"outFiles": [ "${workspaceFolder}/dist/**/*.js" ], "outFiles": ["${workspaceFolder}/dist/**/*.js"],
"preLaunchTask": "tsc: build - tsconfig.json" "preLaunchTask": "tsc: build - tsconfig.json"
} }
] ]
} }

22
package-lock.json generated
View File

@ -60,6 +60,7 @@
"@types/sharp": "^0.31.0", "@types/sharp": "^0.31.0",
"@types/ws": "^8.5.3", "@types/ws": "^8.5.3",
"express": "^4.18.1", "express": "^4.18.1",
"prettier": "^2.7.1",
"typescript": "^4.8.3" "typescript": "^4.8.3"
}, },
"optionalDependencies": { "optionalDependencies": {
@ -4715,6 +4716,21 @@
"node": ">= 0.8.0" "node": ">= 0.8.0"
} }
}, },
"node_modules/prettier": {
"version": "2.7.1",
"resolved": "https://registry.npmjs.org/prettier/-/prettier-2.7.1.tgz",
"integrity": "sha512-ujppO+MkdPqoVINuDFDRLClm7D78qbDt0/NR+wp5FqEZOoTNAjPHWj17QRhu7geIHJfcNhRk1XVQmF8Bp3ye+g==",
"dev": true,
"bin": {
"prettier": "bin-prettier.js"
},
"engines": {
"node": ">=10.13.0"
},
"funding": {
"url": "https://github.com/prettier/prettier?sponsor=1"
}
},
"node_modules/process-nextick-args": { "node_modules/process-nextick-args": {
"version": "2.0.1", "version": "2.0.1",
"resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz",
@ -9846,6 +9862,12 @@
"resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.1.2.tgz", "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.1.2.tgz",
"integrity": "sha512-ESF23V4SKG6lVSGZgYNpbsiaAkdab6ZgOxe52p7+Kid3W3u3bxR4Vfd/o21dmN7jSt0IwgZ4v5MUd26FEtXE9w==" "integrity": "sha512-ESF23V4SKG6lVSGZgYNpbsiaAkdab6ZgOxe52p7+Kid3W3u3bxR4Vfd/o21dmN7jSt0IwgZ4v5MUd26FEtXE9w=="
}, },
"prettier": {
"version": "2.7.1",
"resolved": "https://registry.npmjs.org/prettier/-/prettier-2.7.1.tgz",
"integrity": "sha512-ujppO+MkdPqoVINuDFDRLClm7D78qbDt0/NR+wp5FqEZOoTNAjPHWj17QRhu7geIHJfcNhRk1XVQmF8Bp3ye+g==",
"dev": true
},
"process-nextick-args": { "process-nextick-args": {
"version": "2.0.1", "version": "2.0.1",
"resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz",

View File

@ -40,11 +40,16 @@
"@types/sharp": "^0.31.0", "@types/sharp": "^0.31.0",
"@types/ws": "^8.5.3", "@types/ws": "^8.5.3",
"express": "^4.18.1", "express": "^4.18.1",
"prettier": "^2.7.1",
"typescript": "^4.8.3" "typescript": "^4.8.3"
}, },
"dependencies": { "dependencies": {
"@aws-sdk/client-s3": "^3.178.0",
"@sentry/node": "^7.13.0",
"@sentry/tracing": "^7.13.0",
"ajv": "^8.6.2", "ajv": "^8.6.2",
"ajv-formats": "^2.1.1", "ajv-formats": "^2.1.1",
"amqplib": "^0.10.3",
"bcrypt": "^5.0.1", "bcrypt": "^5.0.1",
"cheerio": "^1.0.0-rc.12", "cheerio": "^1.0.0-rc.12",
"cookie-parser": "^1.4.6", "cookie-parser": "^1.4.6",
@ -72,12 +77,7 @@
"sqlite3": "^5.1.1", "sqlite3": "^5.1.1",
"typeorm": "^0.3.10", "typeorm": "^0.3.10",
"typescript-json-schema": "^0.50.1", "typescript-json-schema": "^0.50.1",
"ws": "^8.9.0", "ws": "^8.9.0"
"@aws-sdk/client-s3": "^3.178.0",
"@sentry/node": "^7.13.0",
"@sentry/tracing": "^7.13.0",
"amqplib": "^0.10.3"
}, },
"optionalDependencies": { "optionalDependencies": {
"@yukikaze-bot/erlpack": "^1.0.1" "@yukikaze-bot/erlpack": "^1.0.1"

View File

@ -48,7 +48,7 @@ function connect() {
token, token,
properties: {}, properties: {},
}, },
}) }),
); );
break; break;

View File

@ -8,21 +8,21 @@ const BASE_URL = "https://discord.com";
// Manual for now // Manual for now
const INDEX_SCRIPTS = [ const INDEX_SCRIPTS = [
"83ace7450e110d16319e", // 50 "83ace7450e110d16319e", // 50
"e02290aaa8dac5d195c2", // 1 "e02290aaa8dac5d195c2", // 1
"4f3b3c576b879a5f75d1", // 0? "4f3b3c576b879a5f75d1", // 0?
"699456246fdfe7589855", // ~4500. "699456246fdfe7589855", // ~4500.
]; ];
const doPatch = (content) => { const doPatch = (content) => {
//remove nitro references //remove nitro references
content = content.replace(/Discord Nitro/g, "Fosscord Premium"); content = content.replace(/Discord Nitro/g, "Fosscord Premium");
content = content.replace(/"Nitro"/g, "\"Premium\""); content = content.replace(/"Nitro"/g, '"Premium"');
content = content.replace(/Nitro /g, "Premium "); content = content.replace(/Nitro /g, "Premium ");
content = content.replace(/ Nitro/g, " Premium"); content = content.replace(/ Nitro/g, " Premium");
content = content.replace(/\[Nitro\]/g, "[Premium]"); content = content.replace(/\[Nitro\]/g, "[Premium]");
content = content.replace(/\*Nitro\*/g, "*Premium*"); content = content.replace(/\*Nitro\*/g, "*Premium*");
content = content.replace(/\"Nitro \. /g, "\"Premium. "); content = content.replace(/\"Nitro \. /g, '"Premium. ');
//remove discord references //remove discord references
content = content.replace(/ Discord /g, " Fosscord "); content = content.replace(/ Discord /g, " Fosscord ");
@ -35,11 +35,11 @@ const doPatch = (content) => {
content = content.replace(/\*Discord\*/g, "*Fosscord*"); content = content.replace(/\*Discord\*/g, "*Fosscord*");
//server -> guild //server -> guild
content = content.replace(/"Server"/g, "\"Guild\""); content = content.replace(/"Server"/g, '"Guild"');
content.replaceAll("server.\"", "guild.\""); content.replaceAll('server."', 'guild."');
content.replaceAll(" server ", " guild "); content.replaceAll(" server ", " guild ");
content.replaceAll(" Server ", " Guild "); content.replaceAll(" Server ", " Guild ");
content.replaceAll("\"Server", "\"Guild"); content.replaceAll('"Server', '"Guild');
// //change some vars // //change some vars
// content = content.replace('dsn: "https://fa97a90475514c03a42f80cd36d147c4@sentry.io/140984"', "dsn: (/true/.test(localStorage.sentryOptIn)?'https://6bad92b0175d41a18a037a73d0cff282@sentry.thearcanebrony.net/12':'')"); // content = content.replace('dsn: "https://fa97a90475514c03a42f80cd36d147c4@sentry.io/140984"', "dsn: (/true/.test(localStorage.sentryOptIn)?'https://6bad92b0175d41a18a037a73d0cff282@sentry.thearcanebrony.net/12':'')");
@ -52,8 +52,14 @@ const doPatch = (content) => {
// content = content.replace('width: n, height: o, viewBox: "0 0 28 20"', 'width: 48, height: 48, viewBox: "0 0 48 48"'); // content = content.replace('width: n, height: o, viewBox: "0 0 28 20"', 'width: 48, height: 48, viewBox: "0 0 48 48"');
//save some time on load resolving asset urls... //save some time on load resolving asset urls...
content = content.replaceAll('e.exports = n.p + "', 'e.exports = "/assets/'); content = content.replaceAll(
content = content.replaceAll('e.exports = r.p + "', 'e.exports = "/assets/'); 'e.exports = n.p + "',
'e.exports = "/assets/',
);
content = content.replaceAll(
'e.exports = r.p + "',
'e.exports = "/assets/',
);
return content; return content;
}; };
@ -66,7 +72,7 @@ const processFile = async (name) => {
await fs.writeFile(path.join(CACHE_PATH, `${name}.js`), text); await fs.writeFile(path.join(CACHE_PATH, `${name}.js`), text);
return [...new Set(text.match((/[A-Fa-f0-9]{20}/g)))]; return [...new Set(text.match(/[A-Fa-f0-9]{20}/g))];
}; };
(async () => { (async () => {
@ -83,7 +89,9 @@ const processFile = async (name) => {
process.stdout.clearLine(0); process.stdout.clearLine(0);
process.stdout.cursorTo(0); process.stdout.cursorTo(0);
process.stdout.write(`Scraping asset ${asset}. Remaining: ${INDEX_SCRIPTS.length}`); process.stdout.write(
`Scraping asset ${asset}. Remaining: ${INDEX_SCRIPTS.length}`,
);
const newAssets = await processFile(asset); const newAssets = await processFile(asset);
assets.push(...newAssets); assets.push(...newAssets);
@ -103,15 +111,21 @@ const processFile = async (name) => {
} }
while (rates.length > 20) rates.shift(); while (rates.length > 20) rates.shift();
const averageRate = rates.length ? rates.reduce((prev, curr) => prev + curr) / rates.length : 1; const averageRate = rates.length
const finishTime = (averageRate * (assets.length - i)); ? rates.reduce((prev, curr) => prev + curr) / rates.length
: 1;
const finishTime = averageRate * (assets.length - i);
process.stdout.clearLine(0); process.stdout.clearLine(0);
process.stdout.cursorTo(0); process.stdout.cursorTo(0);
process.stdout.write( process.stdout.write(
`Caching asset ${asset}. ` + `Caching asset ${asset}. ` +
`${i}/${assets.length - 1} = ${Math.floor((i / (assets.length - 1)) * 100)}% ` + `${i}/${assets.length - 1} = ${Math.floor(
`Finish at: ${new Date(Date.now() + finishTime).toLocaleTimeString()}` (i / (assets.length - 1)) * 100,
)}% ` +
`Finish at: ${new Date(
Date.now() + finishTime,
).toLocaleTimeString()}`,
); );
await processFile(asset); await processFile(asset);
@ -122,4 +136,4 @@ const processFile = async (name) => {
} }
console.log(`\nDone`); console.log(`\nDone`);
})(); })();

View File

@ -1,4 +1,4 @@
require('module-alias/register'); require("module-alias/register");
const { Rights } = require(".."); const { Rights } = require("..");
const allRights = new Rights(1).bitfield; const allRights = new Rights(1).bitfield;
@ -18,4 +18,4 @@ discordLike -= Rights.FLAGS.BYPASS_RATE_LIMITS;
discordLike -= Rights.FLAGS.CREDITABLE; discordLike -= Rights.FLAGS.CREDITABLE;
discordLike -= Rights.FLAGS.MANAGE_GUILD_DIRECTORY; discordLike -= Rights.FLAGS.MANAGE_GUILD_DIRECTORY;
discordLike -= Rights.FLAGS.SEND_BACKDATED_EVENTS; discordLike -= Rights.FLAGS.SEND_BACKDATED_EVENTS;
console.log(`Discord.com-like rights:`, discordLike); console.log(`Discord.com-like rights:`, discordLike);

View File

@ -11,10 +11,10 @@ const settings = {
excludePrivate: true, excludePrivate: true,
defaultNumberType: "integer", defaultNumberType: "integer",
noExtraProps: true, noExtraProps: true,
defaultProps: false defaultProps: false,
}; };
const compilerOptions = { const compilerOptions = {
strictNullChecks: true strictNullChecks: true,
}; };
const Excluded = [ const Excluded = [
"DefaultSchema", "DefaultSchema",
@ -47,11 +47,17 @@ function modify(obj) {
} }
function main() { function main() {
const program = TJS.programFromConfig("tsconfig.json") const program = TJS.programFromConfig("tsconfig.json");
const generator = TJS.buildGenerator(program, settings); const generator = TJS.buildGenerator(program, settings);
if (!generator || !program) return; if (!generator || !program) return;
let schemas = generator.getUserSymbols().filter((x) => (x.endsWith("Schema") || x.endsWith("Response")) && !Excluded.includes(x)); let schemas = generator
.getUserSymbols()
.filter(
(x) =>
(x.endsWith("Schema") || x.endsWith("Response")) &&
!Excluded.includes(x),
);
console.log(schemas); console.log(schemas);
var definitions = {}; var definitions = {};

View File

@ -6,12 +6,12 @@ async function login(account) {
var body = { var body = {
fingerprint: "805826570869932034.wR8vi8lGlFBJerErO9LG5NViJFw", fingerprint: "805826570869932034.wR8vi8lGlFBJerErO9LG5NViJFw",
login: account.email, login: account.email,
password: account.password password: account.password,
}; };
var x = await fetch(config.url + "/auth/login", { var x = await fetch(config.url + "/auth/login", {
method: "POST", method: "POST",
headers: { "Content-Type": "application/json" }, headers: { "Content-Type": "application/json" },
body: JSON.stringify(body) body: JSON.stringify(body),
}); });
console.log(x); console.log(x);
x = await x.json(); x = await x.json();

View File

@ -6,16 +6,19 @@ async function sendMessage(account) {
var body = { var body = {
fingerprint: "805826570869932034.wR8vi8lGlFBJerErO9LG5NViJFw", fingerprint: "805826570869932034.wR8vi8lGlFBJerErO9LG5NViJFw",
content: "Test", content: "Test",
tts: false tts: false,
}; };
var x = await fetch(config.url + "/channels/" + config["text-channel"] + "/messages", { var x = await fetch(
method: "POST", config.url + "/channels/" + config["text-channel"] + "/messages",
headers: { {
"Content-Type": "application/json", method: "POST",
Authorization: account.token headers: {
"Content-Type": "application/json",
Authorization: account.token,
},
body: JSON.stringify(body),
}, },
body: JSON.stringify(body) );
});
console.log(x); console.log(x);
x = await x.json(); x = await x.json();
console.log(x); console.log(x);

View File

@ -4,7 +4,11 @@ var config = require("../../config.json");
module.exports = generate; module.exports = generate;
async function generate() { async function generate() {
var mail = (Math.random() + 10).toString(36).substring(2); var mail = (Math.random() + 10).toString(36).substring(2);
mail = mail + "." + (Math.random() + 10).toString(36).substring(2) + "@stresstest.com"; mail =
mail +
"." +
(Math.random() + 10).toString(36).substring(2) +
"@stresstest.com";
var password = var password =
(Math.random() * 69).toString(36).substring(-7) + (Math.random() * 69).toString(36).substring(-7) +
(Math.random() * 69).toString(36).substring(-7) + (Math.random() * 69).toString(36).substring(-7) +
@ -20,12 +24,12 @@ async function generate() {
consent: true, consent: true,
date_of_birth: "2000-04-04", date_of_birth: "2000-04-04",
gift_code_sku_id: null, gift_code_sku_id: null,
captcha_key: null captcha_key: null,
}; };
var x = await fetch(config.url + "/auth/register", { var x = await fetch(config.url + "/auth/register", {
method: "POST", method: "POST",
headers: { "Content-Type": "application/json" }, headers: { "Content-Type": "application/json" },
body: JSON.stringify(body) body: JSON.stringify(body),
}); });
console.log(x); console.log(x);
x = await x.json(); x = await x.json();

View File

@ -1 +1 @@
Additional resources/services for [Slowcord](https://slowcord.maddy.k.vu/login) Additional resources/services for [Slowcord](https://slowcord.maddy.k.vu/login)

View File

@ -4,12 +4,9 @@
"name": "Slowcord Bot", "name": "Slowcord Bot",
"program": "${workspaceFolder}/build/index.js", "program": "${workspaceFolder}/build/index.js",
"request": "launch", "request": "launch",
"skipFiles": [ "skipFiles": ["<node_internals>/**"],
"<node_internals>/**"
],
"type": "node", "type": "node",
"preLaunchTask": "npm: build" "preLaunchTask": "npm: build"
} }
] ]
} }

View File

@ -10,4 +10,4 @@
"detail": "tsc -b" "detail": "tsc -b"
} }
] ]
} }

View File

@ -1,11 +1,11 @@
import { Message } from "discord.js"; import { Message } from "discord.js";
import { Client } from "fosscord-gopnik/build/lib"; // huh? oh well. some bugs in my lib Ig import { Client } from "fosscord-gopnik/build/lib"; // huh? oh well. some bugs in my lib Ig
import { Command, getCommands } from "./commands/index.js"; import { Command, getCommands } from "./commands/index.js";
export default class Bot { export default class Bot {
client: Client; client: Client;
commands: { [key: string]: Command; } = {}; commands: { [key: string]: Command } = {};
constructor(client: Client) { constructor(client: Client) {
this.client = client; this.client = client;
@ -17,10 +17,12 @@ export default class Bot {
console.log(`Logged in as ${this.client.user!.tag}`); console.log(`Logged in as ${this.client.user!.tag}`);
this.client.user!.setPresence({ this.client.user!.setPresence({
activities: [{ activities: [
name: "EVERYTHING", {
type: "WATCHING", name: "EVERYTHING",
}] type: "WATCHING",
},
],
}); });
}; };
@ -45,4 +47,4 @@ export default class Bot {
args: args, args: args,
}); });
}; };
} }

View File

@ -2,11 +2,11 @@ import { Message, GuildMember, Guild, User } from "discord.js";
import fs from "fs"; import fs from "fs";
export type CommandContext = { export type CommandContext = {
user: User, user: User;
guild: Guild | null, guild: Guild | null;
member: GuildMember | null, member: GuildMember | null;
message: Message, message: Message;
args: string[], args: string[];
}; };
export type Command = { export type Command = {
@ -19,8 +19,7 @@ const walk = async (path: string) => {
const out = []; const out = [];
for (var file of files) { for (var file of files) {
if (fs.statSync(`${path}/${file}`).isDirectory()) continue; if (fs.statSync(`${path}/${file}`).isDirectory()) continue;
if (file.indexOf("index") !== -1) if (file.indexOf("index") !== -1) continue;
continue;
if (file.indexOf(".js") !== file.length - 3) continue; if (file.indexOf(".js") !== file.length - 3) continue;
var imported = (await import(`./${file}`)).default; var imported = (await import(`./${file}`)).default;
out.push(imported); out.push(imported);

View File

@ -1,7 +1,7 @@
import { Command } from "./index.js"; import { Command } from "./index.js";
import { User, Guild, Message } from "@fosscord/util"; import { User, Guild, Message } from "@fosscord/util";
const cache: { [key: string]: number; } = { const cache: { [key: string]: number } = {
users: 0, users: 0,
guilds: 0, guilds: 0,
messages: 0, messages: 0,
@ -11,7 +11,10 @@ const cache: { [key: string]: number; } = {
export default { export default {
name: "instance", name: "instance",
exec: async ({ message }) => { exec: async ({ message }) => {
if (Date.now() > cache.lastChecked + parseInt(process.env.CACHE_TTL as string)) { if (
Date.now() >
cache.lastChecked + parseInt(process.env.CACHE_TTL as string)
) {
cache.users = await User.count(); cache.users = await User.count();
cache.guilds = await Guild.count(); cache.guilds = await Guild.count();
cache.messages = await Message.count(); cache.messages = await Message.count();
@ -19,18 +22,35 @@ export default {
} }
return message.reply({ return message.reply({
embeds: [{ embeds: [
title: "Instance Stats", {
description: "For more indepth information, check out https://grafana.understars.dev", title: "Instance Stats",
footer: { description:
text: `Last checked: ${Math.floor((Date.now() - cache.lastChecked) / (1000 * 60))} minutes ago`, "For more indepth information, check out https://grafana.understars.dev",
footer: {
text: `Last checked: ${Math.floor(
(Date.now() - cache.lastChecked) / (1000 * 60),
)} minutes ago`,
},
fields: [
{
inline: true,
name: "Total Users",
value: cache.users.toString(),
},
{
inline: true,
name: "Total Guilds",
value: cache.guilds.toString(),
},
{
inline: true,
name: "Total Messages",
value: cache.messages.toString(),
},
],
}, },
fields: [ ],
{ inline: true, name: "Total Users", value: cache.users.toString() },
{ inline: true, name: "Total Guilds", value: cache.guilds.toString() },
{ inline: true, name: "Total Messages", value: cache.messages.toString() },
]
}]
}); });
} },
} as Command; } as Command;

View File

@ -1,6 +1,6 @@
import "dotenv/config"; import "dotenv/config";
import Fosscord from "fosscord-gopnik"; import Fosscord from "fosscord-gopnik";
import Bot from "./Bot.js"; // huh? import Bot from "./Bot.js"; // huh?
import { initDatabase } from "fosscord-server/src/util"; import { initDatabase } from "fosscord-server/src/util";
const client = new Fosscord.Client({ const client = new Fosscord.Client({
@ -21,4 +21,4 @@ client.on("messageCreate", bot.onMessageCreate);
(async () => { (async () => {
await initDatabase(); await initDatabase();
await client.login(process.env.TOKEN); await client.login(process.env.TOKEN);
})(); })();

View File

@ -1,101 +1,103 @@
{ {
"compilerOptions": { "compilerOptions": {
/* Visit https://aka.ms/tsconfig.json to read more about this file */ /* Visit https://aka.ms/tsconfig.json to read more about this file */
/* Projects */ /* Projects */
// "incremental": true, /* Enable incremental compilation */ // "incremental": true, /* Enable incremental compilation */
// "composite": true, /* Enable constraints that allow a TypeScript project to be used with project references. */ // "composite": true, /* Enable constraints that allow a TypeScript project to be used with project references. */
// "tsBuildInfoFile": "./", /* Specify the folder for .tsbuildinfo incremental compilation files. */ // "tsBuildInfoFile": "./", /* Specify the folder for .tsbuildinfo incremental compilation files. */
// "disableSourceOfProjectReferenceRedirect": true, /* Disable preferring source files instead of declaration files when referencing composite projects */ // "disableSourceOfProjectReferenceRedirect": true, /* Disable preferring source files instead of declaration files when referencing composite projects */
// "disableSolutionSearching": true, /* Opt a project out of multi-project reference checking when editing. */ // "disableSolutionSearching": true, /* Opt a project out of multi-project reference checking when editing. */
// "disableReferencedProjectLoad": true, /* Reduce the number of projects loaded automatically by TypeScript. */ // "disableReferencedProjectLoad": true, /* Reduce the number of projects loaded automatically by TypeScript. */
/* Language and Environment */ /* Language and Environment */
"target": "ES6", /* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */ "target": "ES6" /* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */,
"lib": ["ES2021"], /* Specify a set of bundled library declaration files that describe the target runtime environment. */ "lib": [
// "jsx": "preserve", /* Specify what JSX code is generated. */ "ES2021"
"experimentalDecorators": true, /* Enable experimental support for TC39 stage 2 draft decorators. */ ] /* Specify a set of bundled library declaration files that describe the target runtime environment. */,
// "emitDecoratorMetadata": true, /* Emit design-type metadata for decorated declarations in source files. */ // "jsx": "preserve", /* Specify what JSX code is generated. */
// "jsxFactory": "", /* Specify the JSX factory function used when targeting React JSX emit, e.g. 'React.createElement' or 'h' */ "experimentalDecorators": true /* Enable experimental support for TC39 stage 2 draft decorators. */,
// "jsxFragmentFactory": "", /* Specify the JSX Fragment reference used for fragments when targeting React JSX emit e.g. 'React.Fragment' or 'Fragment'. */ // "emitDecoratorMetadata": true, /* Emit design-type metadata for decorated declarations in source files. */
// "jsxImportSource": "", /* Specify module specifier used to import the JSX factory functions when using `jsx: react-jsx*`.` */ // "jsxFactory": "", /* Specify the JSX factory function used when targeting React JSX emit, e.g. 'React.createElement' or 'h' */
// "reactNamespace": "", /* Specify the object invoked for `createElement`. This only applies when targeting `react` JSX emit. */ // "jsxFragmentFactory": "", /* Specify the JSX Fragment reference used for fragments when targeting React JSX emit e.g. 'React.Fragment' or 'Fragment'. */
// "noLib": true, /* Disable including any library files, including the default lib.d.ts. */ // "jsxImportSource": "", /* Specify module specifier used to import the JSX factory functions when using `jsx: react-jsx*`.` */
// "useDefineForClassFields": true, /* Emit ECMAScript-standard-compliant class fields. */ // "reactNamespace": "", /* Specify the object invoked for `createElement`. This only applies when targeting `react` JSX emit. */
// "noLib": true, /* Disable including any library files, including the default lib.d.ts. */
// "useDefineForClassFields": true, /* Emit ECMAScript-standard-compliant class fields. */
/* Modules */ /* Modules */
"module": "CommonJS", /* Specify what module code is generated. */ "module": "CommonJS" /* Specify what module code is generated. */,
// "rootDir": "./", /* Specify the root folder within your source files. */ // "rootDir": "./", /* Specify the root folder within your source files. */
"moduleResolution": "node", /* Specify how TypeScript looks up a file from a given module specifier. */ "moduleResolution": "node" /* Specify how TypeScript looks up a file from a given module specifier. */,
// "baseUrl": "./", /* Specify the base directory to resolve non-relative module names. */ // "baseUrl": "./", /* Specify the base directory to resolve non-relative module names. */
// "paths": {}, /* Specify a set of entries that re-map imports to additional lookup locations. */ // "paths": {}, /* Specify a set of entries that re-map imports to additional lookup locations. */
// "rootDirs": [], /* Allow multiple folders to be treated as one when resolving modules. */ // "rootDirs": [], /* Allow multiple folders to be treated as one when resolving modules. */
// "typeRoots": [], /* Specify multiple folders that act like `./node_modules/@types`. */ // "typeRoots": [], /* Specify multiple folders that act like `./node_modules/@types`. */
// "types": [], /* Specify type package names to be included without being referenced in a source file. */ // "types": [], /* Specify type package names to be included without being referenced in a source file. */
// "allowUmdGlobalAccess": true, /* Allow accessing UMD globals from modules. */ // "allowUmdGlobalAccess": true, /* Allow accessing UMD globals from modules. */
// "resolveJsonModule": true, /* Enable importing .json files */ // "resolveJsonModule": true, /* Enable importing .json files */
// "noResolve": true, /* Disallow `import`s, `require`s or `<reference>`s from expanding the number of files TypeScript should add to a project. */ // "noResolve": true, /* Disallow `import`s, `require`s or `<reference>`s from expanding the number of files TypeScript should add to a project. */
/* JavaScript Support */ /* JavaScript Support */
// "allowJs": true, /* Allow JavaScript files to be a part of your program. Use the `checkJS` option to get errors from these files. */ // "allowJs": true, /* Allow JavaScript files to be a part of your program. Use the `checkJS` option to get errors from these files. */
// "checkJs": true, /* Enable error reporting in type-checked JavaScript files. */ // "checkJs": true, /* Enable error reporting in type-checked JavaScript files. */
// "maxNodeModuleJsDepth": 1, /* Specify the maximum folder depth used for checking JavaScript files from `node_modules`. Only applicable with `allowJs`. */ // "maxNodeModuleJsDepth": 1, /* Specify the maximum folder depth used for checking JavaScript files from `node_modules`. Only applicable with `allowJs`. */
/* Emit */ /* Emit */
// "declaration": true, /* Generate .d.ts files from TypeScript and JavaScript files in your project. */ // "declaration": true, /* Generate .d.ts files from TypeScript and JavaScript files in your project. */
// "declarationMap": true, /* Create sourcemaps for d.ts files. */ // "declarationMap": true, /* Create sourcemaps for d.ts files. */
// "emitDeclarationOnly": true, /* Only output d.ts files and not JavaScript files. */ // "emitDeclarationOnly": true, /* Only output d.ts files and not JavaScript files. */
"sourceMap": true, /* Create source map files for emitted JavaScript files. */ "sourceMap": true /* Create source map files for emitted JavaScript files. */,
// "outFile": "./", /* Specify a file that bundles all outputs into one JavaScript file. If `declaration` is true, also designates a file that bundles all .d.ts output. */ // "outFile": "./", /* Specify a file that bundles all outputs into one JavaScript file. If `declaration` is true, also designates a file that bundles all .d.ts output. */
"outDir": "./build", /* Specify an output folder for all emitted files. */ "outDir": "./build" /* Specify an output folder for all emitted files. */,
// "removeComments": true, /* Disable emitting comments. */ // "removeComments": true, /* Disable emitting comments. */
// "noEmit": true, /* Disable emitting files from a compilation. */ // "noEmit": true, /* Disable emitting files from a compilation. */
// "importHelpers": true, /* Allow importing helper functions from tslib once per project, instead of including them per-file. */ // "importHelpers": true, /* Allow importing helper functions from tslib once per project, instead of including them per-file. */
// "importsNotUsedAsValues": "remove", /* Specify emit/checking behavior for imports that are only used for types */ // "importsNotUsedAsValues": "remove", /* Specify emit/checking behavior for imports that are only used for types */
// "downlevelIteration": true, /* Emit more compliant, but verbose and less performant JavaScript for iteration. */ // "downlevelIteration": true, /* Emit more compliant, but verbose and less performant JavaScript for iteration. */
// "sourceRoot": "", /* Specify the root path for debuggers to find the reference source code. */ // "sourceRoot": "", /* Specify the root path for debuggers to find the reference source code. */
// "mapRoot": "", /* Specify the location where debugger should locate map files instead of generated locations. */ // "mapRoot": "", /* Specify the location where debugger should locate map files instead of generated locations. */
// "inlineSourceMap": true, /* Include sourcemap files inside the emitted JavaScript. */ // "inlineSourceMap": true, /* Include sourcemap files inside the emitted JavaScript. */
// "inlineSources": true, /* Include source code in the sourcemaps inside the emitted JavaScript. */ // "inlineSources": true, /* Include source code in the sourcemaps inside the emitted JavaScript. */
// "emitBOM": true, /* Emit a UTF-8 Byte Order Mark (BOM) in the beginning of output files. */ // "emitBOM": true, /* Emit a UTF-8 Byte Order Mark (BOM) in the beginning of output files. */
// "newLine": "crlf", /* Set the newline character for emitting files. */ // "newLine": "crlf", /* Set the newline character for emitting files. */
// "stripInternal": true, /* Disable emitting declarations that have `@internal` in their JSDoc comments. */ // "stripInternal": true, /* Disable emitting declarations that have `@internal` in their JSDoc comments. */
// "noEmitHelpers": true, /* Disable generating custom helper functions like `__extends` in compiled output. */ // "noEmitHelpers": true, /* Disable generating custom helper functions like `__extends` in compiled output. */
// "noEmitOnError": true, /* Disable emitting files if any type checking errors are reported. */ // "noEmitOnError": true, /* Disable emitting files if any type checking errors are reported. */
// "preserveConstEnums": true, /* Disable erasing `const enum` declarations in generated code. */ // "preserveConstEnums": true, /* Disable erasing `const enum` declarations in generated code. */
// "declarationDir": "./", /* Specify the output directory for generated declaration files. */ // "declarationDir": "./", /* Specify the output directory for generated declaration files. */
// "preserveValueImports": true, /* Preserve unused imported values in the JavaScript output that would otherwise be removed. */ // "preserveValueImports": true, /* Preserve unused imported values in the JavaScript output that would otherwise be removed. */
/* Interop Constraints */ /* Interop Constraints */
// "isolatedModules": true, /* Ensure that each file can be safely transpiled without relying on other imports. */ // "isolatedModules": true, /* Ensure that each file can be safely transpiled without relying on other imports. */
// "allowSyntheticDefaultImports": true, /* Allow 'import x from y' when a module doesn't have a default export. */ // "allowSyntheticDefaultImports": true, /* Allow 'import x from y' when a module doesn't have a default export. */
"esModuleInterop": true, /* Emit additional JavaScript to ease support for importing CommonJS modules. This enables `allowSyntheticDefaultImports` for type compatibility. */ "esModuleInterop": true /* Emit additional JavaScript to ease support for importing CommonJS modules. This enables `allowSyntheticDefaultImports` for type compatibility. */,
// "preserveSymlinks": true, /* Disable resolving symlinks to their realpath. This correlates to the same flag in node. */ // "preserveSymlinks": true, /* Disable resolving symlinks to their realpath. This correlates to the same flag in node. */
"forceConsistentCasingInFileNames": true, /* Ensure that casing is correct in imports. */ "forceConsistentCasingInFileNames": true /* Ensure that casing is correct in imports. */,
/* Type Checking */ /* Type Checking */
"strict": true, /* Enable all strict type-checking options. */ "strict": true /* Enable all strict type-checking options. */,
// "noImplicitAny": true, /* Enable error reporting for expressions and declarations with an implied `any` type.. */ // "noImplicitAny": true, /* Enable error reporting for expressions and declarations with an implied `any` type.. */
// "strictNullChecks": true, /* When type checking, take into account `null` and `undefined`. */ // "strictNullChecks": true, /* When type checking, take into account `null` and `undefined`. */
// "strictFunctionTypes": true, /* When assigning functions, check to ensure parameters and the return values are subtype-compatible. */ // "strictFunctionTypes": true, /* When assigning functions, check to ensure parameters and the return values are subtype-compatible. */
// "strictBindCallApply": true, /* Check that the arguments for `bind`, `call`, and `apply` methods match the original function. */ // "strictBindCallApply": true, /* Check that the arguments for `bind`, `call`, and `apply` methods match the original function. */
"strictPropertyInitialization": false, /* Check for class properties that are declared but not set in the constructor. */ "strictPropertyInitialization": false /* Check for class properties that are declared but not set in the constructor. */,
// "noImplicitThis": true, /* Enable error reporting when `this` is given the type `any`. */ // "noImplicitThis": true, /* Enable error reporting when `this` is given the type `any`. */
// "useUnknownInCatchVariables": true, /* Type catch clause variables as 'unknown' instead of 'any'. */ // "useUnknownInCatchVariables": true, /* Type catch clause variables as 'unknown' instead of 'any'. */
// "alwaysStrict": true, /* Ensure 'use strict' is always emitted. */ // "alwaysStrict": true, /* Ensure 'use strict' is always emitted. */
// "noUnusedLocals": true, /* Enable error reporting when a local variables aren't read. */ // "noUnusedLocals": true, /* Enable error reporting when a local variables aren't read. */
// "noUnusedParameters": true, /* Raise an error when a function parameter isn't read */ // "noUnusedParameters": true, /* Raise an error when a function parameter isn't read */
// "exactOptionalPropertyTypes": true, /* Interpret optional property types as written, rather than adding 'undefined'. */ // "exactOptionalPropertyTypes": true, /* Interpret optional property types as written, rather than adding 'undefined'. */
// "noImplicitReturns": true, /* Enable error reporting for codepaths that do not explicitly return in a function. */ // "noImplicitReturns": true, /* Enable error reporting for codepaths that do not explicitly return in a function. */
// "noFallthroughCasesInSwitch": true, /* Enable error reporting for fallthrough cases in switch statements. */ // "noFallthroughCasesInSwitch": true, /* Enable error reporting for fallthrough cases in switch statements. */
// "noUncheckedIndexedAccess": true, /* Include 'undefined' in index signature results */ // "noUncheckedIndexedAccess": true, /* Include 'undefined' in index signature results */
// "noImplicitOverride": true, /* Ensure overriding members in derived classes are marked with an override modifier. */ // "noImplicitOverride": true, /* Ensure overriding members in derived classes are marked with an override modifier. */
// "noPropertyAccessFromIndexSignature": true, /* Enforces using indexed accessors for keys declared using an indexed type */ // "noPropertyAccessFromIndexSignature": true, /* Enforces using indexed accessors for keys declared using an indexed type */
// "allowUnusedLabels": true, /* Disable error reporting for unused labels. */ // "allowUnusedLabels": true, /* Disable error reporting for unused labels. */
// "allowUnreachableCode": true, /* Disable error reporting for unreachable code. */ // "allowUnreachableCode": true, /* Disable error reporting for unreachable code. */
/* Completeness */ /* Completeness */
// "skipDefaultLibCheck": true, /* Skip type checking .d.ts files that are included with TypeScript. */ // "skipDefaultLibCheck": true, /* Skip type checking .d.ts files that are included with TypeScript. */
"skipLibCheck": true /* Skip type checking all .d.ts files. */ "skipLibCheck": true /* Skip type checking all .d.ts files. */
} }
} }

View File

@ -4,13 +4,13 @@ html {
--background-primary: rgb(22, 23, 25); --background-primary: rgb(22, 23, 25);
--background-secondary: rgb(15, 16, 18); --background-secondary: rgb(15, 16, 18);
--foreground-primary: rgb(200, 200, 200); --foreground-primary: rgb(200, 200, 200);
--background-login-discord: #5865F2; --background-login-discord: #5865f2;
background: url("https://slowcord.maddy.k.vu/assets/background.png"); background: url("https://slowcord.maddy.k.vu/assets/background.png");
background-size: 100% 100%; background-size: 100% 100%;
background-repeat: no-repeat; background-repeat: no-repeat;
font-family: 'Montserrat', sans-serif; font-family: "Montserrat", sans-serif;
color: var(--foreground-primary); color: var(--foreground-primary);
} }
@ -55,7 +55,8 @@ html {
text-align: center; text-align: center;
} }
.header-subtext a, .header-subtext p { .header-subtext a,
.header-subtext p {
display: inline-block; display: inline-block;
margin: 0 10px 0 10px; margin: 0 10px 0 10px;
} }
@ -109,4 +110,4 @@ label {
display: flex; display: flex;
justify-content: center; justify-content: center;
margin-top: 10px; margin-top: 10px;
} }

View File

@ -29,13 +29,12 @@ const handleSubmit = async (path, body) => {
} }
// Very fun error message here lol // Very fun error message here lol
const error = const error = json.errors
json.errors ? Object.values(json.errors)[0]._errors[0].message
? Object.values(json.errors)[0]._errors[0].message : json.captcha_key
: ( ? "Captcha required"
json.captcha_key ? "Captcha required" : json.message : json.message;
);
failureMessage.innerHTML = error; failureMessage.innerHTML = error;
failureMessage.style.display = "block"; failureMessage.style.display = "block";
}; };

View File

@ -1,103 +1,127 @@
<html lang="en"> <html lang="en">
<head>
<meta charset="UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Slowcord</title>
<head> <link rel="preconnect" href="https://fonts.googleapis.com" />
<meta charset="UTF-8"> <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin />
<meta http-equiv="X-UA-Compatible" content="IE=edge"> <link
<meta name="viewport" content="width=device-width, initial-scale=1.0"> href="https://fonts.googleapis.com/css2?family=Montserrat&display=swap"
<title>Slowcord</title> rel="stylesheet"
/>
<link rel="preconnect" href="https://fonts.googleapis.com"> <link rel="stylesheet" href="./css/index.css" />
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin> <script src="js/handler.js"></script>
<link href="https://fonts.googleapis.com/css2?family=Montserrat&display=swap" rel="stylesheet"> </head>
<link rel="stylesheet" href="./css/index.css"> <body>
<script src="js/handler.js"></script> <div class="content">
</head> <div class="login">
<div class="header">
<h1>Welcome to Slowcord</h1>
<div class="header-subtext">
<p>Glad to see you &lt;3</p>
<a href="/register">Wait, I'm new!</a>
</div>
<body> <p id="failure">Login failed</p>
<div class="content">
<div class="login">
<div class="header">
<h1>Welcome to Slowcord</h1>
<div class="header-subtext">
<p>Glad to see you &lt;3 </p>
<a href="/register">Wait, I'm new!</a>
</div> </div>
<p id="failure">Login failed</p> <form action="javascript:void(0);" name="login">
<label for="email">Email</label>
<input type="email" name="email" />
<label for="password">Password</label>
<input type="password" name="password" />
<input type="submit" value="Login" />
<a
id="loginDiscord"
class="oauth"
href="https://discord.com/api/oauth2/authorize?client_id=991688571415175198&redirect_uri=https%3A%2F%2Fslowcord.maddy.k.vu%2Foauth%2Fdiscord&response_type=code&scope=identify%20email"
>
Login with Discord
</a>
<div
class="h-captcha"
data-sitekey="fa3163ea-79a7-4b7b-b752-b58c545906c8"
data-theme="dark"
></div>
<script
src="https://js.hcaptcha.com/1/api.js"
async
defer
></script>
</form>
<form
action="javascript:void(0);"
name="2fa"
style="display: none"
>
<label for="code">2FA Code</label>
<input type="number" name="code" />
<input type="hidden" name="ticket" />
<input type="submit" value="Login" />
</form>
</div> </div>
<form action="javascript:void(0);" name="login">
<label for="email">Email</label>
<input type="email" name="email" />
<label for="password">Password</label>
<input type="password" name="password" />
<input type="submit" value="Login" />
<a id="loginDiscord" class="oauth"
href="https://discord.com/api/oauth2/authorize?client_id=991688571415175198&redirect_uri=https%3A%2F%2Fslowcord.maddy.k.vu%2Foauth%2Fdiscord&response_type=code&scope=identify%20email">
Login with Discord
</a>
<div class="h-captcha" data-sitekey="fa3163ea-79a7-4b7b-b752-b58c545906c8" data-theme="dark"></div>
<script src="https://js.hcaptcha.com/1/api.js" async defer></script>
</form>
<form action="javascript:void(0);" name="2fa" style="display: none">
<label for="code">2FA Code</label>
<input type="number" name="code" />
<input type="hidden" name="ticket" />
<input type="submit" value="Login"/>
</form>
</div> </div>
</div>
<script> <script>
/* https://stackoverflow.com/questions/5639346/what-is-the-shortest-function-for-reading-a-cookie-by-name-in-javascript */ /* https://stackoverflow.com/questions/5639346/what-is-the-shortest-function-for-reading-a-cookie-by-name-in-javascript */
const getCookieValue = (name) => ( const getCookieValue = (name) =>
document.cookie.match('(^|;)\\s*' + name + '\\s*=\\s*([^;]+)')?.pop() || '' document.cookie
); .match("(^|;)\\s*" + name + "\\s*=\\s*([^;]+)")
?.pop() || "";
let token = getCookieValue("token"); let token = getCookieValue("token");
if (token.trim().length) { if (token.trim().length) {
/* https://stackoverflow.com/a/27374365 */ /* https://stackoverflow.com/a/27374365 */
// why is clearing cookies so weird? wtf // why is clearing cookies so weird? wtf
document.cookie.split(";").forEach(function (c) { document.cookie = c.replace(/^ +/, "").replace(/=.*/, "=;expires=" + new Date().toUTCString() + ";path=/"); }); document.cookie.split(";").forEach(function (c) {
window.localStorage.setItem("token", `"${token}"`); document.cookie = c
window.location.href = "/app"; .replace(/^ +/, "")
} .replace(
/=.*/,
"=;expires=" + new Date().toUTCString() + ";path=/",
);
});
window.localStorage.setItem("token", `"${token}"`);
window.location.href = "/app";
}
token = window.localStorage.getItem("token"); token = window.localStorage.getItem("token");
if (token) window.location.href = "/app"; if (token) window.location.href = "/app";
document.forms["login"].addEventListener("submit", async (e) => { document.forms["login"].addEventListener("submit", async (e) => {
const data = new FormData(e.target); const data = new FormData(e.target);
const email = data.get("email"); const email = data.get("email");
const password = data.get("password"); const password = data.get("password");
const hcaptcha = data.get("h-captcha-response"); const hcaptcha = data.get("h-captcha-response");
await handleSubmit("/api/v9/auth/login", { await handleSubmit("/api/v9/auth/login", {
login: email, login: email,
password: password, password: password,
captcha_key: hcaptcha, captcha_key: hcaptcha,
});
}); });
})
document.forms["2fa"].addEventListener("submit", async (e) => { document.forms["2fa"].addEventListener("submit", async (e) => {
const data = new FormData(e.target); const data = new FormData(e.target);
const code = data.get("code"); const code = data.get("code");
const ticket = data.get("ticket"); const ticket = data.get("ticket");
await handleSubmit("/api/v9/auth/mfa/totp", { await handleSubmit("/api/v9/auth/mfa/totp", {
code: code, code: code,
ticket: ticket, ticket: ticket,
});
}); });
}) </script>
</script> </body>
</body> </html>
</html>

View File

@ -1,78 +1,88 @@
<html lang="en"> <html lang="en">
<head>
<meta charset="UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Slowcord</title>
<head> <link rel="preconnect" href="https://fonts.googleapis.com" />
<meta charset="UTF-8"> <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin />
<meta http-equiv="X-UA-Compatible" content="IE=edge"> <link
<meta name="viewport" content="width=device-width, initial-scale=1.0"> href="https://fonts.googleapis.com/css2?family=Montserrat&display=swap"
<title>Slowcord</title> rel="stylesheet"
/>
<link rel="preconnect" href="https://fonts.googleapis.com"> <link rel="stylesheet" href="./css/index.css" />
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin> <script src="js/handler.js"></script>
<link href="https://fonts.googleapis.com/css2?family=Montserrat&display=swap" rel="stylesheet"> </head>
<link rel="stylesheet" href="./css/index.css"> <body>
<script src="js/handler.js"></script> <div class="content">
</head> <div class="login">
<div class="header">
<h1>Welcome to Slowcord</h1>
<div class="header-subtext">
<p>You're new?</p>
<a href="/login">Actually, I'm not!</a>
</div>
<body> <p id="failure">Register failed</p>
<div class="content">
<div class="login">
<div class="header">
<h1>Welcome to Slowcord</h1>
<div class="header-subtext">
<p>You're new?</p>
<a href="/login">Actually, I'm not!</a>
</div> </div>
<p id="failure">Register failed</p> <form action="javascript:void(0);">
<label for="email">Email</label>
<input type="email" name="email" />
<label for="username">Username</label>
<input type="username" name="username" />
<label for="password">Password</label>
<input type="password" name="password" />
<label for="dob">Date of Birth</label>
<input type="date" name="dob" />
<input type="submit" value="Register" />
<a
id="loginDiscord"
class="oauth"
href="https://discord.com/api/oauth2/authorize?client_id=991688571415175198&redirect_uri=https%3A%2F%2Fslowcord.maddy.k.vu%2Foauth%2Fdiscord&response_type=code&scope=identify%20email"
>
Login with Discord
</a>
<div
class="h-captcha"
data-sitekey="fa3163ea-79a7-4b7b-b752-b58c545906c8"
></div>
<script
src="https://js.hcaptcha.com/1/api.js"
async
defer
></script>
</form>
</div> </div>
<form action="javascript:void(0);">
<label for="email">Email</label>
<input type="email" name="email" />
<label for="username">Username</label>
<input type="username" name="username" />
<label for="password">Password</label>
<input type="password" name="password" />
<label for="dob">Date of Birth</label>
<input type="date" name="dob" />
<input type="submit" value="Register" />
<a id="loginDiscord" class="oauth"
href="https://discord.com/api/oauth2/authorize?client_id=991688571415175198&redirect_uri=https%3A%2F%2Fslowcord.maddy.k.vu%2Foauth%2Fdiscord&response_type=code&scope=identify%20email">
Login with Discord
</a>
<div class="h-captcha" data-sitekey="fa3163ea-79a7-4b7b-b752-b58c545906c8"></div>
<script src="https://js.hcaptcha.com/1/api.js" async defer></script>
</form>
</div> </div>
</div>
<script> <script>
document.forms[0].addEventListener("submit", async (e) => { document.forms[0].addEventListener("submit", async (e) => {
const data = new FormData(e.target); const data = new FormData(e.target);
const email = data.get("email"); const email = data.get("email");
const username = data.get("username"); const username = data.get("username");
const password = data.get("password"); const password = data.get("password");
const dob = data.get("dob"); const dob = data.get("dob");
const hcaptcha = data.get("h-captcha-response") const hcaptcha = data.get("h-captcha-response");
await handleSubmit("/api/v9/auth/register", { await handleSubmit("/api/v9/auth/register", {
consent: true, consent: true,
email: email, email: email,
username: username, username: username,
password: password, password: password,
date_of_birth: dob, date_of_birth: dob,
captcha_key: hcaptcha, captcha_key: hcaptcha,
});
}); });
}) </script>
</script> </body>
</body> </html>
</html>

View File

@ -1,7 +1,13 @@
import "dotenv/config"; import "dotenv/config";
import express, { Request, Response } from "express"; import express, { Request, Response } from "express";
import cookieParser from "cookie-parser"; import cookieParser from "cookie-parser";
import { initDatabase, generateToken, User, Config, handleFile } from "fosscord-server/src/util"; import {
initDatabase,
generateToken,
User,
Config,
handleFile,
} from "fosscord-server/src/util";
import path from "path"; import path from "path";
import fetch from "node-fetch"; import fetch from "node-fetch";
@ -16,8 +22,8 @@ app.use(cookieParser());
const port = process.env.PORT; const port = process.env.PORT;
// ip -> unix epoch that requests will be accepted again // ip -> unix epoch that requests will be accepted again
const rateLimits: { [ip: string]: number; } = {}; const rateLimits: { [ip: string]: number } = {};
const allowRequestsEveryMs = 0.5 * 1000; // every half second const allowRequestsEveryMs = 0.5 * 1000; // every half second
const allowedRequestsPerSecond = 50; const allowedRequestsPerSecond = 50;
let requestsThisSecond = 0; let requestsThisSecond = 0;
@ -36,23 +42,25 @@ class Discord {
static getAccessToken = async (req: Request, res: Response) => { static getAccessToken = async (req: Request, res: Response) => {
const { code } = req.query; const { code } = req.query;
const body = new URLSearchParams(Object.entries({ const body = new URLSearchParams(
client_id: process.env.DISCORD_CLIENT_ID as string, Object.entries({
client_secret: process.env.DISCORD_SECRET as string, client_id: process.env.DISCORD_CLIENT_ID as string,
redirect_uri: process.env.DISCORD_REDIRECT as string, client_secret: process.env.DISCORD_SECRET as string,
code: code as string, redirect_uri: process.env.DISCORD_REDIRECT as string,
grant_type: "authorization_code", code: code as string,
})).toString(); grant_type: "authorization_code",
}),
).toString();
const resp = await fetch("https://discord.com/api/oauth2/token", { const resp = await fetch("https://discord.com/api/oauth2/token", {
method: "POST", method: "POST",
headers: { headers: {
"Content-Type": "application/x-www-form-urlencoded", "Content-Type": "application/x-www-form-urlencoded",
}, },
body: body body: body,
}); });
const json = await resp.json() as any; const json = (await resp.json()) as any;
if (json.error) return null; if (json.error) return null;
return { return {
@ -67,24 +75,26 @@ class Discord {
static getUserDetails = async (token: string) => { static getUserDetails = async (token: string) => {
const resp = await fetch("https://discord.com/api/users/@me", { const resp = await fetch("https://discord.com/api/users/@me", {
headers: { headers: {
"Authorization": `Bearer ${token}`, Authorization: `Bearer ${token}`,
} },
}); });
const json = await resp.json() as any; const json = (await resp.json()) as any;
if (!json.username || !json.email) return null; // eh, deal with bad code later if (!json.username || !json.email) return null; // eh, deal with bad code later
return { return {
id: json.id, id: json.id,
email: json.email, email: json.email,
username: json.username, username: json.username,
avatar_url: json.avatar ? `https://cdn.discordapp.com/avatars/${json.id}/${json.avatar}?size=2048` : null, avatar_url: json.avatar
? `https://cdn.discordapp.com/avatars/${json.id}/${json.avatar}?size=2048`
: null,
}; };
}; };
} }
const handlers: { [key: string]: any; } = { const handlers: { [key: string]: any } = {
"discord": Discord, discord: Discord,
}; };
app.get("/oauth/:type", async (req, res) => { app.get("/oauth/:type", async (req, res) => {
@ -92,17 +102,21 @@ app.get("/oauth/:type", async (req, res) => {
if (requestsThisSecond > allowedRequestsPerSecond) if (requestsThisSecond > allowedRequestsPerSecond)
return res.sendStatus(429); return res.sendStatus(429);
const ip = (req.headers["x-forwarded-for"] as string) || req.socket.remoteAddress as string; const ip =
(req.headers["x-forwarded-for"] as string) ||
(req.socket.remoteAddress as string);
console.log(`${ip}`); console.log(`${ip}`);
if (!rateLimits[ip]) { if (!rateLimits[ip]) {
rateLimits[ip] = Date.now() + allowRequestsEveryMs; rateLimits[ip] = Date.now() + allowRequestsEveryMs;
} } else if (rateLimits[ip] > Date.now()) {
else if (rateLimits[ip] > Date.now()) {
rateLimits[ip] += allowRequestsEveryMs; rateLimits[ip] += allowRequestsEveryMs;
console.log(`${new Date()} : user ${ip} was timed out for ${(rateLimits[ip] - Date.now()) / 1000}s`); console.log(
`${new Date()} : user ${ip} was timed out for ${
(rateLimits[ip] - Date.now()) / 1000
}s`,
);
return res.sendStatus(429); return res.sendStatus(429);
} } else {
else {
delete rateLimits[ip]; delete rateLimits[ip];
} }
@ -121,16 +135,18 @@ app.get("/oauth/:type", async (req, res) => {
user = await User.register({ user = await User.register({
email: details.email, email: details.email,
username: details.username, username: details.username,
req req,
}); });
if (details.avatar_url) { if (details.avatar_url) {
try { try {
const avatar = await handleFile(`/avatars/${user.id}`, await toDataURL(details.avatar_url) as string); const avatar = await handleFile(
`/avatars/${user.id}`,
(await toDataURL(details.avatar_url)) as string,
);
user.avatar = avatar; user.avatar = avatar;
await user.save(); await user.save();
} } catch (e) {
catch (e) {
console.error(e); console.error(e);
} }
} }
@ -152,4 +168,4 @@ app.use(express.static("public", { extensions: ["html"] }));
app.listen(port, () => { app.listen(port, () => {
console.log(`Listening on port ${port}`); console.log(`Listening on port ${port}`);
}); });
})(); })();

View File

@ -1,10 +1,6 @@
{ {
"exclude": [ "exclude": ["node_modules"],
"node_modules" "include": ["src/**/*.ts"],
],
"include": [
"src/**/*.ts"
],
"compilerOptions": { "compilerOptions": {
/* Visit https://aka.ms/tsconfig.json to read more about this file */ /* Visit https://aka.ms/tsconfig.json to read more about this file */
/* Projects */ /* Projects */
@ -15,10 +11,12 @@
// "disableSolutionSearching": true, /* Opt a project out of multi-project reference checking when editing. */ // "disableSolutionSearching": true, /* Opt a project out of multi-project reference checking when editing. */
// "disableReferencedProjectLoad": true, /* Reduce the number of projects loaded automatically by TypeScript. */ // "disableReferencedProjectLoad": true, /* Reduce the number of projects loaded automatically by TypeScript. */
/* Language and Environment */ /* Language and Environment */
"target": "ES6", /* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */ "target": "ES6" /* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */,
"lib": ["ES2021"], /* Specify a set of bundled library declaration files that describe the target runtime environment. */ "lib": [
"ES2021"
] /* Specify a set of bundled library declaration files that describe the target runtime environment. */,
// "jsx": "preserve", /* Specify what JSX code is generated. */ // "jsx": "preserve", /* Specify what JSX code is generated. */
"experimentalDecorators": true, /* Enable experimental support for TC39 stage 2 draft decorators. */ "experimentalDecorators": true /* Enable experimental support for TC39 stage 2 draft decorators. */,
// "emitDecoratorMetadata": true, /* Emit design-type metadata for decorated declarations in source files. */ // "emitDecoratorMetadata": true, /* Emit design-type metadata for decorated declarations in source files. */
// "jsxFactory": "", /* Specify the JSX factory function used when targeting React JSX emit, e.g. 'React.createElement' or 'h' */ // "jsxFactory": "", /* Specify the JSX factory function used when targeting React JSX emit, e.g. 'React.createElement' or 'h' */
// "jsxFragmentFactory": "", /* Specify the JSX Fragment reference used for fragments when targeting React JSX emit e.g. 'React.Fragment' or 'Fragment'. */ // "jsxFragmentFactory": "", /* Specify the JSX Fragment reference used for fragments when targeting React JSX emit e.g. 'React.Fragment' or 'Fragment'. */
@ -27,14 +25,16 @@
// "noLib": true, /* Disable including any library files, including the default lib.d.ts. */ // "noLib": true, /* Disable including any library files, including the default lib.d.ts. */
// "useDefineForClassFields": true, /* Emit ECMAScript-standard-compliant class fields. */ // "useDefineForClassFields": true, /* Emit ECMAScript-standard-compliant class fields. */
/* Modules */ /* Modules */
"module": "ES2020", /* Specify what module code is generated. */ "module": "ES2020" /* Specify what module code is generated. */,
// "rootDir": "./", /* Specify the root folder within your source files. */ // "rootDir": "./", /* Specify the root folder within your source files. */
"moduleResolution": "node", /* Specify how TypeScript looks up a file from a given module specifier. */ "moduleResolution": "node" /* Specify how TypeScript looks up a file from a given module specifier. */,
// "baseUrl": "./", /* Specify the base directory to resolve non-relative module names. */ // "baseUrl": "./", /* Specify the base directory to resolve non-relative module names. */
// "paths": {}, /* Specify a set of entries that re-map imports to additional lookup locations. */ // "paths": {}, /* Specify a set of entries that re-map imports to additional lookup locations. */
// "rootDirs": [], /* Allow multiple folders to be treated as one when resolving modules. */ // "rootDirs": [], /* Allow multiple folders to be treated as one when resolving modules. */
// "typeRoots": [], /* Specify multiple folders that act like `./node_modules/@types`. */ // "typeRoots": [], /* Specify multiple folders that act like `./node_modules/@types`. */
"types": ["node"], /* Specify type package names to be included without being referenced in a source file. */ "types": [
"node"
] /* Specify type package names to be included without being referenced in a source file. */,
// "allowUmdGlobalAccess": true, /* Allow accessing UMD globals from modules. */ // "allowUmdGlobalAccess": true, /* Allow accessing UMD globals from modules. */
// "resolveJsonModule": true, /* Enable importing .json files */ // "resolveJsonModule": true, /* Enable importing .json files */
// "noResolve": true, /* Disallow `import`s, `require`s or `<reference>`s from expanding the number of files TypeScript should add to a project. */ // "noResolve": true, /* Disallow `import`s, `require`s or `<reference>`s from expanding the number of files TypeScript should add to a project. */
@ -46,9 +46,9 @@
// "declaration": true, /* Generate .d.ts files from TypeScript and JavaScript files in your project. */ // "declaration": true, /* Generate .d.ts files from TypeScript and JavaScript files in your project. */
// "declarationMap": true, /* Create sourcemaps for d.ts files. */ // "declarationMap": true, /* Create sourcemaps for d.ts files. */
// "emitDeclarationOnly": true, /* Only output d.ts files and not JavaScript files. */ // "emitDeclarationOnly": true, /* Only output d.ts files and not JavaScript files. */
"sourceMap": true, /* Create source map files for emitted JavaScript files. */ "sourceMap": true /* Create source map files for emitted JavaScript files. */,
// "outFile": "./", /* Specify a file that bundles all outputs into one JavaScript file. If `declaration` is true, also designates a file that bundles all .d.ts output. */ // "outFile": "./", /* Specify a file that bundles all outputs into one JavaScript file. If `declaration` is true, also designates a file that bundles all .d.ts output. */
"outDir": "./build", /* Specify an output folder for all emitted files. */ "outDir": "./build" /* Specify an output folder for all emitted files. */,
// "removeComments": true, /* Disable emitting comments. */ // "removeComments": true, /* Disable emitting comments. */
// "noEmit": true, /* Disable emitting files from a compilation. */ // "noEmit": true, /* Disable emitting files from a compilation. */
// "importHelpers": true, /* Allow importing helper functions from tslib once per project, instead of including them per-file. */ // "importHelpers": true, /* Allow importing helper functions from tslib once per project, instead of including them per-file. */
@ -69,16 +69,16 @@
/* Interop Constraints */ /* Interop Constraints */
// "isolatedModules": true, /* Ensure that each file can be safely transpiled without relying on other imports. */ // "isolatedModules": true, /* Ensure that each file can be safely transpiled without relying on other imports. */
// "allowSyntheticDefaultImports": true, /* Allow 'import x from y' when a module doesn't have a default export. */ // "allowSyntheticDefaultImports": true, /* Allow 'import x from y' when a module doesn't have a default export. */
"esModuleInterop": true, /* Emit additional JavaScript to ease support for importing CommonJS modules. This enables `allowSyntheticDefaultImports` for type compatibility. */ "esModuleInterop": true /* Emit additional JavaScript to ease support for importing CommonJS modules. This enables `allowSyntheticDefaultImports` for type compatibility. */,
// "preserveSymlinks": true, /* Disable resolving symlinks to their realpath. This correlates to the same flag in node. */ // "preserveSymlinks": true, /* Disable resolving symlinks to their realpath. This correlates to the same flag in node. */
"forceConsistentCasingInFileNames": true, /* Ensure that casing is correct in imports. */ "forceConsistentCasingInFileNames": true /* Ensure that casing is correct in imports. */,
/* Type Checking */ /* Type Checking */
"strict": true, /* Enable all strict type-checking options. */ "strict": true /* Enable all strict type-checking options. */,
// "noImplicitAny": true, /* Enable error reporting for expressions and declarations with an implied `any` type.. */ // "noImplicitAny": true, /* Enable error reporting for expressions and declarations with an implied `any` type.. */
// "strictNullChecks": true, /* When type checking, take into account `null` and `undefined`. */ // "strictNullChecks": true, /* When type checking, take into account `null` and `undefined`. */
// "strictFunctionTypes": true, /* When assigning functions, check to ensure parameters and the return values are subtype-compatible. */ // "strictFunctionTypes": true, /* When assigning functions, check to ensure parameters and the return values are subtype-compatible. */
// "strictBindCallApply": true, /* Check that the arguments for `bind`, `call`, and `apply` methods match the original function. */ // "strictBindCallApply": true, /* Check that the arguments for `bind`, `call`, and `apply` methods match the original function. */
"strictPropertyInitialization": false, /* Check for class properties that are declared but not set in the constructor. */ "strictPropertyInitialization": false /* Check for class properties that are declared but not set in the constructor. */,
// "noImplicitThis": true, /* Enable error reporting when `this` is given the type `any`. */ // "noImplicitThis": true, /* Enable error reporting when `this` is given the type `any`. */
// "useUnknownInCatchVariables": true, /* Type catch clause variables as 'unknown' instead of 'any'. */ // "useUnknownInCatchVariables": true, /* Type catch clause variables as 'unknown' instead of 'any'. */
// "alwaysStrict": true, /* Ensure 'use strict' is always emitted. */ // "alwaysStrict": true, /* Ensure 'use strict' is always emitted. */
@ -94,6 +94,6 @@
// "allowUnreachableCode": true, /* Disable error reporting for unreachable code. */ // "allowUnreachableCode": true, /* Disable error reporting for unreachable code. */
/* Completeness */ /* Completeness */
// "skipDefaultLibCheck": true, /* Skip type checking .d.ts files that are included with TypeScript. */ // "skipDefaultLibCheck": true, /* Skip type checking .d.ts files that are included with TypeScript. */
"skipLibCheck": true /* Skip type checking all .d.ts files. */ "skipLibCheck": true /* Skip type checking all .d.ts files. */
} }
} }

View File

@ -3,11 +3,12 @@
Slowcord is a heavily modded Fosscord instance. You can browse it's source here: https://github.com/MaddyUnderStars/fosscord-server/tree/slowcord Slowcord is a heavily modded Fosscord instance. You can browse it's source here: https://github.com/MaddyUnderStars/fosscord-server/tree/slowcord
## Here are some general instance-wide rules: ## Here are some general instance-wide rules:
* **Harassment, homophobia, transphobia, etc, violence, and hate speech are forbidden.**
* Behaviour that harms the service - be it malicious/intentional or not - is strictly forbidden. This may include API abuse/spam, exploits, etc. - **Harassment, homophobia, transphobia, etc, violence, and hate speech are forbidden.**
* * If you do discover an exploit/bug, it would be greatly appreciated if you could create an issue in the above repo, or DM @MaddyUnderStars#0000. - Behaviour that harms the service - be it malicious/intentional or not - is strictly forbidden. This may include API abuse/spam, exploits, etc.
* Any content that would be considered illegal in Australia is also forbidden. Additionally, if it is illegal in your own country, it shouldn't be here. - - If you do discover an exploit/bug, it would be greatly appreciated if you could create an issue in the above repo, or DM @MaddyUnderStars#0000.
* Bots/selfbots are allowed. If you would like an account to be given bot status, DM @MaddyUnderStars#0000. - Any content that would be considered illegal in Australia is also forbidden. Additionally, if it is illegal in your own country, it shouldn't be here.
- Bots/selfbots are allowed. If you would like an account to be given bot status, DM @MaddyUnderStars#0000.
These rules are non-exhaustive, but should give a good idea of what will be enforced. These rules are non-exhaustive, but should give a good idea of what will be enforced.
@ -16,5 +17,6 @@ Permanent Slowcord guild invite: https://slowcord.understars.dev/invite/slowcord
### If a message or user breaks these rules, you can report it here: https://forms.gle/sd6RkdM7gRgJLV368 ### If a message or user breaks these rules, you can report it here: https://forms.gle/sd6RkdM7gRgJLV368
#### Lastly ( and not rules ): #### Lastly ( and not rules ):
* If you use BetterDiscord or Powercord, and want an easier time accessing Slowcord and other Fosscord instances, check out https://github.com/maddyunderstars/fosscord-bd!
* Also, if you're on Android, you can download the mobile client at https://slowcord.understars.dev/assets/slowcord.apk - If you use BetterDiscord or Powercord, and want an easier time accessing Slowcord and other Fosscord instances, check out https://github.com/maddyunderstars/fosscord-bd!
- Also, if you're on Android, you can download the mobile client at https://slowcord.understars.dev/assets/slowcord.apk

View File

@ -5,14 +5,22 @@ import mysql from "mysql2";
import fetch from "node-fetch"; import fetch from "node-fetch";
const dbConn = mysql.createConnection(process.env.DATABASE as string); const dbConn = mysql.createConnection(process.env.DATABASE as string);
const executePromise = (sql: string, args: any[]) => new Promise((resolve, reject) => dbConn.execute(sql, args, (err, res) => { if (err) reject(err); else resolve(res); })); const executePromise = (sql: string, args: any[]) =>
new Promise((resolve, reject) =>
dbConn.execute(sql, args, (err, res) => {
if (err) reject(err);
else resolve(res);
}),
);
const savePerf = async (time: number, name: string, error?: string | Error) => { const savePerf = async (time: number, name: string, error?: string | Error) => {
if (error && typeof error != "string") error = error.message; if (error && typeof error != "string") error = error.message;
try { try {
await executePromise("INSERT INTO performance (value, endpoint, timestamp, error) VALUES (?, ?, ?, ?)", [time ?? 0, name, new Date(), error ?? null]); await executePromise(
"INSERT INTO performance (value, endpoint, timestamp, error) VALUES (?, ?, ?, ?)",
[time ?? 0, name, new Date(), error ?? null],
);
// await executePromise("DELETE FROM performance WHERE DATE(timestamp) < now() - interval ? DAY", [process.env.RETENTION_DAYS]); // await executePromise("DELETE FROM performance WHERE DATE(timestamp) < now() - interval ? DAY", [process.env.RETENTION_DAYS]);
} } catch (e) {
catch (e) {
console.error(e); console.error(e);
} }
}; };
@ -23,7 +31,11 @@ const doMeasurements = async (channel: Discord.TextChannel) => {
timestamp = Date.now(); timestamp = Date.now();
await channel.send("hello this is a special message kthxbye"); await channel.send("hello this is a special message kthxbye");
setTimeout(doMeasurements, parseInt(process.env.MEASURE_INTERVAL as string), channel); setTimeout(
doMeasurements,
parseInt(process.env.MEASURE_INTERVAL as string),
channel,
);
}; };
const instance = { const instance = {
@ -37,8 +49,8 @@ const client = new Fosscord.Client({
intents: [], intents: [],
http: { http: {
api: instance.api, api: instance.api,
cdn: instance.cdn cdn: instance.cdn,
} },
}); });
client.on("ready", async () => { client.on("ready", async () => {
@ -52,19 +64,24 @@ client.on("ready", async () => {
client.on("messageCreate", async (msg: Discord.Message) => { client.on("messageCreate", async (msg: Discord.Message) => {
if (!timestamp) return; if (!timestamp) return;
if (msg.author.id != "992745947417141682" if (
|| msg.channel.id != "1019955729054267764" msg.author.id != "992745947417141682" ||
|| msg.content != "hello this is a special message kthxbye") msg.channel.id != "1019955729054267764" ||
msg.content != "hello this is a special message kthxbye"
)
return; return;
await savePerf(Date.now() - timestamp, "messageCreate", undefined); await savePerf(Date.now() - timestamp, "messageCreate", undefined);
timestamp = undefined; timestamp = undefined;
await fetch(`${instance.api}/channels/1019955729054267764/messages/${msg.id}`, { await fetch(
method: "DELETE", `${instance.api}/channels/1019955729054267764/messages/${msg.id}`,
headers: { {
authorization: instance.token method: "DELETE",
} headers: {
}) authorization: instance.token,
},
},
);
}); });
client.on("error", (error: any) => { client.on("error", (error: any) => {
@ -79,4 +96,4 @@ client.on("warn", (msg: any) => {
await new Promise((resolve) => dbConn.connect(resolve)); await new Promise((resolve) => dbConn.connect(resolve));
console.log("Connected to db"); console.log("Connected to db");
await client.login(instance.token); await client.login(instance.token);
})(); })();

View File

@ -4,7 +4,13 @@ import mysql from "mysql2";
import fetch from "node-fetch"; import fetch from "node-fetch";
const dbConn = mysql.createConnection(process.env.DATABASE as string); const dbConn = mysql.createConnection(process.env.DATABASE as string);
const executePromise = (sql: string, args: any[]) => new Promise((resolve, reject) => dbConn.execute(sql, args, (err, res) => { if (err) reject(err); else resolve(res); })); const executePromise = (sql: string, args: any[]) =>
new Promise((resolve, reject) =>
dbConn.execute(sql, args, (err, res) => {
if (err) reject(err);
else resolve(res);
}),
);
const instance = { const instance = {
app: process.env.INSTANCE_WEB_APP as string, app: process.env.INSTANCE_WEB_APP as string,
@ -16,73 +22,86 @@ const instance = {
const savePerf = async (time: number, name: string, error?: string | Error) => { const savePerf = async (time: number, name: string, error?: string | Error) => {
if (error && typeof error != "string") error = error.message; if (error && typeof error != "string") error = error.message;
try { try {
await executePromise("INSERT INTO performance (value, endpoint, timestamp, error) VALUES (?, ?, ?, ?)", [time ?? 0, name, new Date(), error ?? null]); await executePromise(
"INSERT INTO performance (value, endpoint, timestamp, error) VALUES (?, ?, ?, ?)",
[time ?? 0, name, new Date(), error ?? null],
);
// await executePromise("DELETE FROM performance WHERE DATE(timestamp) < now() - interval ? DAY", [process.env.RETENTION_DAYS]); // await executePromise("DELETE FROM performance WHERE DATE(timestamp) < now() - interval ? DAY", [process.env.RETENTION_DAYS]);
} } catch (e) {
catch (e) {
console.error(e); console.error(e);
} }
}; };
const saveSystemUsage = async (load: number, procUptime: number, sysUptime: number, ram: number, sessions: number) => { const saveSystemUsage = async (
load: number,
procUptime: number,
sysUptime: number,
ram: number,
sessions: number,
) => {
try { try {
await executePromise("INSERT INTO monitor (time, cpu, procUp, sysUp, ram, sessions) VALUES (?, ?, ?, ?, ?, ?)", [new Date(), load, procUptime, sysUptime, ram, sessions]); await executePromise(
} "INSERT INTO monitor (time, cpu, procUp, sysUp, ram, sessions) VALUES (?, ?, ?, ?, ?, ?)",
catch (e) { [new Date(), load, procUptime, sysUptime, ram, sessions],
);
} catch (e) {
console.error(e); console.error(e);
} }
}; };
const makeTimedRequest = (path: string, body?: object): Promise<number> => new Promise((resolve, reject) => { const makeTimedRequest = (path: string, body?: object): Promise<number> =>
const opts = { new Promise((resolve, reject) => {
hostname: new URL(path).hostname, const opts = {
port: 443, hostname: new URL(path).hostname,
path: new URL(path).pathname, port: 443,
method: "GET", path: new URL(path).pathname,
headers: { method: "GET",
"Content-Type": "application/json", headers: {
"Authorization": instance.token, "Content-Type": "application/json",
}, Authorization: instance.token,
timeout: 1000, },
}; timeout: 1000,
};
let start: number, end: number; let start: number, end: number;
const req = https.request(opts, res => { const req = https.request(opts, (res) => {
if (res.statusCode! < 200 || res.statusCode! > 300) { if (res.statusCode! < 200 || res.statusCode! > 300) {
return reject(`${res.statusCode} ${res.statusMessage}`); return reject(`${res.statusCode} ${res.statusMessage}`);
} }
res.on("data", (data) => { res.on("data", (data) => {});
res.on("end", () => {
end = Date.now();
resolve(end - start);
});
}); });
res.on("end", () => { req.on("finish", () => {
end = Date.now(); if (body) req.write(JSON.stringify(body));
resolve(end - start); start = Date.now();
}); });
});
req.on("finish", () => { req.on("error", (error) => {
if (body) req.write(JSON.stringify(body)); reject(error);
start = Date.now(); });
});
req.on("error", (error) => { req.end();
reject(error);
}); });
req.end();
});
const measureApi = async (name: string, path: string, body?: object) => { const measureApi = async (name: string, path: string, body?: object) => {
let error, time = -1; let error,
time = -1;
try { try {
time = await makeTimedRequest(path, body); time = await makeTimedRequest(path, body);
} } catch (e) {
catch (e) {
error = e as Error | string; error = e as Error | string;
} }
console.log(`${name} took ${time}ms ${(error ? "with error" : "")}`, error ?? ""); console.log(
`${name} took ${time}ms ${error ? "with error" : ""}`,
error ?? "",
);
await savePerf(time, name, error); await savePerf(time, name, error);
}; };
@ -100,7 +119,11 @@ const app = async () => {
console.log("Connected to db"); console.log("Connected to db");
// await client.login(instance.token); // await client.login(instance.token);
console.log(`Monitoring performance for instance at ${new URL(instance.api).hostname}`); console.log(
`Monitoring performance for instance at ${
new URL(instance.api).hostname
}`,
);
const doMeasurements = async () => { const doMeasurements = async () => {
await measureApi("ping", `${instance.api}/ping`); await measureApi("ping", `${instance.api}/ping`);
@ -112,18 +135,25 @@ const app = async () => {
const res = await fetch(`${instance.api}/-/monitorz`, { const res = await fetch(`${instance.api}/-/monitorz`, {
headers: { headers: {
Authorization: process.env.INSTANCE_TOKEN as string, Authorization: process.env.INSTANCE_TOKEN as string,
} },
}); });
const json = await res.json() as monitorzSchema; const json = (await res.json()) as monitorzSchema;
await saveSystemUsage(json.load[1], json.procUptime, json.sysUptime, json.memPercent, json.sessions); await saveSystemUsage(
} json.load[1],
catch (e) { json.procUptime,
} json.sysUptime,
json.memPercent,
json.sessions,
);
} catch (e) {}
setTimeout(doMeasurements, parseInt(process.env.MEASURE_INTERVAL as string)); setTimeout(
doMeasurements,
parseInt(process.env.MEASURE_INTERVAL as string),
);
}; };
doMeasurements(); doMeasurements();
}; };
app(); app();

View File

@ -1,10 +1,6 @@
{ {
"exclude": [ "exclude": ["node_modules"],
"node_modules" "include": ["src/**/*.ts"],
],
"include": [
"src/**/*.ts"
],
"compilerOptions": { "compilerOptions": {
/* Visit https://aka.ms/tsconfig.json to read more about this file */ /* Visit https://aka.ms/tsconfig.json to read more about this file */
/* Projects */ /* Projects */
@ -15,10 +11,12 @@
// "disableSolutionSearching": true, /* Opt a project out of multi-project reference checking when editing. */ // "disableSolutionSearching": true, /* Opt a project out of multi-project reference checking when editing. */
// "disableReferencedProjectLoad": true, /* Reduce the number of projects loaded automatically by TypeScript. */ // "disableReferencedProjectLoad": true, /* Reduce the number of projects loaded automatically by TypeScript. */
/* Language and Environment */ /* Language and Environment */
"target": "ES6", /* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */ "target": "ES6" /* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */,
"lib": ["ES2021"], /* Specify a set of bundled library declaration files that describe the target runtime environment. */ "lib": [
"ES2021"
] /* Specify a set of bundled library declaration files that describe the target runtime environment. */,
// "jsx": "preserve", /* Specify what JSX code is generated. */ // "jsx": "preserve", /* Specify what JSX code is generated. */
"experimentalDecorators": true, /* Enable experimental support for TC39 stage 2 draft decorators. */ "experimentalDecorators": true /* Enable experimental support for TC39 stage 2 draft decorators. */,
// "emitDecoratorMetadata": true, /* Emit design-type metadata for decorated declarations in source files. */ // "emitDecoratorMetadata": true, /* Emit design-type metadata for decorated declarations in source files. */
// "jsxFactory": "", /* Specify the JSX factory function used when targeting React JSX emit, e.g. 'React.createElement' or 'h' */ // "jsxFactory": "", /* Specify the JSX factory function used when targeting React JSX emit, e.g. 'React.createElement' or 'h' */
// "jsxFragmentFactory": "", /* Specify the JSX Fragment reference used for fragments when targeting React JSX emit e.g. 'React.Fragment' or 'Fragment'. */ // "jsxFragmentFactory": "", /* Specify the JSX Fragment reference used for fragments when targeting React JSX emit e.g. 'React.Fragment' or 'Fragment'. */
@ -27,14 +25,16 @@
// "noLib": true, /* Disable including any library files, including the default lib.d.ts. */ // "noLib": true, /* Disable including any library files, including the default lib.d.ts. */
// "useDefineForClassFields": true, /* Emit ECMAScript-standard-compliant class fields. */ // "useDefineForClassFields": true, /* Emit ECMAScript-standard-compliant class fields. */
/* Modules */ /* Modules */
"module": "ES2020", /* Specify what module code is generated. */ "module": "ES2020" /* Specify what module code is generated. */,
// "rootDir": "./", /* Specify the root folder within your source files. */ // "rootDir": "./", /* Specify the root folder within your source files. */
"moduleResolution": "node", /* Specify how TypeScript looks up a file from a given module specifier. */ "moduleResolution": "node" /* Specify how TypeScript looks up a file from a given module specifier. */,
// "baseUrl": "./", /* Specify the base directory to resolve non-relative module names. */ // "baseUrl": "./", /* Specify the base directory to resolve non-relative module names. */
// "paths": {}, /* Specify a set of entries that re-map imports to additional lookup locations. */ // "paths": {}, /* Specify a set of entries that re-map imports to additional lookup locations. */
// "rootDirs": [], /* Allow multiple folders to be treated as one when resolving modules. */ // "rootDirs": [], /* Allow multiple folders to be treated as one when resolving modules. */
// "typeRoots": [], /* Specify multiple folders that act like `./node_modules/@types`. */ // "typeRoots": [], /* Specify multiple folders that act like `./node_modules/@types`. */
"types": ["node"], /* Specify type package names to be included without being referenced in a source file. */ "types": [
"node"
] /* Specify type package names to be included without being referenced in a source file. */,
// "allowUmdGlobalAccess": true, /* Allow accessing UMD globals from modules. */ // "allowUmdGlobalAccess": true, /* Allow accessing UMD globals from modules. */
// "resolveJsonModule": true, /* Enable importing .json files */ // "resolveJsonModule": true, /* Enable importing .json files */
// "noResolve": true, /* Disallow `import`s, `require`s or `<reference>`s from expanding the number of files TypeScript should add to a project. */ // "noResolve": true, /* Disallow `import`s, `require`s or `<reference>`s from expanding the number of files TypeScript should add to a project. */
@ -46,9 +46,9 @@
// "declaration": true, /* Generate .d.ts files from TypeScript and JavaScript files in your project. */ // "declaration": true, /* Generate .d.ts files from TypeScript and JavaScript files in your project. */
// "declarationMap": true, /* Create sourcemaps for d.ts files. */ // "declarationMap": true, /* Create sourcemaps for d.ts files. */
// "emitDeclarationOnly": true, /* Only output d.ts files and not JavaScript files. */ // "emitDeclarationOnly": true, /* Only output d.ts files and not JavaScript files. */
"sourceMap": true, /* Create source map files for emitted JavaScript files. */ "sourceMap": true /* Create source map files for emitted JavaScript files. */,
// "outFile": "./", /* Specify a file that bundles all outputs into one JavaScript file. If `declaration` is true, also designates a file that bundles all .d.ts output. */ // "outFile": "./", /* Specify a file that bundles all outputs into one JavaScript file. If `declaration` is true, also designates a file that bundles all .d.ts output. */
"outDir": "./build", /* Specify an output folder for all emitted files. */ "outDir": "./build" /* Specify an output folder for all emitted files. */,
// "removeComments": true, /* Disable emitting comments. */ // "removeComments": true, /* Disable emitting comments. */
// "noEmit": true, /* Disable emitting files from a compilation. */ // "noEmit": true, /* Disable emitting files from a compilation. */
// "importHelpers": true, /* Allow importing helper functions from tslib once per project, instead of including them per-file. */ // "importHelpers": true, /* Allow importing helper functions from tslib once per project, instead of including them per-file. */
@ -69,16 +69,16 @@
/* Interop Constraints */ /* Interop Constraints */
// "isolatedModules": true, /* Ensure that each file can be safely transpiled without relying on other imports. */ // "isolatedModules": true, /* Ensure that each file can be safely transpiled without relying on other imports. */
// "allowSyntheticDefaultImports": true, /* Allow 'import x from y' when a module doesn't have a default export. */ // "allowSyntheticDefaultImports": true, /* Allow 'import x from y' when a module doesn't have a default export. */
"esModuleInterop": true, /* Emit additional JavaScript to ease support for importing CommonJS modules. This enables `allowSyntheticDefaultImports` for type compatibility. */ "esModuleInterop": true /* Emit additional JavaScript to ease support for importing CommonJS modules. This enables `allowSyntheticDefaultImports` for type compatibility. */,
// "preserveSymlinks": true, /* Disable resolving symlinks to their realpath. This correlates to the same flag in node. */ // "preserveSymlinks": true, /* Disable resolving symlinks to their realpath. This correlates to the same flag in node. */
"forceConsistentCasingInFileNames": true, /* Ensure that casing is correct in imports. */ "forceConsistentCasingInFileNames": true /* Ensure that casing is correct in imports. */,
/* Type Checking */ /* Type Checking */
"strict": true, /* Enable all strict type-checking options. */ "strict": true /* Enable all strict type-checking options. */,
// "noImplicitAny": true, /* Enable error reporting for expressions and declarations with an implied `any` type.. */ // "noImplicitAny": true, /* Enable error reporting for expressions and declarations with an implied `any` type.. */
// "strictNullChecks": true, /* When type checking, take into account `null` and `undefined`. */ // "strictNullChecks": true, /* When type checking, take into account `null` and `undefined`. */
// "strictFunctionTypes": true, /* When assigning functions, check to ensure parameters and the return values are subtype-compatible. */ // "strictFunctionTypes": true, /* When assigning functions, check to ensure parameters and the return values are subtype-compatible. */
// "strictBindCallApply": true, /* Check that the arguments for `bind`, `call`, and `apply` methods match the original function. */ // "strictBindCallApply": true, /* Check that the arguments for `bind`, `call`, and `apply` methods match the original function. */
"strictPropertyInitialization": false, /* Check for class properties that are declared but not set in the constructor. */ "strictPropertyInitialization": false /* Check for class properties that are declared but not set in the constructor. */,
// "noImplicitThis": true, /* Enable error reporting when `this` is given the type `any`. */ // "noImplicitThis": true, /* Enable error reporting when `this` is given the type `any`. */
// "useUnknownInCatchVariables": true, /* Type catch clause variables as 'unknown' instead of 'any'. */ // "useUnknownInCatchVariables": true, /* Type catch clause variables as 'unknown' instead of 'any'. */
// "alwaysStrict": true, /* Ensure 'use strict' is always emitted. */ // "alwaysStrict": true, /* Ensure 'use strict' is always emitted. */
@ -96,4 +96,4 @@
// "skipDefaultLibCheck": true, /* Skip type checking .d.ts files that are included with TypeScript. */ // "skipDefaultLibCheck": true, /* Skip type checking .d.ts files that are included with TypeScript. */
"skipLibCheck": true /* Skip type checking all .d.ts files. */ "skipLibCheck": true /* Skip type checking all .d.ts files. */
} }
} }

View File

@ -12,7 +12,7 @@ import { initTranslation } from "./middlewares/Translation";
import morgan from "morgan"; import morgan from "morgan";
import { initInstance } from "./util/handlers/Instance"; import { initInstance } from "./util/handlers/Instance";
import { registerRoutes } from "@fosscord/util"; import { registerRoutes } from "@fosscord/util";
import { red } from "picocolors" import { red } from "picocolors";
export interface FosscordServerOptions extends ServerOptions {} export interface FosscordServerOptions extends ServerOptions {}
@ -44,13 +44,18 @@ export class FosscordServer extends Server {
this.app.use( this.app.use(
morgan("combined", { morgan("combined", {
skip: (req, res) => { skip: (req, res) => {
var skip = !(process.env["LOG_REQUESTS"]?.includes(res.statusCode.toString()) ?? false); var skip = !(
if (process.env["LOG_REQUESTS"]?.charAt(0) == "-") skip = !skip; process.env["LOG_REQUESTS"]?.includes(
res.statusCode.toString(),
) ?? false
);
if (process.env["LOG_REQUESTS"]?.charAt(0) == "-")
skip = !skip;
return skip; return skip;
} },
}) }),
); );
}; }
this.app.use(CORS); this.app.use(CORS);
this.app.use(BodyParser({ inflate: true, limit: "10mb" })); this.app.use(BodyParser({ inflate: true, limit: "10mb" }));
@ -63,16 +68,22 @@ export class FosscordServer extends Server {
await initRateLimits(api); await initRateLimits(api);
await initTranslation(api); await initTranslation(api);
this.routes = await registerRoutes(this, path.join(__dirname, "routes", "/")); this.routes = await registerRoutes(
this,
path.join(__dirname, "routes", "/"),
);
api.use("*", (error: any, req: Request, res: Response, next: NextFunction) => { api.use(
if (error) return next(error); "*",
res.status(404).json({ (error: any, req: Request, res: Response, next: NextFunction) => {
message: "404 endpoint not found", if (error) return next(error);
code: 0 res.status(404).json({
}); message: "404 endpoint not found",
next(); code: 0,
}); });
next();
},
);
this.app = app; this.app = app;
@ -87,8 +98,13 @@ export class FosscordServer extends Server {
this.app.use(ErrorHandler); this.app.use(ErrorHandler);
TestClient(this.app); TestClient(this.app);
if (logRequests) console.log(red(`Warning: Request logging is enabled! This will spam your console!\nTo disable this, unset the 'LOG_REQUESTS' environment variable!`)); if (logRequests)
console.log(
red(
`Warning: Request logging is enabled! This will spam your console!\nTo disable this, unset the 'LOG_REQUESTS' environment variable!`,
),
);
return super.start(); return super.start();
} }
}; }

View File

@ -1,3 +1,3 @@
export * from "./Server"; export * from "./Server";
export * from "./middlewares/"; export * from "./middlewares/";
export * from "./util/"; export * from "./util/";

View File

@ -10,7 +10,7 @@ export const NO_AUTHORIZATION_ROUTES = [
"/auth/mfa/totp", "/auth/mfa/totp",
// Routes with a seperate auth system // Routes with a seperate auth system
"/webhooks/", "/webhooks/",
// Public information endpoints // Public information endpoints
"/ping", "/ping",
"/gateway", "/gateway",
"/experiments", "/experiments",
@ -26,7 +26,7 @@ export const NO_AUTHORIZATION_ROUTES = [
// Public policy pages // Public policy pages
"/policies/instance", "/policies/instance",
// Asset delivery // Asset delivery
/\/guilds\/\d+\/widget\.(json|png)/ /\/guilds\/\d+\/widget\.(json|png)/,
]; ];
export const API_PREFIX = /^\/api(\/v\d+)?/; export const API_PREFIX = /^\/api(\/v\d+)?/;
@ -43,7 +43,11 @@ declare global {
} }
} }
export async function Authentication(req: Request, res: Response, next: NextFunction) { export async function Authentication(
req: Request,
res: Response,
next: NextFunction,
) {
if (req.method === "OPTIONS") return res.sendStatus(204); if (req.method === "OPTIONS") return res.sendStatus(204);
const url = req.url.replace(API_PREFIX, ""); const url = req.url.replace(API_PREFIX, "");
if (url.startsWith("/invites") && req.method === "GET") return next(); if (url.startsWith("/invites") && req.method === "GET") return next();
@ -54,12 +58,16 @@ export async function Authentication(req: Request, res: Response, next: NextFunc
}) })
) )
return next(); return next();
if (!req.headers.authorization) return next(new HTTPError("Missing Authorization Header", 401)); if (!req.headers.authorization)
return next(new HTTPError("Missing Authorization Header", 401));
try { try {
const { jwtSecret } = Config.get().security; const { jwtSecret } = Config.get().security;
const { decoded, user }: any = await checkToken(req.headers.authorization, jwtSecret); const { decoded, user }: any = await checkToken(
req.headers.authorization,
jwtSecret,
);
req.token = decoded; req.token = decoded;
req.user_id = decoded.id; req.user_id = decoded.id;

View File

@ -6,7 +6,8 @@ export function BodyParser(opts?: OptionsJson) {
const jsonParser = bodyParser.json(opts); const jsonParser = bodyParser.json(opts);
return (req: Request, res: Response, next: NextFunction) => { return (req: Request, res: Response, next: NextFunction) => {
if (!req.headers["content-type"]) req.headers["content-type"] = "application/json"; if (!req.headers["content-type"])
req.headers["content-type"] = "application/json";
jsonParser(req, res, (err) => { jsonParser(req, res, (err) => {
if (err) { if (err) {

View File

@ -7,10 +7,16 @@ export function CORS(req: Request, res: Response, next: NextFunction) {
// TODO: use better CSP // TODO: use better CSP
res.set( res.set(
"Content-security-policy", "Content-security-policy",
"default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';" "default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';",
);
res.set(
"Access-Control-Allow-Headers",
req.header("Access-Control-Request-Headers") || "*",
);
res.set(
"Access-Control-Allow-Methods",
req.header("Access-Control-Request-Methods") || "*",
); );
res.set("Access-Control-Allow-Headers", req.header("Access-Control-Request-Headers") || "*");
res.set("Access-Control-Allow-Methods", req.header("Access-Control-Request-Methods") || "*");
next(); next();
} }

View File

@ -3,7 +3,12 @@ import { HTTPError } from "lambert-server";
import { ApiError, FieldError } from "@fosscord/util"; import { ApiError, FieldError } from "@fosscord/util";
const EntityNotFoundErrorRegex = /"(\w+)"/; const EntityNotFoundErrorRegex = /"(\w+)"/;
export function ErrorHandler(error: Error, req: Request, res: Response, next: NextFunction) { export function ErrorHandler(
error: Error,
req: Request,
res: Response,
next: NextFunction,
) {
if (!error) return next(); if (!error) return next();
try { try {
@ -12,20 +17,28 @@ export function ErrorHandler(error: Error, req: Request, res: Response, next: Ne
let message = error?.toString(); let message = error?.toString();
let errors = undefined; let errors = undefined;
if (error instanceof HTTPError && error.code) code = httpcode = error.code; if (error instanceof HTTPError && error.code)
code = httpcode = error.code;
else if (error instanceof ApiError) { else if (error instanceof ApiError) {
code = error.code; code = error.code;
message = error.message; message = error.message;
httpcode = error.httpStatus; httpcode = error.httpStatus;
} else if (error.name === "EntityNotFoundError") { } else if (error.name === "EntityNotFoundError") {
message = `${error.message.match(EntityNotFoundErrorRegex)?.[1] || "Item"} could not be found`; message = `${
error.message.match(EntityNotFoundErrorRegex)?.[1] || "Item"
} could not be found`;
code = httpcode = 404; code = httpcode = 404;
} else if (error instanceof FieldError) { } else if (error instanceof FieldError) {
code = Number(error.code); code = Number(error.code);
message = error.message; message = error.message;
errors = error.errors; errors = error.errors;
} else { } else {
console.error(`[Error] ${code} ${req.url}\n`, errors || error, "\nbody:", req.body); console.error(
`[Error] ${code} ${req.url}\n`,
errors || error,
"\nbody:",
req.body,
);
if (req.server?.options?.production) { if (req.server?.options?.production) {
// don't expose internal errors to the user, instead human errors should be thrown as HTTPError // don't expose internal errors to the user, instead human errors should be thrown as HTTPError
@ -39,6 +52,8 @@ export function ErrorHandler(error: Error, req: Request, res: Response, next: Ne
res.status(httpcode).json({ code: code, message, errors }); res.status(httpcode).json({ code: code, message, errors });
} catch (error) { } catch (error) {
console.error(`[Internal Server Error] 500`, error); console.error(`[Internal Server Error] 500`, error);
return res.status(500).json({ code: 500, message: "Internal Server Error" }); return res
.status(500)
.json({ code: 500, message: "Internal Server Error" });
} }
} }

View File

@ -40,21 +40,32 @@ export default function rateLimit(opts: {
success?: boolean; success?: boolean;
onlyIp?: boolean; onlyIp?: boolean;
}): any { }): any {
return async (req: Request, res: Response, next: NextFunction): Promise<any> => { return async (
req: Request,
res: Response,
next: NextFunction,
): Promise<any> => {
// exempt user? if so, immediately short circuit // exempt user? if so, immediately short circuit
if (req.user_id) { if (req.user_id) {
const rights = await getRights(req.user_id); const rights = await getRights(req.user_id);
if (rights.has("BYPASS_RATE_LIMITS")) return next(); if (rights.has("BYPASS_RATE_LIMITS")) return next();
} }
const bucket_id = opts.bucket || req.originalUrl.replace(API_PREFIX_TRAILING_SLASH, ""); const bucket_id =
opts.bucket ||
req.originalUrl.replace(API_PREFIX_TRAILING_SLASH, "");
let executor_id = getIpAdress(req); let executor_id = getIpAdress(req);
if (!opts.onlyIp && req.user_id) executor_id = req.user_id; if (!opts.onlyIp && req.user_id) executor_id = req.user_id;
let max_hits = opts.count; let max_hits = opts.count;
if (opts.bot && req.user_bot) max_hits = opts.bot; if (opts.bot && req.user_bot) max_hits = opts.bot;
if (opts.GET && ["GET", "OPTIONS", "HEAD"].includes(req.method)) max_hits = opts.GET; if (opts.GET && ["GET", "OPTIONS", "HEAD"].includes(req.method))
else if (opts.MODIFY && ["POST", "DELETE", "PATCH", "PUT"].includes(req.method)) max_hits = opts.MODIFY; max_hits = opts.GET;
else if (
opts.MODIFY &&
["POST", "DELETE", "PATCH", "PUT"].includes(req.method)
)
max_hits = opts.MODIFY;
let offender = Cache.get(executor_id + bucket_id); let offender = Cache.get(executor_id + bucket_id);
@ -75,11 +86,15 @@ export default function rateLimit(opts: {
const global = bucket_id === "global"; const global = bucket_id === "global";
// each block violation pushes the expiry one full window further // each block violation pushes the expiry one full window further
reset += opts.window * 1000; reset += opts.window * 1000;
offender.expires_at = new Date(offender.expires_at.getTime() + opts.window * 1000); offender.expires_at = new Date(
offender.expires_at.getTime() + opts.window * 1000,
);
resetAfterMs = reset - Date.now(); resetAfterMs = reset - Date.now();
resetAfterSec = Math.ceil(resetAfterMs / 1000); resetAfterSec = Math.ceil(resetAfterMs / 1000);
console.log(`blocked bucket: ${bucket_id} ${executor_id}`, { resetAfterMs }); console.log(`blocked bucket: ${bucket_id} ${executor_id}`, {
resetAfterMs,
});
return ( return (
res res
.status(429) .status(429)
@ -91,20 +106,33 @@ export default function rateLimit(opts: {
.set("Retry-After", `${Math.ceil(resetAfterSec)}`) .set("Retry-After", `${Math.ceil(resetAfterSec)}`)
.set("X-RateLimit-Bucket", `${bucket_id}`) .set("X-RateLimit-Bucket", `${bucket_id}`)
// TODO: error rate limit message translation // TODO: error rate limit message translation
.send({ message: "You are being rate limited.", retry_after: resetAfterSec, global }) .send({
message: "You are being rate limited.",
retry_after: resetAfterSec,
global,
})
); );
} }
} }
next(); next();
const hitRouteOpts = { bucket_id, executor_id, max_hits, window: opts.window }; const hitRouteOpts = {
bucket_id,
executor_id,
max_hits,
window: opts.window,
};
if (opts.error || opts.success) { if (opts.error || opts.success) {
res.once("finish", () => { res.once("finish", () => {
// check if error and increment error rate limit // check if error and increment error rate limit
if (res.statusCode >= 400 && opts.error) { if (res.statusCode >= 400 && opts.error) {
return hitRoute(hitRouteOpts); return hitRoute(hitRouteOpts);
} else if (res.statusCode >= 200 && res.statusCode < 300 && opts.success) { } else if (
res.statusCode >= 200 &&
res.statusCode < 300 &&
opts.success
) {
return hitRoute(hitRouteOpts); return hitRoute(hitRouteOpts);
} }
}); });
@ -141,8 +169,8 @@ export async function initRateLimits(app: Router) {
rateLimit({ rateLimit({
bucket: "global", bucket: "global",
onlyIp: true, onlyIp: true,
...ip ...ip,
}) }),
); );
app.use(rateLimit({ bucket: "global", ...global })); app.use(rateLimit({ bucket: "global", ...global }));
app.use( app.use(
@ -150,17 +178,25 @@ export async function initRateLimits(app: Router) {
bucket: "error", bucket: "error",
error: true, error: true,
onlyIp: true, onlyIp: true,
...error ...error,
}) }),
); );
app.use("/guilds/:id", rateLimit(routes.guild)); app.use("/guilds/:id", rateLimit(routes.guild));
app.use("/webhooks/:id", rateLimit(routes.webhook)); app.use("/webhooks/:id", rateLimit(routes.webhook));
app.use("/channels/:id", rateLimit(routes.channel)); app.use("/channels/:id", rateLimit(routes.channel));
app.use("/auth/login", rateLimit(routes.auth.login)); app.use("/auth/login", rateLimit(routes.auth.login));
app.use("/auth/register", rateLimit({ onlyIp: true, success: true, ...routes.auth.register })); app.use(
"/auth/register",
rateLimit({ onlyIp: true, success: true, ...routes.auth.register }),
);
} }
async function hitRoute(opts: { executor_id: string; bucket_id: string; max_hits: number; window: number; }) { async function hitRoute(opts: {
executor_id: string;
bucket_id: string;
max_hits: number;
window: number;
}) {
const id = opts.executor_id + opts.bucket_id; const id = opts.executor_id + opts.bucket_id;
let limit = Cache.get(id); let limit = Cache.get(id);
if (!limit) { if (!limit) {
@ -169,7 +205,7 @@ async function hitRoute(opts: { executor_id: string; bucket_id: string; max_hits
executor_id: opts.executor_id, executor_id: opts.executor_id,
expires_at: new Date(Date.now() + opts.window * 1000), expires_at: new Date(Date.now() + opts.window * 1000),
hits: 0, hits: 0,
blocked: false blocked: false,
}; };
Cache.set(id, limit); Cache.set(id, limit);
} }
@ -205,4 +241,4 @@ async function hitRoute(opts: { executor_id: string; bucket_id: string; max_hits
} }
await ratelimit.save(); await ratelimit.save();
*/ */
} }

View File

@ -9,8 +9,12 @@ const ASSET_FOLDER_PATH = path.join(__dirname, "..", "..", "..", "assets");
export async function initTranslation(router: Router) { export async function initTranslation(router: Router) {
const languages = fs.readdirSync(path.join(ASSET_FOLDER_PATH, "locales")); const languages = fs.readdirSync(path.join(ASSET_FOLDER_PATH, "locales"));
const namespaces = fs.readdirSync(path.join(ASSET_FOLDER_PATH, "locales", "en")); const namespaces = fs.readdirSync(
const ns = namespaces.filter((x) => x.endsWith(".json")).map((x) => x.slice(0, x.length - 5)); path.join(ASSET_FOLDER_PATH, "locales", "en"),
);
const ns = namespaces
.filter((x) => x.endsWith(".json"))
.map((x) => x.slice(0, x.length - 5));
await i18next await i18next
.use(i18nextBackend) .use(i18nextBackend)
@ -21,9 +25,11 @@ export async function initTranslation(router: Router) {
fallbackLng: "en", fallbackLng: "en",
ns, ns,
backend: { backend: {
loadPath: path.join(ASSET_FOLDER_PATH, "locales") + "/{{lng}}/{{ns}}.json", loadPath:
path.join(ASSET_FOLDER_PATH, "locales") +
"/{{lng}}/{{ns}}.json",
}, },
load: "all" load: "all",
}); });
router.use(i18nextMiddleware.handle(i18next, {})); router.use(i18nextMiddleware.handle(i18next, {}));

View File

@ -5,14 +5,18 @@ import os from "os";
const router = Router(); const router = Router();
router.get("/", route({ right: "OPERATOR" }), async (req: Request, res: Response) => { router.get(
return res.json({ "/",
load: os.loadavg(), route({ right: "OPERATOR" }),
procUptime: process.uptime(), async (req: Request, res: Response) => {
sysUptime: os.uptime(), return res.json({
memPercent: 100 - ((os.freemem() / os.totalmem()) * 100), load: os.loadavg(),
sessions: await Session.count(), procUptime: process.uptime(),
}) sysUptime: os.uptime(),
}) memPercent: 100 - (os.freemem() / os.totalmem()) * 100,
sessions: await Session.count(),
});
},
);
export default router; export default router;

View File

@ -3,11 +3,15 @@ import { route } from "@fosscord/api";
import { getIpAdress, IPAnalysis } from "@fosscord/api"; import { getIpAdress, IPAnalysis } from "@fosscord/api";
const router = Router(); const router = Router();
router.get("/",route({}), async (req: Request, res: Response) => { router.get("/", route({}), async (req: Request, res: Response) => {
//TODO //TODO
//Note: It's most likely related to legal. At the moment Discord hasn't finished this too //Note: It's most likely related to legal. At the moment Discord hasn't finished this too
const country_code = (await IPAnalysis(getIpAdress(req))).country_code; const country_code = (await IPAnalysis(getIpAdress(req))).country_code;
res.json({ consent_required: false, country_code: country_code, promotional_email_opt_in: { required: true, pre_checked: false}}); res.json({
consent_required: false,
country_code: country_code,
promotional_email_opt_in: { required: true, pre_checked: false },
});
}); });
export default router; export default router;

View File

@ -1,84 +1,127 @@
import { Request, Response, Router } from "express"; import { Request, Response, Router } from "express";
import { route, getIpAdress, verifyCaptcha } from "@fosscord/api"; import { route, getIpAdress, verifyCaptcha } from "@fosscord/api";
import bcrypt from "bcrypt"; import bcrypt from "bcrypt";
import { Config, User, generateToken, adjustEmail, FieldErrors, LoginSchema } from "@fosscord/util"; import {
Config,
User,
generateToken,
adjustEmail,
FieldErrors,
LoginSchema,
} from "@fosscord/util";
import crypto from "crypto"; import crypto from "crypto";
const router: Router = Router(); const router: Router = Router();
export default router; export default router;
router.post("/", route({ body: "LoginSchema" }), async (req: Request, res: Response) => { router.post(
const { login, password, captcha_key, undelete } = req.body as LoginSchema; "/",
const email = adjustEmail(login); route({ body: "LoginSchema" }),
console.log("login", email); async (req: Request, res: Response) => {
const { login, password, captcha_key, undelete } =
req.body as LoginSchema;
const email = adjustEmail(login);
console.log("login", email);
const config = Config.get(); const config = Config.get();
if (config.login.requireCaptcha && config.security.captcha.enabled) { if (config.login.requireCaptcha && config.security.captcha.enabled) {
const { sitekey, service } = config.security.captcha; const { sitekey, service } = config.security.captcha;
if (!captcha_key) { if (!captcha_key) {
return res.status(400).json({ return res.status(400).json({
captcha_key: ["captcha-required"], captcha_key: ["captcha-required"],
captcha_sitekey: sitekey, captcha_sitekey: sitekey,
captcha_service: service captcha_service: service,
});
}
const ip = getIpAdress(req);
const verify = await verifyCaptcha(captcha_key, ip);
if (!verify.success) {
return res.status(400).json({
captcha_key: verify["error-codes"],
captcha_sitekey: sitekey,
captcha_service: service,
});
}
}
const user = await User.findOneOrFail({
where: [{ phone: login }, { email: login }],
select: [
"data",
"id",
"disabled",
"deleted",
"settings",
"totp_secret",
"mfa_enabled",
],
}).catch((e) => {
throw FieldErrors({
login: {
message: req.t("auth:login.INVALID_LOGIN"),
code: "INVALID_LOGIN",
},
});
});
if (undelete) {
// undelete refers to un'disable' here
if (user.disabled)
await User.update({ id: user.id }, { disabled: false });
if (user.deleted)
await User.update({ id: user.id }, { deleted: false });
} else {
if (user.deleted)
return res.status(400).json({
message: "This account is scheduled for deletion.",
code: 20011,
});
if (user.disabled)
return res.status(400).json({
message: req.t("auth:login.ACCOUNT_DISABLED"),
code: 20013,
});
}
// the salt is saved in the password refer to bcrypt docs
const same_password = await bcrypt.compare(
password,
user.data.hash || "",
);
if (!same_password) {
throw FieldErrors({
password: {
message: req.t("auth:login.INVALID_PASSWORD"),
code: "INVALID_PASSWORD",
},
}); });
} }
const ip = getIpAdress(req); if (user.mfa_enabled) {
const verify = await verifyCaptcha(captcha_key, ip); // TODO: This is not a discord.com ticket. I'm not sure what it is but I'm lazy
if (!verify.success) { const ticket = crypto.randomBytes(40).toString("hex");
return res.status(400).json({
captcha_key: verify["error-codes"], await User.update({ id: user.id }, { totp_last_ticket: ticket });
captcha_sitekey: sitekey,
captcha_service: service return res.json({
ticket: ticket,
mfa: true,
sms: false, // TODO
token: null,
}); });
} }
}
const user = await User.findOneOrFail({ const token = await generateToken(user.id);
where: [{ phone: login }, { email: login }],
select: ["data", "id", "disabled", "deleted", "settings", "totp_secret", "mfa_enabled"]
}).catch((e) => {
throw FieldErrors({ login: { message: req.t("auth:login.INVALID_LOGIN"), code: "INVALID_LOGIN" } });
});
if (undelete) { // Notice this will have a different token structure, than discord
// undelete refers to un'disable' here // Discord header is just the user id as string, which is not possible with npm-jsonwebtoken package
if (user.disabled) await User.update({ id: user.id }, { disabled: false }); // https://user-images.githubusercontent.com/6506416/81051916-dd8c9900-8ec2-11ea-8794-daf12d6f31f0.png
if (user.deleted) await User.update({ id: user.id }, { deleted: false });
} else {
if (user.deleted) return res.status(400).json({ message: "This account is scheduled for deletion.", code: 20011 });
if (user.disabled) return res.status(400).json({ message: req.t("auth:login.ACCOUNT_DISABLED"), code: 20013 });
}
// the salt is saved in the password refer to bcrypt docs res.json({ token, settings: user.settings });
const same_password = await bcrypt.compare(password, user.data.hash || ""); },
if (!same_password) { );
throw FieldErrors({ password: { message: req.t("auth:login.INVALID_PASSWORD"), code: "INVALID_PASSWORD" } });
}
if (user.mfa_enabled) {
// TODO: This is not a discord.com ticket. I'm not sure what it is but I'm lazy
const ticket = crypto.randomBytes(40).toString("hex");
await User.update({ id: user.id }, { totp_last_ticket: ticket });
return res.json({
ticket: ticket,
mfa: true,
sms: false, // TODO
token: null,
})
}
const token = await generateToken(user.id);
// Notice this will have a different token structure, than discord
// Discord header is just the user id as string, which is not possible with npm-jsonwebtoken package
// https://user-images.githubusercontent.com/6506416/81051916-dd8c9900-8ec2-11ea-8794-daf12d6f31f0.png
res.json({ token, settings: user.settings });
});
/** /**
* POST /auth/login * POST /auth/login

View File

@ -10,7 +10,8 @@ router.post("/", route({}), async (req: Request, res: Response) => {
} else { } else {
delete req.body.provider; delete req.body.provider;
delete req.body.voip_provider; delete req.body.voip_provider;
if (Object.keys(req.body).length != 0) console.log(`[LOGOUT]: Extra fields sent in logout!`, req.body); if (Object.keys(req.body).length != 0)
console.log(`[LOGOUT]: Extra fields sent in logout!`, req.body);
} }
res.status(204).send(); res.status(204).send();
}); });

View File

@ -5,45 +5,48 @@ import { verifyToken } from "node-2fa";
import { HTTPError } from "lambert-server"; import { HTTPError } from "lambert-server";
const router = Router(); const router = Router();
router.post("/", route({ body: "TotpSchema" }), async (req: Request, res: Response) => { router.post(
const { code, ticket, gift_code_sku_id, login_source } = req.body as TotpSchema; "/",
route({ body: "TotpSchema" }),
async (req: Request, res: Response) => {
const { code, ticket, gift_code_sku_id, login_source } =
req.body as TotpSchema;
const user = await User.findOneOrFail({ const user = await User.findOneOrFail({
where: { where: {
totp_last_ticket: ticket, totp_last_ticket: ticket,
}, },
select: [ select: ["id", "totp_secret", "settings"],
"id", });
"totp_secret",
"settings",
],
});
const backup = await BackupCode.findOne({ const backup = await BackupCode.findOne({
where: { where: {
code: code, code: code,
expired: false, expired: false,
consumed: false, consumed: false,
user: { id: user.id } user: { id: user.id },
},
});
if (!backup) {
const ret = verifyToken(user.totp_secret!, code);
if (!ret || ret.delta != 0)
throw new HTTPError(
req.t("auth:login.INVALID_TOTP_CODE"),
60008,
);
} else {
backup.consumed = true;
await backup.save();
} }
});
if (!backup) { await User.update({ id: user.id }, { totp_last_ticket: "" });
const ret = verifyToken(user.totp_secret!, code);
if (!ret || ret.delta != 0)
throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008);
}
else {
backup.consumed = true;
await backup.save();
}
await User.update({ id: user.id }, { totp_last_ticket: "" }); return res.json({
token: await generateToken(user.id),
return res.json({ user_settings: user.settings,
token: await generateToken(user.id), });
user_settings: user.settings, },
}); );
});
export default router; export default router;

View File

@ -1,156 +1,215 @@
import { Request, Response, Router } from "express"; import { Request, Response, Router } from "express";
import { Config, generateToken, Invite, FieldErrors, User, adjustEmail, RegisterSchema } from "@fosscord/util"; import {
import { route, getIpAdress, IPAnalysis, isProxy, verifyCaptcha } from "@fosscord/api"; Config,
generateToken,
Invite,
FieldErrors,
User,
adjustEmail,
RegisterSchema,
} from "@fosscord/util";
import {
route,
getIpAdress,
IPAnalysis,
isProxy,
verifyCaptcha,
} from "@fosscord/api";
import bcrypt from "bcrypt"; import bcrypt from "bcrypt";
import { HTTPError } from "lambert-server"; import { HTTPError } from "lambert-server";
const router: Router = Router(); const router: Router = Router();
router.post("/", route({ body: "RegisterSchema" }), async (req: Request, res: Response) => { router.post(
const body = req.body as RegisterSchema; "/",
const { register, security } = Config.get(); route({ body: "RegisterSchema" }),
const ip = getIpAdress(req); async (req: Request, res: Response) => {
const body = req.body as RegisterSchema;
const { register, security } = Config.get();
const ip = getIpAdress(req);
// email will be slightly modified version of the user supplied email -> e.g. protection against GMail Trick // email will be slightly modified version of the user supplied email -> e.g. protection against GMail Trick
let email = adjustEmail(body.email); let email = adjustEmail(body.email);
// check if registration is allowed // check if registration is allowed
if (!register.allowNewRegistration) { if (!register.allowNewRegistration) {
throw FieldErrors({ throw FieldErrors({
email: { code: "REGISTRATION_DISABLED", message: req.t("auth:register.REGISTRATION_DISABLED") } email: {
}); code: "REGISTRATION_DISABLED",
} message: req.t("auth:register.REGISTRATION_DISABLED"),
},
});
}
// check if the user agreed to the Terms of Service // check if the user agreed to the Terms of Service
if (!body.consent) { if (!body.consent) {
throw FieldErrors({ throw FieldErrors({
consent: { code: "CONSENT_REQUIRED", message: req.t("auth:register.CONSENT_REQUIRED") } consent: {
}); code: "CONSENT_REQUIRED",
} message: req.t("auth:register.CONSENT_REQUIRED"),
},
});
}
if (register.disabled) { if (register.disabled) {
throw FieldErrors({ throw FieldErrors({
email: { email: {
code: "DISABLED", code: "DISABLED",
message: "registration is disabled on this instance" message: "registration is disabled on this instance",
},
});
}
if (register.requireCaptcha && security.captcha.enabled) {
const { sitekey, service } = security.captcha;
if (!body.captcha_key) {
return res?.status(400).json({
captcha_key: ["captcha-required"],
captcha_sitekey: sitekey,
captcha_service: service,
});
} }
});
}
if (register.requireCaptcha && security.captcha.enabled) { const verify = await verifyCaptcha(body.captcha_key, ip);
const { sitekey, service } = security.captcha; if (!verify.success) {
if (!body.captcha_key) { return res.status(400).json({
return res?.status(400).json({ captcha_key: verify["error-codes"],
captcha_key: ["captcha-required"], captcha_sitekey: sitekey,
captcha_sitekey: sitekey, captcha_service: service,
captcha_service: service });
}); }
} }
const verify = await verifyCaptcha(body.captcha_key, ip); if (!register.allowMultipleAccounts) {
if (!verify.success) { // TODO: check if fingerprint was eligible generated
return res.status(400).json({ const exists = await User.findOne({
captcha_key: verify["error-codes"], where: { fingerprints: body.fingerprint },
captcha_sitekey: sitekey, select: ["id"],
captcha_service: service
}); });
if (exists) {
throw FieldErrors({
email: {
code: "EMAIL_ALREADY_REGISTERED",
message: req.t(
"auth:register.EMAIL_ALREADY_REGISTERED",
),
},
});
}
} }
}
if (!register.allowMultipleAccounts) { if (register.blockProxies) {
// TODO: check if fingerprint was eligible generated if (isProxy(await IPAnalysis(ip))) {
const exists = await User.findOne({ where: { fingerprints: body.fingerprint }, select: ["id"] }); console.log(`proxy ${ip} blocked from registration`);
throw new HTTPError("Your IP is blocked from registration");
}
}
if (exists) { // TODO: gift_code_sku_id?
// TODO: check password strength
if (email) {
// replace all dots and chars after +, if its a gmail.com email
if (!email) {
throw FieldErrors({
email: {
code: "INVALID_EMAIL",
message: req?.t("auth:register.INVALID_EMAIL"),
},
});
}
// check if there is already an account with this email
const exists = await User.findOne({ where: { email: email } });
if (exists) {
throw FieldErrors({
email: {
code: "EMAIL_ALREADY_REGISTERED",
message: req.t(
"auth:register.EMAIL_ALREADY_REGISTERED",
),
},
});
}
} else if (register.email.required) {
throw FieldErrors({ throw FieldErrors({
email: { email: {
code: "EMAIL_ALREADY_REGISTERED", code: "BASE_TYPE_REQUIRED",
message: req.t("auth:register.EMAIL_ALREADY_REGISTERED") message: req.t("common:field.BASE_TYPE_REQUIRED"),
} },
}); });
} }
}
if (register.blockProxies) { if (register.dateOfBirth.required && !body.date_of_birth) {
if (isProxy(await IPAnalysis(ip))) {
console.log(`proxy ${ip} blocked from registration`);
throw new HTTPError("Your IP is blocked from registration");
}
}
// TODO: gift_code_sku_id?
// TODO: check password strength
if (email) {
// replace all dots and chars after +, if its a gmail.com email
if (!email) {
throw FieldErrors({ email: { code: "INVALID_EMAIL", message: req?.t("auth:register.INVALID_EMAIL") } });
}
// check if there is already an account with this email
const exists = await User.findOne({ where: { email: email } });
if (exists) {
throw FieldErrors({
email: {
code: "EMAIL_ALREADY_REGISTERED",
message: req.t("auth:register.EMAIL_ALREADY_REGISTERED")
}
});
}
} else if (register.email.required) {
throw FieldErrors({
email: { code: "BASE_TYPE_REQUIRED", message: req.t("common:field.BASE_TYPE_REQUIRED") }
});
}
if (register.dateOfBirth.required && !body.date_of_birth) {
throw FieldErrors({
date_of_birth: { code: "BASE_TYPE_REQUIRED", message: req.t("common:field.BASE_TYPE_REQUIRED") }
});
} else if (register.dateOfBirth.required && register.dateOfBirth.minimum) {
const minimum = new Date();
minimum.setFullYear(minimum.getFullYear() - register.dateOfBirth.minimum);
body.date_of_birth = new Date(body.date_of_birth as Date);
// higher is younger
if (body.date_of_birth > minimum) {
throw FieldErrors({ throw FieldErrors({
date_of_birth: { date_of_birth: {
code: "DATE_OF_BIRTH_UNDERAGE", code: "BASE_TYPE_REQUIRED",
message: req.t("auth:register.DATE_OF_BIRTH_UNDERAGE", { years: register.dateOfBirth.minimum }) message: req.t("common:field.BASE_TYPE_REQUIRED"),
} },
});
} else if (
register.dateOfBirth.required &&
register.dateOfBirth.minimum
) {
const minimum = new Date();
minimum.setFullYear(
minimum.getFullYear() - register.dateOfBirth.minimum,
);
body.date_of_birth = new Date(body.date_of_birth as Date);
// higher is younger
if (body.date_of_birth > minimum) {
throw FieldErrors({
date_of_birth: {
code: "DATE_OF_BIRTH_UNDERAGE",
message: req.t("auth:register.DATE_OF_BIRTH_UNDERAGE", {
years: register.dateOfBirth.minimum,
}),
},
});
}
}
if (body.password) {
// the salt is saved in the password refer to bcrypt docs
body.password = await bcrypt.hash(body.password, 12);
} else if (register.password.required) {
throw FieldErrors({
password: {
code: "BASE_TYPE_REQUIRED",
message: req.t("common:field.BASE_TYPE_REQUIRED"),
},
}); });
} }
}
if (body.password) { if (
// the salt is saved in the password refer to bcrypt docs !body.invite &&
body.password = await bcrypt.hash(body.password, 12); (register.requireInvite ||
} else if (register.password.required) { (register.guestsRequireInvite && !register.email))
throw FieldErrors({ ) {
password: { code: "BASE_TYPE_REQUIRED", message: req.t("common:field.BASE_TYPE_REQUIRED") } // require invite to register -> e.g. for organizations to send invites to their employees
}); throw FieldErrors({
} email: {
code: "INVITE_ONLY",
message: req.t("auth:register.INVITE_ONLY"),
},
});
}
if (!body.invite && (register.requireInvite || (register.guestsRequireInvite && !register.email))) { const user = await User.register({ ...body, req });
// require invite to register -> e.g. for organizations to send invites to their employees
throw FieldErrors({
email: { code: "INVITE_ONLY", message: req.t("auth:register.INVITE_ONLY") }
});
}
const user = await User.register({ ...body, req }); if (body.invite) {
// await to fail if the invite doesn't exist (necessary for requireInvite to work properly) (username only signups are possible)
await Invite.joinGuild(user.id, body.invite);
}
if (body.invite) { console.log("register", body.email, body.username, ip);
// await to fail if the invite doesn't exist (necessary for requireInvite to work properly) (username only signups are possible)
await Invite.joinGuild(user.id, body.invite);
}
console.log("register", body.email, body.username, ip); return res.json({ token: await generateToken(user.id) });
},
return res.json({ token: await generateToken(user.id) }); );
});
export default router; export default router;

View File

@ -4,19 +4,31 @@ import { FieldErrors, User, BackupCodesChallengeSchema } from "@fosscord/util";
import bcrypt from "bcrypt"; import bcrypt from "bcrypt";
const router = Router(); const router = Router();
router.post("/", route({ body: "BackupCodesChallengeSchema" }), async (req: Request, res: Response) => { router.post(
const { password } = req.body as BackupCodesChallengeSchema; "/",
route({ body: "BackupCodesChallengeSchema" }),
async (req: Request, res: Response) => {
const { password } = req.body as BackupCodesChallengeSchema;
const user = await User.findOneOrFail({ where: { id: req.user_id }, select: ["data"] }); const user = await User.findOneOrFail({
where: { id: req.user_id },
select: ["data"],
});
if (!await bcrypt.compare(password, user.data.hash || "")) { if (!(await bcrypt.compare(password, user.data.hash || ""))) {
throw FieldErrors({ password: { message: req.t("auth:login.INVALID_PASSWORD"), code: "INVALID_PASSWORD" } }); throw FieldErrors({
} password: {
message: req.t("auth:login.INVALID_PASSWORD"),
code: "INVALID_PASSWORD",
},
});
}
return res.json({ return res.json({
nonce: "NoncePlaceholder", nonce: "NoncePlaceholder",
regenerate_nonce: "RegenNoncePlaceholder", regenerate_nonce: "RegenNoncePlaceholder",
}); });
}); },
);
export default router; export default router;

View File

@ -6,7 +6,7 @@ import {
emitEvent, emitEvent,
Recipient, Recipient,
handleFile, handleFile,
ChannelModifySchema ChannelModifySchema,
} from "@fosscord/util"; } from "@fosscord/util";
import { Request, Response, Router } from "express"; import { Request, Response, Router } from "express";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
@ -15,56 +15,89 @@ const router: Router = Router();
// TODO: delete channel // TODO: delete channel
// TODO: Get channel // TODO: Get channel
router.get("/", route({ permission: "VIEW_CHANNEL" }), async (req: Request, res: Response) => { router.get(
const { channel_id } = req.params; "/",
route({ permission: "VIEW_CHANNEL" }),
async (req: Request, res: Response) => {
const { channel_id } = req.params;
const channel = await Channel.findOneOrFail({ where: { id: channel_id } }); const channel = await Channel.findOneOrFail({
where: { id: channel_id },
});
return res.send(channel); return res.send(channel);
}); },
);
router.delete("/", route({ permission: "MANAGE_CHANNELS" }), async (req: Request, res: Response) => { router.delete(
const { channel_id } = req.params; "/",
route({ permission: "MANAGE_CHANNELS" }),
async (req: Request, res: Response) => {
const { channel_id } = req.params;
const channel = await Channel.findOneOrFail({ where: { id: channel_id }, relations: ["recipients"] }); const channel = await Channel.findOneOrFail({
where: { id: channel_id },
relations: ["recipients"],
});
if (channel.type === ChannelType.DM) {
const recipient = await Recipient.findOneOrFail({
where: { channel_id: channel_id, user_id: req.user_id },
});
recipient.closed = true;
await Promise.all([
recipient.save(),
emitEvent({
event: "CHANNEL_DELETE",
data: channel,
user_id: req.user_id,
} as ChannelDeleteEvent),
]);
} else if (channel.type === ChannelType.GROUP_DM) {
await Channel.removeRecipientFromChannel(channel, req.user_id);
} else {
await Promise.all([
Channel.delete({ id: channel_id }),
emitEvent({
event: "CHANNEL_DELETE",
data: channel,
channel_id,
} as ChannelDeleteEvent),
]);
}
res.send(channel);
},
);
router.patch(
"/",
route({ body: "ChannelModifySchema", permission: "MANAGE_CHANNELS" }),
async (req: Request, res: Response) => {
var payload = req.body as ChannelModifySchema;
const { channel_id } = req.params;
if (payload.icon)
payload.icon = await handleFile(
`/channel-icons/${channel_id}`,
payload.icon,
);
const channel = await Channel.findOneOrFail({
where: { id: channel_id },
});
channel.assign(payload);
if (channel.type === ChannelType.DM) {
const recipient = await Recipient.findOneOrFail({ where: { channel_id: channel_id, user_id: req.user_id } });
recipient.closed = true;
await Promise.all([ await Promise.all([
recipient.save(), channel.save(),
emitEvent({ event: "CHANNEL_DELETE", data: channel, user_id: req.user_id } as ChannelDeleteEvent) emitEvent({
event: "CHANNEL_UPDATE",
data: channel,
channel_id,
} as ChannelUpdateEvent),
]); ]);
} else if (channel.type === ChannelType.GROUP_DM) {
await Channel.removeRecipientFromChannel(channel, req.user_id);
} else {
await Promise.all([
Channel.delete({ id: channel_id }),
emitEvent({ event: "CHANNEL_DELETE", data: channel, channel_id } as ChannelDeleteEvent)
]);
}
res.send(channel); res.send(channel);
}); },
);
router.patch("/", route({ body: "ChannelModifySchema", permission: "MANAGE_CHANNELS" }), async (req: Request, res: Response) => {
var payload = req.body as ChannelModifySchema;
const { channel_id } = req.params;
if (payload.icon) payload.icon = await handleFile(`/channel-icons/${channel_id}`, payload.icon);
const channel = await Channel.findOneOrFail({ where: { id: channel_id } });
channel.assign(payload);
await Promise.all([
channel.save(),
emitEvent({
event: "CHANNEL_UPDATE",
data: channel,
channel_id
} as ChannelUpdateEvent)
]);
res.send(channel);
});
export default router; export default router;

View File

@ -2,16 +2,33 @@ import { Router, Request, Response } from "express";
import { HTTPError } from "lambert-server"; import { HTTPError } from "lambert-server";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
import { random } from "@fosscord/api"; import { random } from "@fosscord/api";
import { Channel, Invite, InviteCreateEvent, emitEvent, User, Guild, PublicInviteRelation } from "@fosscord/util"; import {
Channel,
Invite,
InviteCreateEvent,
emitEvent,
User,
Guild,
PublicInviteRelation,
} from "@fosscord/util";
import { isTextChannel } from "./messages"; import { isTextChannel } from "./messages";
const router: Router = Router(); const router: Router = Router();
router.post("/", route({ body: "InviteCreateSchema", permission: "CREATE_INSTANT_INVITE", right: "CREATE_INVITES" }), router.post(
"/",
route({
body: "InviteCreateSchema",
permission: "CREATE_INSTANT_INVITE",
right: "CREATE_INVITES",
}),
async (req: Request, res: Response) => { async (req: Request, res: Response) => {
const { user_id } = req; const { user_id } = req;
const { channel_id } = req.params; const { channel_id } = req.params;
const channel = await Channel.findOneOrFail({ where: { id: channel_id }, select: ["id", "name", "type", "guild_id"] }); const channel = await Channel.findOneOrFail({
where: { id: channel_id },
select: ["id", "name", "type", "guild_id"],
});
isTextChannel(channel.type); isTextChannel(channel.type);
if (!channel.guild_id) { if (!channel.guild_id) {
@ -31,30 +48,44 @@ router.post("/", route({ body: "InviteCreateSchema", permission: "CREATE_INSTANT
created_at: new Date(), created_at: new Date(),
guild_id, guild_id,
channel_id: channel_id, channel_id: channel_id,
inviter_id: user_id inviter_id: user_id,
}).save(); }).save();
const data = invite.toJSON(); const data = invite.toJSON();
data.inviter = await User.getPublicUser(req.user_id); data.inviter = await User.getPublicUser(req.user_id);
data.guild = await Guild.findOne({ where: { id: guild_id } }); data.guild = await Guild.findOne({ where: { id: guild_id } });
data.channel = channel; data.channel = channel;
await emitEvent({ event: "INVITE_CREATE", data, guild_id } as InviteCreateEvent); await emitEvent({
event: "INVITE_CREATE",
data,
guild_id,
} as InviteCreateEvent);
res.status(201).send(data); res.status(201).send(data);
}); },
);
router.get("/", route({ permission: "MANAGE_CHANNELS" }), async (req: Request, res: Response) => { router.get(
const { user_id } = req; "/",
const { channel_id } = req.params; route({ permission: "MANAGE_CHANNELS" }),
const channel = await Channel.findOneOrFail({ where: { id: channel_id } }); async (req: Request, res: Response) => {
const { user_id } = req;
const { channel_id } = req.params;
const channel = await Channel.findOneOrFail({
where: { id: channel_id },
});
if (!channel.guild_id) { if (!channel.guild_id) {
throw new HTTPError("This channel doesn't exist", 404); throw new HTTPError("This channel doesn't exist", 404);
} }
const { guild_id } = channel; const { guild_id } = channel;
const invites = await Invite.find({ where: { guild_id }, relations: PublicInviteRelation }); const invites = await Invite.find({
where: { guild_id },
relations: PublicInviteRelation,
});
res.status(200).send(invites); res.status(200).send(invites);
}); },
);
export default router; export default router;

View File

@ -1,4 +1,9 @@
import { emitEvent, getPermission, MessageAckEvent, ReadState } from "@fosscord/util"; import {
emitEvent,
getPermission,
MessageAckEvent,
ReadState,
} from "@fosscord/util";
import { Request, Response, Router } from "express"; import { Request, Response, Router } from "express";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
@ -8,29 +13,40 @@ const router = Router();
// TODO: send read state event to all channel members // TODO: send read state event to all channel members
// TODO: advance-only notification cursor // TODO: advance-only notification cursor
router.post("/", route({ body: "MessageAcknowledgeSchema" }), async (req: Request, res: Response) => { router.post(
const { channel_id, message_id } = req.params; "/",
route({ body: "MessageAcknowledgeSchema" }),
async (req: Request, res: Response) => {
const { channel_id, message_id } = req.params;
const permission = await getPermission(req.user_id, undefined, channel_id); const permission = await getPermission(
permission.hasThrow("VIEW_CHANNEL"); req.user_id,
undefined,
let read_state = await ReadState.findOne({ where: { user_id: req.user_id, channel_id } });
if (!read_state) read_state = ReadState.create({ user_id: req.user_id, channel_id });
read_state.last_message_id = message_id;
await read_state.save();
await emitEvent({
event: "MESSAGE_ACK",
user_id: req.user_id,
data: {
channel_id, channel_id,
message_id, );
version: 3763 permission.hasThrow("VIEW_CHANNEL");
}
} as MessageAckEvent);
res.json({ token: null }); let read_state = await ReadState.findOne({
}); where: { user_id: req.user_id, channel_id },
});
if (!read_state)
read_state = ReadState.create({ user_id: req.user_id, channel_id });
read_state.last_message_id = message_id;
await read_state.save();
await emitEvent({
event: "MESSAGE_ACK",
user_id: req.user_id,
data: {
channel_id,
message_id,
version: 3763,
},
} as MessageAckEvent);
res.json({ token: null });
},
);
export default router; export default router;

View File

@ -3,26 +3,36 @@ import { route } from "@fosscord/api";
const router = Router(); const router = Router();
router.post("/", route({ permission: "MANAGE_MESSAGES" }), (req: Request, res: Response) => { router.post(
// TODO: "/",
res.json({ route({ permission: "MANAGE_MESSAGES" }),
id: "", (req: Request, res: Response) => {
type: 0, // TODO:
content: "", res.json({
channel_id: "", id: "",
author: { id: "", username: "", avatar: "", discriminator: "", public_flags: 64 }, type: 0,
attachments: [], content: "",
embeds: [], channel_id: "",
mentions: [], author: {
mention_roles: [], id: "",
pinned: false, username: "",
mention_everyone: false, avatar: "",
tts: false, discriminator: "",
timestamp: "", public_flags: 64,
edited_timestamp: null, },
flags: 1, attachments: [],
components: [] embeds: [],
}).status(200); mentions: [],
}); mention_roles: [],
pinned: false,
mention_everyone: false,
tts: false,
timestamp: "",
edited_timestamp: null,
flags: 1,
components: [],
}).status(200);
},
);
export default router; export default router;

View File

@ -26,55 +26,69 @@ const messageUpload = multer({
limits: { limits: {
fileSize: 1024 * 1024 * 100, fileSize: 1024 * 1024 * 100,
fields: 10, fields: 10,
files: 1 files: 1,
}, },
storage: multer.memoryStorage() storage: multer.memoryStorage(),
}); // max upload 50 mb }); // max upload 50 mb
router.patch("/", route({ body: "MessageCreateSchema", permission: "SEND_MESSAGES", right: "SEND_MESSAGES" }), async (req: Request, res: Response) => { router.patch(
const { message_id, channel_id } = req.params; "/",
var body = req.body as MessageCreateSchema; route({
body: "MessageCreateSchema",
permission: "SEND_MESSAGES",
right: "SEND_MESSAGES",
}),
async (req: Request, res: Response) => {
const { message_id, channel_id } = req.params;
var body = req.body as MessageCreateSchema;
const message = await Message.findOneOrFail({ where: { id: message_id, channel_id }, relations: ["attachments"] }); const message = await Message.findOneOrFail({
where: { id: message_id, channel_id },
relations: ["attachments"],
});
const permissions = await getPermission(req.user_id, undefined, channel_id); const permissions = await getPermission(
req.user_id,
const rights = await getRights(req.user_id); undefined,
if ((req.user_id !== message.author_id)) {
if (!rights.has("MANAGE_MESSAGES")) {
permissions.hasThrow("MANAGE_MESSAGES");
body = { flags: body.flags };
// guild admins can only suppress embeds of other messages, no such restriction imposed to instance-wide admins
}
} else rights.hasThrow("SELF_EDIT_MESSAGES");
const new_message = await handleMessage({
...message,
// TODO: should message_reference be overridable?
// @ts-ignore
message_reference: message.message_reference,
...body,
author_id: message.author_id,
channel_id,
id: message_id,
edited_timestamp: new Date()
});
await Promise.all([
new_message!.save(),
await emitEvent({
event: "MESSAGE_UPDATE",
channel_id, channel_id,
data: { ...new_message, nonce: undefined } );
} as MessageUpdateEvent)
]);
postHandleMessage(message); const rights = await getRights(req.user_id);
return res.json(message); if (req.user_id !== message.author_id) {
}); if (!rights.has("MANAGE_MESSAGES")) {
permissions.hasThrow("MANAGE_MESSAGES");
body = { flags: body.flags };
// guild admins can only suppress embeds of other messages, no such restriction imposed to instance-wide admins
}
} else rights.hasThrow("SELF_EDIT_MESSAGES");
const new_message = await handleMessage({
...message,
// TODO: should message_reference be overridable?
// @ts-ignore
message_reference: message.message_reference,
...body,
author_id: message.author_id,
channel_id,
id: message_id,
edited_timestamp: new Date(),
});
await Promise.all([
new_message!.save(),
await emitEvent({
event: "MESSAGE_UPDATE",
channel_id,
data: { ...new_message, nonce: undefined },
} as MessageUpdateEvent),
]);
postHandleMessage(message);
return res.json(message);
},
);
// Backfill message with specific timestamp // Backfill message with specific timestamp
router.put( router.put(
@ -87,7 +101,11 @@ router.put(
next(); next();
}, },
route({ body: "MessageCreateSchema", permission: "SEND_MESSAGES", right: "SEND_BACKDATED_EVENTS" }), route({
body: "MessageCreateSchema",
permission: "SEND_MESSAGES",
right: "SEND_BACKDATED_EVENTS",
}),
async (req: Request, res: Response) => { async (req: Request, res: Response) => {
const { channel_id, message_id } = req.params; const { channel_id, message_id } = req.params;
var body = req.body as MessageCreateSchema; var body = req.body as MessageCreateSchema;
@ -107,20 +125,30 @@ router.put(
throw FosscordApiErrors.CANNOT_BACKFILL_TO_THE_FUTURE; throw FosscordApiErrors.CANNOT_BACKFILL_TO_THE_FUTURE;
} }
const exists = await Message.findOne({ where: { id: message_id, channel_id: channel_id } }); const exists = await Message.findOne({
where: { id: message_id, channel_id: channel_id },
});
if (exists) { if (exists) {
throw FosscordApiErrors.CANNOT_REPLACE_BY_BACKFILL; throw FosscordApiErrors.CANNOT_REPLACE_BY_BACKFILL;
} }
if (req.file) { if (req.file) {
try { try {
const file = await uploadFile(`/attachments/${req.params.channel_id}`, req.file); const file = await uploadFile(
attachments.push(Attachment.create({ ...file, proxy_url: file.url })); `/attachments/${req.params.channel_id}`,
req.file,
);
attachments.push(
Attachment.create({ ...file, proxy_url: file.url }),
);
} catch (error) { } catch (error) {
return res.status(400).json(error); return res.status(400).json(error);
} }
} }
const channel = await Channel.findOneOrFail({ where: { id: channel_id }, relations: ["recipients", "recipients.user"] }); const channel = await Channel.findOneOrFail({
where: { id: channel_id },
relations: ["recipients", "recipients.user"],
});
const embeds = body.embeds || []; const embeds = body.embeds || [];
if (body.embed) embeds.push(body.embed); if (body.embed) embeds.push(body.embed);
@ -142,27 +170,43 @@ router.put(
await Promise.all([ await Promise.all([
message.save(), message.save(),
emitEvent({ event: "MESSAGE_CREATE", channel_id: channel_id, data: message } as MessageCreateEvent), emitEvent({
channel.save() event: "MESSAGE_CREATE",
channel_id: channel_id,
data: message,
} as MessageCreateEvent),
channel.save(),
]); ]);
postHandleMessage(message).catch((e) => { }); // no await as it shouldnt block the message send function and silently catch error postHandleMessage(message).catch((e) => {}); // no await as it shouldnt block the message send function and silently catch error
return res.json(message); return res.json(message);
} },
); );
router.get("/", route({ permission: "VIEW_CHANNEL" }), async (req: Request, res: Response) => { router.get(
const { message_id, channel_id } = req.params; "/",
route({ permission: "VIEW_CHANNEL" }),
async (req: Request, res: Response) => {
const { message_id, channel_id } = req.params;
const message = await Message.findOneOrFail({ where: { id: message_id, channel_id }, relations: ["attachments"] }); const message = await Message.findOneOrFail({
where: { id: message_id, channel_id },
relations: ["attachments"],
});
const permissions = await getPermission(req.user_id, undefined, channel_id); const permissions = await getPermission(
req.user_id,
undefined,
channel_id,
);
if (message.author_id !== req.user_id) permissions.hasThrow("READ_MESSAGE_HISTORY"); if (message.author_id !== req.user_id)
permissions.hasThrow("READ_MESSAGE_HISTORY");
return res.json(message); return res.json(message);
}); },
);
router.delete("/", route({}), async (req: Request, res: Response) => { router.delete("/", route({}), async (req: Request, res: Response) => {
const { message_id, channel_id } = req.params; const { message_id, channel_id } = req.params;
@ -172,9 +216,13 @@ router.delete("/", route({}), async (req: Request, res: Response) => {
const rights = await getRights(req.user_id); const rights = await getRights(req.user_id);
if ((message.author_id !== req.user_id)) { if (message.author_id !== req.user_id) {
if (!rights.has("MANAGE_MESSAGES")) { if (!rights.has("MANAGE_MESSAGES")) {
const permission = await getPermission(req.user_id, channel.guild_id, channel_id); const permission = await getPermission(
req.user_id,
channel.guild_id,
channel_id,
);
permission.hasThrow("MANAGE_MESSAGES"); permission.hasThrow("MANAGE_MESSAGES");
} }
} else rights.hasThrow("SELF_DELETE_MESSAGES"); } else rights.hasThrow("SELF_DELETE_MESSAGES");
@ -187,8 +235,8 @@ router.delete("/", route({}), async (req: Request, res: Response) => {
data: { data: {
id: message_id, id: message_id,
channel_id, channel_id,
guild_id: channel.guild_id guild_id: channel.guild_id,
} },
} as MessageDeleteEvent); } as MessageDeleteEvent);
res.sendStatus(204); res.sendStatus(204);

View File

@ -11,7 +11,7 @@ import {
MessageReactionRemoveEvent, MessageReactionRemoveEvent,
PartialEmoji, PartialEmoji,
PublicUserProjection, PublicUserProjection,
User User,
} from "@fosscord/util"; } from "@fosscord/util";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
import { Router, Response, Request } from "express"; import { Router, Response, Request } from "express";
@ -27,159 +27,224 @@ function getEmoji(emoji: string): PartialEmoji {
if (parts) if (parts)
return { return {
name: parts[0], name: parts[0],
id: parts[1] id: parts[1],
}; };
return { return {
id: undefined, id: undefined,
name: emoji name: emoji,
}; };
} }
router.delete("/", route({ permission: "MANAGE_MESSAGES" }), async (req: Request, res: Response) => { router.delete(
const { message_id, channel_id } = req.params; "/",
route({ permission: "MANAGE_MESSAGES" }),
async (req: Request, res: Response) => {
const { message_id, channel_id } = req.params;
const channel = await Channel.findOneOrFail({ where: { id: channel_id } }); const channel = await Channel.findOneOrFail({
where: { id: channel_id },
});
await Message.update({ id: message_id, channel_id }, { reactions: [] }); await Message.update({ id: message_id, channel_id }, { reactions: [] });
await emitEvent({ await emitEvent({
event: "MESSAGE_REACTION_REMOVE_ALL", event: "MESSAGE_REACTION_REMOVE_ALL",
channel_id,
data: {
channel_id,
message_id,
guild_id: channel.guild_id
}
} as MessageReactionRemoveAllEvent);
res.sendStatus(204);
});
router.delete("/:emoji", route({ permission: "MANAGE_MESSAGES" }), async (req: Request, res: Response) => {
const { message_id, channel_id } = req.params;
const emoji = getEmoji(req.params.emoji);
const message = await Message.findOneOrFail({ where: { id: message_id, channel_id } });
const already_added = message.reactions.find((x) => (x.emoji.id === emoji.id && emoji.id) || x.emoji.name === emoji.name);
if (!already_added) throw new HTTPError("Reaction not found", 404);
message.reactions.remove(already_added);
await Promise.all([
message.save(),
emitEvent({
event: "MESSAGE_REACTION_REMOVE_EMOJI",
channel_id, channel_id,
data: { data: {
channel_id, channel_id,
message_id, message_id,
guild_id: message.guild_id, guild_id: channel.guild_id,
emoji },
} } as MessageReactionRemoveAllEvent);
} as MessageReactionRemoveEmojiEvent)
]);
res.sendStatus(204); res.sendStatus(204);
}); },
);
router.get("/:emoji", route({ permission: "VIEW_CHANNEL" }), async (req: Request, res: Response) => { router.delete(
const { message_id, channel_id } = req.params; "/:emoji",
const emoji = getEmoji(req.params.emoji); route({ permission: "MANAGE_MESSAGES" }),
async (req: Request, res: Response) => {
const { message_id, channel_id } = req.params;
const emoji = getEmoji(req.params.emoji);
const message = await Message.findOneOrFail({ where: { id: message_id, channel_id } }); const message = await Message.findOneOrFail({
const reaction = message.reactions.find((x) => (x.emoji.id === emoji.id && emoji.id) || x.emoji.name === emoji.name); where: { id: message_id, channel_id },
if (!reaction) throw new HTTPError("Reaction not found", 404); });
const users = await User.find({ const already_added = message.reactions.find(
where: { (x) =>
id: In(reaction.user_ids) (x.emoji.id === emoji.id && emoji.id) ||
}, x.emoji.name === emoji.name,
select: PublicUserProjection );
}); if (!already_added) throw new HTTPError("Reaction not found", 404);
message.reactions.remove(already_added);
res.json(users); await Promise.all([
}); message.save(),
emitEvent({
event: "MESSAGE_REACTION_REMOVE_EMOJI",
channel_id,
data: {
channel_id,
message_id,
guild_id: message.guild_id,
emoji,
},
} as MessageReactionRemoveEmojiEvent),
]);
router.put("/:emoji/:user_id", route({ permission: "READ_MESSAGE_HISTORY", right: "SELF_ADD_REACTIONS" }), async (req: Request, res: Response) => { res.sendStatus(204);
const { message_id, channel_id, user_id } = req.params; },
if (user_id !== "@me") throw new HTTPError("Invalid user"); );
const emoji = getEmoji(req.params.emoji);
const channel = await Channel.findOneOrFail({ where: { id: channel_id } }); router.get(
const message = await Message.findOneOrFail({ where: { id: message_id, channel_id } }); "/:emoji",
const already_added = message.reactions.find((x) => (x.emoji.id === emoji.id && emoji.id) || x.emoji.name === emoji.name); route({ permission: "VIEW_CHANNEL" }),
async (req: Request, res: Response) => {
const { message_id, channel_id } = req.params;
const emoji = getEmoji(req.params.emoji);
if (!already_added) req.permission!.hasThrow("ADD_REACTIONS"); const message = await Message.findOneOrFail({
where: { id: message_id, channel_id },
});
const reaction = message.reactions.find(
(x) =>
(x.emoji.id === emoji.id && emoji.id) ||
x.emoji.name === emoji.name,
);
if (!reaction) throw new HTTPError("Reaction not found", 404);
if (emoji.id) { const users = await User.find({
const external_emoji = await Emoji.findOneOrFail({ where: { id: emoji.id } }); where: {
if (!already_added) req.permission!.hasThrow("USE_EXTERNAL_EMOJIS"); id: In(reaction.user_ids),
emoji.animated = external_emoji.animated; },
emoji.name = external_emoji.name; select: PublicUserProjection,
} });
if (already_added) { res.json(users);
if (already_added.user_ids.includes(req.user_id)) return res.sendStatus(204); // Do not throw an error ¯\_(ツ)_/¯ as discord also doesn't throw any error },
already_added.count++; );
} else message.reactions.push({ count: 1, emoji, user_ids: [req.user_id] });
await message.save(); router.put(
"/:emoji/:user_id",
route({ permission: "READ_MESSAGE_HISTORY", right: "SELF_ADD_REACTIONS" }),
async (req: Request, res: Response) => {
const { message_id, channel_id, user_id } = req.params;
if (user_id !== "@me") throw new HTTPError("Invalid user");
const emoji = getEmoji(req.params.emoji);
const member = channel.guild_id && (await Member.findOneOrFail({ where: { id: req.user_id } })); const channel = await Channel.findOneOrFail({
where: { id: channel_id },
});
const message = await Message.findOneOrFail({
where: { id: message_id, channel_id },
});
const already_added = message.reactions.find(
(x) =>
(x.emoji.id === emoji.id && emoji.id) ||
x.emoji.name === emoji.name,
);
await emitEvent({ if (!already_added) req.permission!.hasThrow("ADD_REACTIONS");
event: "MESSAGE_REACTION_ADD",
channel_id, if (emoji.id) {
data: { const external_emoji = await Emoji.findOneOrFail({
user_id: req.user_id, where: { id: emoji.id },
channel_id, });
message_id, if (!already_added) req.permission!.hasThrow("USE_EXTERNAL_EMOJIS");
guild_id: channel.guild_id, emoji.animated = external_emoji.animated;
emoji, emoji.name = external_emoji.name;
member
} }
} as MessageReactionAddEvent);
res.sendStatus(204); if (already_added) {
}); if (already_added.user_ids.includes(req.user_id))
return res.sendStatus(204); // Do not throw an error ¯\_(ツ)_/¯ as discord also doesn't throw any error
already_added.count++;
} else
message.reactions.push({
count: 1,
emoji,
user_ids: [req.user_id],
});
router.delete("/:emoji/:user_id", route({}), async (req: Request, res: Response) => { await message.save();
var { message_id, channel_id, user_id } = req.params;
const emoji = getEmoji(req.params.emoji); const member =
channel.guild_id &&
(await Member.findOneOrFail({ where: { id: req.user_id } }));
const channel = await Channel.findOneOrFail({ where: { id: channel_id } }); await emitEvent({
const message = await Message.findOneOrFail({ where: { id: message_id, channel_id } }); event: "MESSAGE_REACTION_ADD",
if (user_id === "@me") user_id = req.user_id;
else {
const permissions = await getPermission(req.user_id, undefined, channel_id);
permissions.hasThrow("MANAGE_MESSAGES");
}
const already_added = message.reactions.find((x) => (x.emoji.id === emoji.id && emoji.id) || x.emoji.name === emoji.name);
if (!already_added || !already_added.user_ids.includes(user_id)) throw new HTTPError("Reaction not found", 404);
already_added.count--;
if (already_added.count <= 0) message.reactions.remove(already_added);
await message.save();
await emitEvent({
event: "MESSAGE_REACTION_REMOVE",
channel_id,
data: {
user_id: req.user_id,
channel_id, channel_id,
message_id, data: {
guild_id: channel.guild_id, user_id: req.user_id,
emoji channel_id,
} message_id,
} as MessageReactionRemoveEvent); guild_id: channel.guild_id,
emoji,
member,
},
} as MessageReactionAddEvent);
res.sendStatus(204); res.sendStatus(204);
}); },
);
router.delete(
"/:emoji/:user_id",
route({}),
async (req: Request, res: Response) => {
var { message_id, channel_id, user_id } = req.params;
const emoji = getEmoji(req.params.emoji);
const channel = await Channel.findOneOrFail({
where: { id: channel_id },
});
const message = await Message.findOneOrFail({
where: { id: message_id, channel_id },
});
if (user_id === "@me") user_id = req.user_id;
else {
const permissions = await getPermission(
req.user_id,
undefined,
channel_id,
);
permissions.hasThrow("MANAGE_MESSAGES");
}
const already_added = message.reactions.find(
(x) =>
(x.emoji.id === emoji.id && emoji.id) ||
x.emoji.name === emoji.name,
);
if (!already_added || !already_added.user_ids.includes(user_id))
throw new HTTPError("Reaction not found", 404);
already_added.count--;
if (already_added.count <= 0) message.reactions.remove(already_added);
await message.save();
await emitEvent({
event: "MESSAGE_REACTION_REMOVE",
channel_id,
data: {
user_id: req.user_id,
channel_id,
message_id,
guild_id: channel.guild_id,
emoji,
},
} as MessageReactionRemoveEvent);
res.sendStatus(204);
},
);
export default router; export default router;

View File

@ -1,5 +1,13 @@
import { Router, Response, Request } from "express"; import { Router, Response, Request } from "express";
import { Channel, Config, emitEvent, getPermission, getRights, MessageDeleteBulkEvent, Message } from "@fosscord/util"; import {
Channel,
Config,
emitEvent,
getPermission,
getRights,
MessageDeleteBulkEvent,
Message,
} from "@fosscord/util";
import { HTTPError } from "lambert-server"; import { HTTPError } from "lambert-server";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
@ -10,33 +18,48 @@ export default router;
// should users be able to bulk delete messages or only bots? ANSWER: all users // should users be able to bulk delete messages or only bots? ANSWER: all users
// should this request fail, if you provide messages older than 14 days/invalid ids? ANSWER: NO // should this request fail, if you provide messages older than 14 days/invalid ids? ANSWER: NO
// https://discord.com/developers/docs/resources/channel#bulk-delete-messages // https://discord.com/developers/docs/resources/channel#bulk-delete-messages
router.post("/", route({ body: "BulkDeleteSchema" }), async (req: Request, res: Response) => { router.post(
const { channel_id } = req.params; "/",
const channel = await Channel.findOneOrFail({ where: { id: channel_id } }); route({ body: "BulkDeleteSchema" }),
if (!channel.guild_id) throw new HTTPError("Can't bulk delete dm channel messages", 400); async (req: Request, res: Response) => {
const { channel_id } = req.params;
const channel = await Channel.findOneOrFail({
where: { id: channel_id },
});
if (!channel.guild_id)
throw new HTTPError("Can't bulk delete dm channel messages", 400);
const rights = await getRights(req.user_id); const rights = await getRights(req.user_id);
rights.hasThrow("SELF_DELETE_MESSAGES"); rights.hasThrow("SELF_DELETE_MESSAGES");
let superuser = rights.has("MANAGE_MESSAGES");
const permission = await getPermission(req.user_id, channel?.guild_id, channel_id);
const { maxBulkDelete } = Config.get().limits.message;
const { messages } = req.body as { messages: string[] }; let superuser = rights.has("MANAGE_MESSAGES");
if (messages.length === 0) throw new HTTPError("You must specify messages to bulk delete"); const permission = await getPermission(
if (!superuser) { req.user_id,
permission.hasThrow("MANAGE_MESSAGES"); channel?.guild_id,
if (messages.length > maxBulkDelete) throw new HTTPError(`You cannot delete more than ${maxBulkDelete} messages`); channel_id,
} );
await Message.delete(messages); const { maxBulkDelete } = Config.get().limits.message;
await emitEvent({ const { messages } = req.body as { messages: string[] };
event: "MESSAGE_DELETE_BULK", if (messages.length === 0)
channel_id, throw new HTTPError("You must specify messages to bulk delete");
data: { ids: messages, channel_id, guild_id: channel.guild_id } if (!superuser) {
} as MessageDeleteBulkEvent); permission.hasThrow("MANAGE_MESSAGES");
if (messages.length > maxBulkDelete)
throw new HTTPError(
`You cannot delete more than ${maxBulkDelete} messages`,
);
}
res.sendStatus(204); await Message.delete(messages);
});
await emitEvent({
event: "MESSAGE_DELETE_BULK",
channel_id,
data: { ids: messages, channel_id, guild_id: channel.guild_id },
} as MessageDeleteBulkEvent);
res.sendStatus(204);
},
);

View File

@ -61,36 +61,50 @@ router.get("/", async (req: Request, res: Response) => {
const before = req.query.before ? `${req.query.before}` : undefined; const before = req.query.before ? `${req.query.before}` : undefined;
const after = req.query.after ? `${req.query.after}` : undefined; const after = req.query.after ? `${req.query.after}` : undefined;
const limit = Number(req.query.limit) || 50; const limit = Number(req.query.limit) || 50;
if (limit < 1 || limit > 100) throw new HTTPError("limit must be between 1 and 100", 422); if (limit < 1 || limit > 100)
throw new HTTPError("limit must be between 1 and 100", 422);
var halfLimit = Math.floor(limit / 2); var halfLimit = Math.floor(limit / 2);
const permissions = await getPermission(req.user_id, channel.guild_id, channel_id); const permissions = await getPermission(
req.user_id,
channel.guild_id,
channel_id,
);
permissions.hasThrow("VIEW_CHANNEL"); permissions.hasThrow("VIEW_CHANNEL");
if (!permissions.has("READ_MESSAGE_HISTORY")) return res.json([]); if (!permissions.has("READ_MESSAGE_HISTORY")) return res.json([]);
var query: FindManyOptions<Message> & { where: { id?: any; }; } = { var query: FindManyOptions<Message> & { where: { id?: any } } = {
order: { timestamp: "DESC" }, order: { timestamp: "DESC" },
take: limit, take: limit,
where: { channel_id }, where: { channel_id },
relations: ["author", "webhook", "application", "mentions", "mention_roles", "mention_channels", "sticker_items", "attachments"] relations: [
"author",
"webhook",
"application",
"mentions",
"mention_roles",
"mention_channels",
"sticker_items",
"attachments",
],
}; };
if (after) { if (after) {
if (BigInt(after) > BigInt(Snowflake.generate())) return res.status(422); if (BigInt(after) > BigInt(Snowflake.generate()))
return res.status(422);
query.where.id = MoreThan(after); query.where.id = MoreThan(after);
} } else if (before) {
else if (before) { if (BigInt(before) < BigInt(req.params.channel_id))
if (BigInt(before) < BigInt(req.params.channel_id)) return res.status(422); return res.status(422);
query.where.id = LessThan(before); query.where.id = LessThan(before);
} } else if (around) {
else if (around) {
query.where.id = [ query.where.id = [
MoreThan((BigInt(around) - BigInt(halfLimit)).toString()), MoreThan((BigInt(around) - BigInt(halfLimit)).toString()),
LessThan((BigInt(around) + BigInt(halfLimit)).toString()) LessThan((BigInt(around) + BigInt(halfLimit)).toString()),
]; ];
return res.json([]); // TODO: fix around return res.json([]); // TODO: fix around
} }
const messages = await Message.find(query); const messages = await Message.find(query);
@ -105,11 +119,22 @@ router.get("/", async (req: Request, res: Response) => {
delete x.user_ids; delete x.user_ids;
}); });
// @ts-ignore // @ts-ignore
if (!x.author) x.author = { id: "4", discriminator: "0000", username: "Fosscord Ghost", public_flags: "0", avatar: null }; if (!x.author)
x.author = {
id: "4",
discriminator: "0000",
username: "Fosscord Ghost",
public_flags: "0",
avatar: null,
};
x.attachments?.forEach((y: any) => { x.attachments?.forEach((y: any) => {
// dynamically set attachment proxy_url in case the endpoint changed // dynamically set attachment proxy_url in case the endpoint changed
const uri = y.proxy_url.startsWith("http") ? y.proxy_url : `https://example.org${y.proxy_url}`; const uri = y.proxy_url.startsWith("http")
y.proxy_url = `${endpoint == null ? "" : endpoint}${new URL(uri).pathname}`; ? y.proxy_url
: `https://example.org${y.proxy_url}`;
y.proxy_url = `${endpoint == null ? "" : endpoint}${
new URL(uri).pathname
}`;
}); });
/** /**
@ -123,7 +148,7 @@ router.get("/", async (req: Request, res: Response) => {
// } // }
return x; return x;
}) }),
); );
}); });
@ -134,7 +159,7 @@ const messageUpload = multer({
fields: 10, fields: 10,
// files: 1 // files: 1
}, },
storage: multer.memoryStorage() storage: multer.memoryStorage(),
}); // max upload 50 mb }); // max upload 50 mb
/** /**
TODO: dynamically change limit of MessageCreateSchema with config TODO: dynamically change limit of MessageCreateSchema with config
@ -155,24 +180,38 @@ router.post(
next(); next();
}, },
route({ body: "MessageCreateSchema", permission: "SEND_MESSAGES", right: "SEND_MESSAGES" }), route({
body: "MessageCreateSchema",
permission: "SEND_MESSAGES",
right: "SEND_MESSAGES",
}),
async (req: Request, res: Response) => { async (req: Request, res: Response) => {
const { channel_id } = req.params; const { channel_id } = req.params;
var body = req.body as MessageCreateSchema; var body = req.body as MessageCreateSchema;
const attachments: Attachment[] = []; const attachments: Attachment[] = [];
const channel = await Channel.findOneOrFail({ where: { id: channel_id }, relations: ["recipients", "recipients.user"] }); const channel = await Channel.findOneOrFail({
where: { id: channel_id },
relations: ["recipients", "recipients.user"],
});
if (!channel.isWritable()) { if (!channel.isWritable()) {
throw new HTTPError(`Cannot send messages to channel of type ${channel.type}`, 400); throw new HTTPError(
`Cannot send messages to channel of type ${channel.type}`,
400,
);
} }
const files = req.files as Express.Multer.File[] ?? []; const files = (req.files as Express.Multer.File[]) ?? [];
for (var currFile of files) { for (var currFile of files) {
try { try {
const file = await uploadFile(`/attachments/${channel.id}`, currFile); const file = await uploadFile(
attachments.push(Attachment.create({ ...file, proxy_url: file.url })); `/attachments/${channel.id}`,
} currFile,
catch (error) { );
attachments.push(
Attachment.create({ ...file, proxy_url: file.url }),
);
} catch (error) {
return res.status(400).json(error); return res.status(400).json(error);
} }
} }
@ -188,7 +227,7 @@ router.post(
channel_id, channel_id,
attachments, attachments,
edited_timestamp: undefined, edited_timestamp: undefined,
timestamp: new Date() timestamp: new Date(),
}); });
channel.last_message_id = message.id; channel.last_message_id = message.id;
@ -205,32 +244,47 @@ router.post(
recipient.save(), recipient.save(),
emitEvent({ emitEvent({
event: "CHANNEL_CREATE", event: "CHANNEL_CREATE",
data: channel_dto.excludedRecipients([recipient.user_id]), data: channel_dto.excludedRecipients([
user_id: recipient.user_id recipient.user_id,
}) ]),
user_id: recipient.user_id,
}),
]); ]);
} }
}) }),
); );
} }
const member = await Member.findOneOrFail({ where: { id: req.user_id }, relations: ["roles"] }); const member = await Member.findOneOrFail({
member.roles = member.roles.filter((role: Role) => { where: { id: req.user_id },
return role.id !== role.guild_id; relations: ["roles"],
}).map((role: Role) => { });
return role.id; member.roles = member.roles
}) as any; .filter((role: Role) => {
return role.id !== role.guild_id;
})
.map((role: Role) => {
return role.id;
}) as any;
await Promise.all([ await Promise.all([
message.save(), message.save(),
emitEvent({ event: "MESSAGE_CREATE", channel_id: channel_id, data: message } as MessageCreateEvent), emitEvent({
message.guild_id ? Member.update({ id: req.user_id, guild_id: message.guild_id }, { last_message_id: message.id }) : null, event: "MESSAGE_CREATE",
channel.save() channel_id: channel_id,
data: message,
} as MessageCreateEvent),
message.guild_id
? Member.update(
{ id: req.user_id, guild_id: message.guild_id },
{ last_message_id: message.id },
)
: null,
channel.save(),
]); ]);
postHandleMessage(message).catch((e) => { }); // no await as it shouldnt block the message send function and silently catch error postHandleMessage(message).catch((e) => {}); // no await as it shouldnt block the message send function and silently catch error
return res.json(message); return res.json(message);
} },
); );

View File

@ -6,7 +6,7 @@ import {
emitEvent, emitEvent,
getPermission, getPermission,
Member, Member,
Role Role,
} from "@fosscord/util"; } from "@fosscord/util";
import { Router, Response, Request } from "express"; import { Router, Response, Request } from "express";
import { HTTPError } from "lambert-server"; import { HTTPError } from "lambert-server";
@ -16,69 +16,90 @@ const router: Router = Router();
// TODO: Only permissions your bot has in the guild or channel can be allowed/denied (unless your bot has a MANAGE_ROLES overwrite in the channel) // TODO: Only permissions your bot has in the guild or channel can be allowed/denied (unless your bot has a MANAGE_ROLES overwrite in the channel)
export interface ChannelPermissionOverwriteSchema extends ChannelPermissionOverwrite { } export interface ChannelPermissionOverwriteSchema
extends ChannelPermissionOverwrite {}
router.put( router.put(
"/:overwrite_id", "/:overwrite_id",
route({ body: "ChannelPermissionOverwriteSchema", permission: "MANAGE_ROLES" }), route({
body: "ChannelPermissionOverwriteSchema",
permission: "MANAGE_ROLES",
}),
async (req: Request, res: Response) => { async (req: Request, res: Response) => {
const { channel_id, overwrite_id } = req.params; const { channel_id, overwrite_id } = req.params;
const body = req.body as ChannelPermissionOverwriteSchema; const body = req.body as ChannelPermissionOverwriteSchema;
var channel = await Channel.findOneOrFail({ where: { id: channel_id } }); var channel = await Channel.findOneOrFail({
where: { id: channel_id },
});
if (!channel.guild_id) throw new HTTPError("Channel not found", 404); if (!channel.guild_id) throw new HTTPError("Channel not found", 404);
if (body.type === 0) { if (body.type === 0) {
if (!(await Role.count({ where: { id: overwrite_id } }))) throw new HTTPError("role not found", 404); if (!(await Role.count({ where: { id: overwrite_id } })))
throw new HTTPError("role not found", 404);
} else if (body.type === 1) { } else if (body.type === 1) {
if (!(await Member.count({ where: { id: overwrite_id } }))) throw new HTTPError("user not found", 404); if (!(await Member.count({ where: { id: overwrite_id } })))
throw new HTTPError("user not found", 404);
} else throw new HTTPError("type not supported", 501); } else throw new HTTPError("type not supported", 501);
// @ts-ignore //@ts-ignore
var overwrite: ChannelPermissionOverwrite = channel.permission_overwrites.find((x) => x.id === overwrite_id); var overwrite: ChannelPermissionOverwrite =
channel.permission_overwrites?.find((x) => x.id === overwrite_id);
if (!overwrite) { if (!overwrite) {
// @ts-ignore // @ts-ignore
overwrite = { overwrite = {
id: overwrite_id, id: overwrite_id,
type: body.type type: body.type,
}; };
channel.permission_overwrites!.push(overwrite); channel.permission_overwrites!.push(overwrite);
} }
overwrite.allow = String(req.permission!.bitfield & (BigInt(body.allow) || BigInt("0"))); overwrite.allow = String(
overwrite.deny = String(req.permission!.bitfield & (BigInt(body.deny) || BigInt("0"))); req.permission!.bitfield & (BigInt(body.allow) || BigInt("0")),
);
overwrite.deny = String(
req.permission!.bitfield & (BigInt(body.deny) || BigInt("0")),
);
await Promise.all([ await Promise.all([
channel.save(), channel.save(),
emitEvent({ emitEvent({
event: "CHANNEL_UPDATE", event: "CHANNEL_UPDATE",
channel_id, channel_id,
data: channel data: channel,
} as ChannelUpdateEvent) } as ChannelUpdateEvent),
]); ]);
return res.sendStatus(204); return res.sendStatus(204);
} },
); );
// TODO: check permission hierarchy // TODO: check permission hierarchy
router.delete("/:overwrite_id", route({ permission: "MANAGE_ROLES" }), async (req: Request, res: Response) => { router.delete(
const { channel_id, overwrite_id } = req.params; "/:overwrite_id",
route({ permission: "MANAGE_ROLES" }),
async (req: Request, res: Response) => {
const { channel_id, overwrite_id } = req.params;
const channel = await Channel.findOneOrFail({ where: { id: channel_id } }); const channel = await Channel.findOneOrFail({
if (!channel.guild_id) throw new HTTPError("Channel not found", 404); where: { id: channel_id },
});
if (!channel.guild_id) throw new HTTPError("Channel not found", 404);
channel.permission_overwrites = channel.permission_overwrites!.filter((x) => x.id === overwrite_id); channel.permission_overwrites = channel.permission_overwrites!.filter(
(x) => x.id === overwrite_id,
);
await Promise.all([ await Promise.all([
channel.save(), channel.save(),
emitEvent({ emitEvent({
event: "CHANNEL_UPDATE", event: "CHANNEL_UPDATE",
channel_id, channel_id,
data: channel data: channel,
} as ChannelUpdateEvent) } as ChannelUpdateEvent),
]); ]);
return res.sendStatus(204); return res.sendStatus(204);
}); },
);
export default router; export default router;

View File

@ -6,7 +6,7 @@ import {
getPermission, getPermission,
Message, Message,
MessageUpdateEvent, MessageUpdateEvent,
DiscordApiErrors DiscordApiErrors,
} from "@fosscord/util"; } from "@fosscord/util";
import { Router, Request, Response } from "express"; import { Router, Request, Response } from "express";
import { HTTPError } from "lambert-server"; import { HTTPError } from "lambert-server";
@ -14,77 +14,100 @@ import { route } from "@fosscord/api";
const router: Router = Router(); const router: Router = Router();
router.put("/:message_id", route({ permission: "VIEW_CHANNEL" }), async (req: Request, res: Response) => { router.put(
const { channel_id, message_id } = req.params; "/:message_id",
route({ permission: "VIEW_CHANNEL" }),
async (req: Request, res: Response) => {
const { channel_id, message_id } = req.params;
const message = await Message.findOneOrFail({ where: { id: message_id } }); const message = await Message.findOneOrFail({
where: { id: message_id },
});
// * in dm channels anyone can pin messages -> only check for guilds // * in dm channels anyone can pin messages -> only check for guilds
if (message.guild_id) req.permission!.hasThrow("MANAGE_MESSAGES"); if (message.guild_id) req.permission!.hasThrow("MANAGE_MESSAGES");
const pinned_count = await Message.count({ where: { channel: { id: channel_id }, pinned: true } }); const pinned_count = await Message.count({
const { maxPins } = Config.get().limits.channel; where: { channel: { id: channel_id }, pinned: true },
if (pinned_count >= maxPins) throw DiscordApiErrors.MAXIMUM_PINS.withParams(maxPins); });
const { maxPins } = Config.get().limits.channel;
if (pinned_count >= maxPins)
throw DiscordApiErrors.MAXIMUM_PINS.withParams(maxPins);
await Promise.all([ await Promise.all([
Message.update({ id: message_id }, { pinned: true }), Message.update({ id: message_id }, { pinned: true }),
emitEvent({ emitEvent({
event: "MESSAGE_UPDATE", event: "MESSAGE_UPDATE",
channel_id,
data: message
} as MessageUpdateEvent),
emitEvent({
event: "CHANNEL_PINS_UPDATE",
channel_id,
data: {
channel_id, channel_id,
guild_id: message.guild_id, data: message,
last_pin_timestamp: undefined } as MessageUpdateEvent),
} emitEvent({
} as ChannelPinsUpdateEvent) event: "CHANNEL_PINS_UPDATE",
]);
res.sendStatus(204);
});
router.delete("/:message_id", route({ permission: "VIEW_CHANNEL" }), async (req: Request, res: Response) => {
const { channel_id, message_id } = req.params;
const channel = await Channel.findOneOrFail({ where: { id: channel_id } });
if (channel.guild_id) req.permission!.hasThrow("MANAGE_MESSAGES");
const message = await Message.findOneOrFail({ where: { id: message_id } });
message.pinned = false;
await Promise.all([
message.save(),
emitEvent({
event: "MESSAGE_UPDATE",
channel_id,
data: message
} as MessageUpdateEvent),
emitEvent({
event: "CHANNEL_PINS_UPDATE",
channel_id,
data: {
channel_id, channel_id,
guild_id: channel.guild_id, data: {
last_pin_timestamp: undefined channel_id,
} guild_id: message.guild_id,
} as ChannelPinsUpdateEvent) last_pin_timestamp: undefined,
]); },
} as ChannelPinsUpdateEvent),
]);
res.sendStatus(204); res.sendStatus(204);
}); },
);
router.get("/", route({ permission: ["READ_MESSAGE_HISTORY"] }), async (req: Request, res: Response) => { router.delete(
const { channel_id } = req.params; "/:message_id",
route({ permission: "VIEW_CHANNEL" }),
async (req: Request, res: Response) => {
const { channel_id, message_id } = req.params;
let pins = await Message.find({ where: { channel_id: channel_id, pinned: true } }); const channel = await Channel.findOneOrFail({
where: { id: channel_id },
});
if (channel.guild_id) req.permission!.hasThrow("MANAGE_MESSAGES");
res.send(pins); const message = await Message.findOneOrFail({
}); where: { id: message_id },
});
message.pinned = false;
await Promise.all([
message.save(),
emitEvent({
event: "MESSAGE_UPDATE",
channel_id,
data: message,
} as MessageUpdateEvent),
emitEvent({
event: "CHANNEL_PINS_UPDATE",
channel_id,
data: {
channel_id,
guild_id: channel.guild_id,
last_pin_timestamp: undefined,
},
} as ChannelPinsUpdateEvent),
]);
res.sendStatus(204);
},
);
router.get(
"/",
route({ permission: ["READ_MESSAGE_HISTORY"] }),
async (req: Request, res: Response) => {
const { channel_id } = req.params;
let pins = await Message.find({
where: { channel_id: channel_id, pinned: true },
});
res.send(pins);
},
);
export default router; export default router;

View File

@ -21,52 +21,79 @@ export default router;
/** /**
TODO: apply the delete bit by bit to prevent client and database stress TODO: apply the delete bit by bit to prevent client and database stress
**/ **/
router.post("/", route({ /*body: "PurgeSchema",*/ }), async (req: Request, res: Response) => { router.post(
const { channel_id } = req.params; "/",
const channel = await Channel.findOneOrFail({ where: { id: channel_id } }); route({
/*body: "PurgeSchema",*/
}),
async (req: Request, res: Response) => {
const { channel_id } = req.params;
const channel = await Channel.findOneOrFail({
where: { id: channel_id },
});
if (!channel.guild_id) throw new HTTPError("Can't purge dm channels", 400); if (!channel.guild_id)
isTextChannel(channel.type); throw new HTTPError("Can't purge dm channels", 400);
isTextChannel(channel.type);
const rights = await getRights(req.user_id); const rights = await getRights(req.user_id);
if (!rights.has("MANAGE_MESSAGES")) { if (!rights.has("MANAGE_MESSAGES")) {
const permissions = await getPermission(req.user_id, channel.guild_id, channel_id); const permissions = await getPermission(
permissions.hasThrow("MANAGE_MESSAGES"); req.user_id,
permissions.hasThrow("MANAGE_CHANNELS"); channel.guild_id,
} channel_id,
);
permissions.hasThrow("MANAGE_MESSAGES");
permissions.hasThrow("MANAGE_CHANNELS");
}
const { before, after } = req.body as PurgeSchema; const { before, after } = req.body as PurgeSchema;
// TODO: send the deletion event bite-by-bite to prevent client stress // TODO: send the deletion event bite-by-bite to prevent client stress
var query: FindManyOptions<Message> & { where: { id?: any; }; } = { var query: FindManyOptions<Message> & { where: { id?: any } } = {
order: { id: "ASC" }, order: { id: "ASC" },
// take: limit, // take: limit,
where: { where: {
channel_id,
id: Between(after, before), // the right way around
author_id: rights.has("SELF_DELETE_MESSAGES")
? undefined
: Not(req.user_id),
// if you lack the right of self-deletion, you can't delete your own messages, even in purges
},
relations: [
"author",
"webhook",
"application",
"mentions",
"mention_roles",
"mention_channels",
"sticker_items",
"attachments",
],
};
const messages = await Message.find(query);
const endpoint = Config.get().cdn.endpointPublic;
if (messages.length == 0) {
res.sendStatus(304);
return;
}
await Message.delete(messages.map((x) => x.id));
await emitEvent({
event: "MESSAGE_DELETE_BULK",
channel_id, channel_id,
id: Between(after, before), // the right way around data: {
author_id: rights.has("SELF_DELETE_MESSAGES") ? undefined : Not(req.user_id) ids: messages.map((x) => x.id),
// if you lack the right of self-deletion, you can't delete your own messages, even in purges channel_id,
}, guild_id: channel.guild_id,
relations: ["author", "webhook", "application", "mentions", "mention_roles", "mention_channels", "sticker_items", "attachments"] },
}; } as MessageDeleteBulkEvent);
res.sendStatus(204);
const messages = await Message.find(query); },
const endpoint = Config.get().cdn.endpointPublic; );
if (messages.length == 0) {
res.sendStatus(304);
return;
}
await Message.delete(messages.map((x) => x.id));
await emitEvent({
event: "MESSAGE_DELETE_BULK",
channel_id,
data: { ids: messages.map(x => x.id), channel_id, guild_id: channel.guild_id }
} as MessageDeleteBulkEvent);
res.sendStatus(204);
});

View File

@ -8,7 +8,7 @@ import {
emitEvent, emitEvent,
PublicUserProjection, PublicUserProjection,
Recipient, Recipient,
User User,
} from "@fosscord/util"; } from "@fosscord/util";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
@ -16,34 +16,48 @@ const router: Router = Router();
router.put("/:user_id", route({}), async (req: Request, res: Response) => { router.put("/:user_id", route({}), async (req: Request, res: Response) => {
const { channel_id, user_id } = req.params; const { channel_id, user_id } = req.params;
const channel = await Channel.findOneOrFail({ where: { id: channel_id }, relations: ["recipients"] }); const channel = await Channel.findOneOrFail({
where: { id: channel_id },
relations: ["recipients"],
});
if (channel.type !== ChannelType.GROUP_DM) { if (channel.type !== ChannelType.GROUP_DM) {
const recipients = [...channel.recipients!.map((r) => r.user_id), user_id].unique(); const recipients = [
...channel.recipients!.map((r) => r.user_id),
user_id,
].unique();
const new_channel = await Channel.createDMChannel(recipients, req.user_id); const new_channel = await Channel.createDMChannel(
recipients,
req.user_id,
);
return res.status(201).json(new_channel); return res.status(201).json(new_channel);
} else { } else {
if (channel.recipients!.map((r) => r.user_id).includes(user_id)) { if (channel.recipients!.map((r) => r.user_id).includes(user_id)) {
throw DiscordApiErrors.INVALID_RECIPIENT; //TODO is this the right error? throw DiscordApiErrors.INVALID_RECIPIENT; //TODO is this the right error?
} }
channel.recipients!.push(Recipient.create({ channel_id: channel_id, user_id: user_id })); channel.recipients!.push(
Recipient.create({ channel_id: channel_id, user_id: user_id }),
);
await channel.save(); await channel.save();
await emitEvent({ await emitEvent({
event: "CHANNEL_CREATE", event: "CHANNEL_CREATE",
data: await DmChannelDTO.from(channel, [user_id]), data: await DmChannelDTO.from(channel, [user_id]),
user_id: user_id user_id: user_id,
}); });
await emitEvent({ await emitEvent({
event: "CHANNEL_RECIPIENT_ADD", event: "CHANNEL_RECIPIENT_ADD",
data: { data: {
channel_id: channel_id, channel_id: channel_id,
user: await User.findOneOrFail({ where: { id: user_id }, select: PublicUserProjection }) user: await User.findOneOrFail({
where: { id: user_id },
select: PublicUserProjection,
}),
}, },
channel_id: channel_id channel_id: channel_id,
} as ChannelRecipientAddEvent); } as ChannelRecipientAddEvent);
return res.sendStatus(204); return res.sendStatus(204);
} }
@ -51,8 +65,16 @@ router.put("/:user_id", route({}), async (req: Request, res: Response) => {
router.delete("/:user_id", route({}), async (req: Request, res: Response) => { router.delete("/:user_id", route({}), async (req: Request, res: Response) => {
const { channel_id, user_id } = req.params; const { channel_id, user_id } = req.params;
const channel = await Channel.findOneOrFail({ where: { id: channel_id }, relations: ["recipients"] }); const channel = await Channel.findOneOrFail({
if (!(channel.type === ChannelType.GROUP_DM && (channel.owner_id === req.user_id || user_id === req.user_id))) where: { id: channel_id },
relations: ["recipients"],
});
if (
!(
channel.type === ChannelType.GROUP_DM &&
(channel.owner_id === req.user_id || user_id === req.user_id)
)
)
throw DiscordApiErrors.MISSING_PERMISSIONS; throw DiscordApiErrors.MISSING_PERMISSIONS;
if (!channel.recipients!.map((r) => r.user_id).includes(user_id)) { if (!channel.recipients!.map((r) => r.user_id).includes(user_id)) {

View File

@ -4,26 +4,42 @@ import { Router, Request, Response } from "express";
const router: Router = Router(); const router: Router = Router();
router.post("/", route({ permission: "SEND_MESSAGES" }), async (req: Request, res: Response) => { router.post(
const { channel_id } = req.params; "/",
const user_id = req.user_id; route({ permission: "SEND_MESSAGES" }),
const timestamp = Date.now(); async (req: Request, res: Response) => {
const channel = await Channel.findOneOrFail({ where: { id: channel_id } }); const { channel_id } = req.params;
const member = await Member.findOne({ where: { id: user_id, guild_id: channel.guild_id }, relations: ["roles", "user"] }); const user_id = req.user_id;
const timestamp = Date.now();
const channel = await Channel.findOneOrFail({
where: { id: channel_id },
});
const member = await Member.findOne({
where: { id: user_id, guild_id: channel.guild_id },
relations: ["roles", "user"],
});
await emitEvent({ await emitEvent({
event: "TYPING_START", event: "TYPING_START",
channel_id: channel_id, channel_id: channel_id,
data: { data: {
...(member ? { member: { ...member, roles: member?.roles?.map((x) => x.id) } } : null), ...(member
channel_id, ? {
timestamp, member: {
user_id, ...member,
guild_id: channel.guild_id roles: member?.roles?.map((x) => x.id),
} },
} as TypingStartEvent); }
: null),
channel_id,
timestamp,
user_id,
guild_id: channel.guild_id,
},
} as TypingStartEvent);
res.sendStatus(204); res.sendStatus(204);
}); },
);
export default router; export default router;

View File

@ -13,22 +13,29 @@ router.get("/", route({}), async (req: Request, res: Response) => {
}); });
// TODO: use Image Data Type for avatar instead of String // TODO: use Image Data Type for avatar instead of String
router.post("/", route({ body: "WebhookCreateSchema", permission: "MANAGE_WEBHOOKS" }), async (req: Request, res: Response) => { router.post(
const channel_id = req.params.channel_id; "/",
const channel = await Channel.findOneOrFail({ where: { id: channel_id } }); route({ body: "WebhookCreateSchema", permission: "MANAGE_WEBHOOKS" }),
async (req: Request, res: Response) => {
const channel_id = req.params.channel_id;
const channel = await Channel.findOneOrFail({
where: { id: channel_id },
});
isTextChannel(channel.type); isTextChannel(channel.type);
if (!channel.guild_id) throw new HTTPError("Not a guild channel", 400); if (!channel.guild_id) throw new HTTPError("Not a guild channel", 400);
const webhook_count = await Webhook.count({ where: { channel_id } }); const webhook_count = await Webhook.count({ where: { channel_id } });
const { maxWebhooks } = Config.get().limits.channel; const { maxWebhooks } = Config.get().limits.channel;
if (webhook_count > maxWebhooks) throw DiscordApiErrors.MAXIMUM_WEBHOOKS.withParams(maxWebhooks); if (webhook_count > maxWebhooks)
throw DiscordApiErrors.MAXIMUM_WEBHOOKS.withParams(maxWebhooks);
var { avatar, name } = req.body as { name: string; avatar?: string }; var { avatar, name } = req.body as { name: string; avatar?: string };
name = trimSpecial(name); name = trimSpecial(name);
if (name === "clyde") throw new HTTPError("Invalid name", 400); if (name === "clyde") throw new HTTPError("Invalid name", 400);
// TODO: save webhook in database and send response // TODO: save webhook in database and send response
}); },
);
export default router; export default router;

View File

@ -17,19 +17,33 @@ router.get("/", route({}), async (req: Request, res: Response) => {
if (categories == undefined) { if (categories == undefined) {
guilds = showAllGuilds guilds = showAllGuilds
? await Guild.find({ take: Math.abs(Number(limit || configLimit)) }) ? await Guild.find({ take: Math.abs(Number(limit || configLimit)) })
: await Guild.find({ where: { features: Like(`%DISCOVERABLE%`) }, take: Math.abs(Number(limit || configLimit)) }); : await Guild.find({
where: { features: Like(`%DISCOVERABLE%`) },
take: Math.abs(Number(limit || configLimit)),
});
} else { } else {
guilds = showAllGuilds guilds = showAllGuilds
? await Guild.find({ where: { primary_category_id: categories.toString() }, take: Math.abs(Number(limit || configLimit)) }) ? await Guild.find({
where: { primary_category_id: categories.toString() },
take: Math.abs(Number(limit || configLimit)),
})
: await Guild.find({ : await Guild.find({
where: { primary_category_id: categories.toString(), features: Like("%DISCOVERABLE%") }, where: {
take: Math.abs(Number(limit || configLimit)) primary_category_id: categories.toString(),
}); features: Like("%DISCOVERABLE%"),
},
take: Math.abs(Number(limit || configLimit)),
});
} }
const total = guilds ? guilds.length : undefined; const total = guilds ? guilds.length : undefined;
res.send({ total: total, guilds: guilds, offset: Number(offset || Config.get().guild.discovery.offset), limit: Number(limit || configLimit) }); res.send({
total: total,
guilds: guilds,
offset: Number(offset || Config.get().guild.discovery.offset),
limit: Number(limit || configLimit),
});
}); });
export default router; export default router;

View File

@ -10,7 +10,9 @@ router.get("/categories", route({}), async (req: Request, res: Response) => {
const { locale, primary_only } = req.query; const { locale, primary_only } = req.query;
const out = primary_only ? await Categories.find() : await Categories.find({ where: { is_primary: true } }); const out = primary_only
? await Categories.find()
: await Categories.find({ where: { is_primary: true } });
res.send(out); res.send(out);
}); });

View File

@ -10,9 +10,12 @@ router.get("/:branch", route({}), async (req: Request, res: Response) => {
const { platform } = req.query; const { platform } = req.query;
//TODO //TODO
if (!platform || !["linux", "osx", "win"].includes(platform.toString())) return res.status(404); if (!platform || !["linux", "osx", "win"].includes(platform.toString()))
return res.status(404);
const release = await Release.findOneOrFail({ where: { name: client.releases.upstreamVersion } }); const release = await Release.findOneOrFail({
where: { name: client.releases.upstreamVersion },
});
res.redirect(release[`win_url`]); res.redirect(release[`win_url`]);
}); });

View File

@ -5,7 +5,7 @@ const router = Router();
router.get("/", route({}), (req: Request, res: Response) => { router.get("/", route({}), (req: Request, res: Response) => {
// TODO: // TODO:
res.send({ fingerprint: "", assignments: [], guild_experiments:[] }); res.send({ fingerprint: "", assignments: [], guild_experiments: [] });
}); });
export default router; export default router;

View File

@ -18,9 +18,9 @@ export interface GatewayBotResponse {
const options: RouteOptions = { const options: RouteOptions = {
test: { test: {
response: { response: {
body: "GatewayBotResponse" body: "GatewayBotResponse",
} },
} },
}; };
router.get("/", route(options), (req: Request, res: Response) => { router.get("/", route(options), (req: Request, res: Response) => {
@ -32,8 +32,8 @@ router.get("/", route(options), (req: Request, res: Response) => {
total: 1000, total: 1000,
remaining: 999, remaining: 999,
reset_after: 14400000, reset_after: 14400000,
max_concurrency: 1 max_concurrency: 1,
} },
}); });
}); });

View File

@ -11,14 +11,16 @@ export interface GatewayResponse {
const options: RouteOptions = { const options: RouteOptions = {
test: { test: {
response: { response: {
body: "GatewayResponse" body: "GatewayResponse",
} },
} },
}; };
router.get("/", route(options), (req: Request, res: Response) => { router.get("/", route(options), (req: Request, res: Response) => {
const { endpointPublic } = Config.get().gateway; const { endpointPublic } = Config.get().gateway;
res.json({ url: endpointPublic || process.env.GATEWAY || "ws://localhost:3002" }); res.json({
url: endpointPublic || process.env.GATEWAY || "ws://localhost:3002",
});
}); });
export default router; export default router;

View File

@ -1,6 +1,6 @@
import { Router, Response, Request } from "express"; import { Router, Response, Request } from "express";
import fetch from "node-fetch"; import fetch from "node-fetch";
import ProxyAgent from 'proxy-agent'; import ProxyAgent from "proxy-agent";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
import { getGifApiKey, parseGifResult } from "./trending"; import { getGifApiKey, parseGifResult } from "./trending";
@ -11,16 +11,19 @@ router.get("/", route({}), async (req: Request, res: Response) => {
const { q, media_format, locale } = req.query; const { q, media_format, locale } = req.query;
const apiKey = getGifApiKey(); const apiKey = getGifApiKey();
const agent = new ProxyAgent(); const agent = new ProxyAgent();
const response = await fetch(`https://g.tenor.com/v1/search?q=${q}&media_format=${media_format}&locale=${locale}&key=${apiKey}`, { const response = await fetch(
agent, `https://g.tenor.com/v1/search?q=${q}&media_format=${media_format}&locale=${locale}&key=${apiKey}`,
method: "get", {
headers: { "Content-Type": "application/json" } agent,
}); method: "get",
headers: { "Content-Type": "application/json" },
},
);
const { results } = await response.json() as any; // TODO: types const { results } = (await response.json()) as any; // TODO: types
res.json(results.map(parseGifResult)).status(200); res.json(results.map(parseGifResult)).status(200);
}); });

View File

@ -1,6 +1,6 @@
import { Router, Response, Request } from "express"; import { Router, Response, Request } from "express";
import fetch from "node-fetch"; import fetch from "node-fetch";
import ProxyAgent from 'proxy-agent'; import ProxyAgent from "proxy-agent";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
import { getGifApiKey, parseGifResult } from "./trending"; import { getGifApiKey, parseGifResult } from "./trending";
@ -11,16 +11,19 @@ router.get("/", route({}), async (req: Request, res: Response) => {
const { media_format, locale } = req.query; const { media_format, locale } = req.query;
const apiKey = getGifApiKey(); const apiKey = getGifApiKey();
const agent = new ProxyAgent(); const agent = new ProxyAgent();
const response = await fetch(`https://g.tenor.com/v1/trending?media_format=${media_format}&locale=${locale}&key=${apiKey}`, { const response = await fetch(
agent, `https://g.tenor.com/v1/trending?media_format=${media_format}&locale=${locale}&key=${apiKey}`,
method: "get", {
headers: { "Content-Type": "application/json" } agent,
}); method: "get",
headers: { "Content-Type": "application/json" },
},
);
const { results } = await response.json() as any; // TODO: types const { results } = (await response.json()) as any; // TODO: types
res.json(results.map(parseGifResult)).status(200); res.json(results.map(parseGifResult)).status(200);
}); });

View File

@ -1,6 +1,6 @@
import { Router, Response, Request } from "express"; import { Router, Response, Request } from "express";
import fetch from "node-fetch"; import fetch from "node-fetch";
import ProxyAgent from 'proxy-agent'; import ProxyAgent from "proxy-agent";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
import { Config } from "@fosscord/util"; import { Config } from "@fosscord/util";
import { HTTPError } from "lambert-server"; import { HTTPError } from "lambert-server";
@ -16,14 +16,15 @@ export function parseGifResult(result: any) {
gif_src: result.media[0].gif.url, gif_src: result.media[0].gif.url,
width: result.media[0].mp4.dims[0], width: result.media[0].mp4.dims[0],
height: result.media[0].mp4.dims[1], height: result.media[0].mp4.dims[1],
preview: result.media[0].mp4.preview preview: result.media[0].mp4.preview,
}; };
} }
export function getGifApiKey() { export function getGifApiKey() {
const { enabled, provider, apiKey } = Config.get().gif; const { enabled, provider, apiKey } = Config.get().gif;
if (!enabled) throw new HTTPError(`Gifs are disabled`); if (!enabled) throw new HTTPError(`Gifs are disabled`);
if (provider !== "tenor" || !apiKey) throw new HTTPError(`${provider} gif provider not supported`); if (provider !== "tenor" || !apiKey)
throw new HTTPError(`${provider} gif provider not supported`);
return apiKey; return apiKey;
} }
@ -34,28 +35,37 @@ router.get("/", route({}), async (req: Request, res: Response) => {
const { media_format, locale } = req.query; const { media_format, locale } = req.query;
const apiKey = getGifApiKey(); const apiKey = getGifApiKey();
const agent = new ProxyAgent(); const agent = new ProxyAgent();
const [responseSource, trendGifSource] = await Promise.all([ const [responseSource, trendGifSource] = await Promise.all([
fetch(`https://g.tenor.com/v1/categories?locale=${locale}&key=${apiKey}`, { fetch(
agent, `https://g.tenor.com/v1/categories?locale=${locale}&key=${apiKey}`,
method: "get", {
headers: { "Content-Type": "application/json" } agent,
}), method: "get",
fetch(`https://g.tenor.com/v1/trending?locale=${locale}&key=${apiKey}`, { headers: { "Content-Type": "application/json" },
agent, },
method: "get", ),
headers: { "Content-Type": "application/json" } fetch(
}) `https://g.tenor.com/v1/trending?locale=${locale}&key=${apiKey}`,
{
agent,
method: "get",
headers: { "Content-Type": "application/json" },
},
),
]); ]);
const { tags } = await responseSource.json() as any; // TODO: types const { tags } = (await responseSource.json()) as any; // TODO: types
const { results } = await trendGifSource.json() as any; //TODO: types; const { results } = (await trendGifSource.json()) as any; //TODO: types;
res.json({ res.json({
categories: tags.map((x: any) => ({ name: x.searchterm, src: x.image })), categories: tags.map((x: any) => ({
gifs: [parseGifResult(results[0])] name: x.searchterm,
src: x.image,
})),
gifs: [parseGifResult(results[0])],
}).status(200); }).status(200);
}); });

View File

@ -13,12 +13,21 @@ router.get("/", route({}), async (req: Request, res: Response) => {
// TODO: implement this with default typeorm query // TODO: implement this with default typeorm query
// const guilds = await Guild.find({ where: { features: "DISCOVERABLE" } }); //, take: Math.abs(Number(limit)) }); // const guilds = await Guild.find({ where: { features: "DISCOVERABLE" } }); //, take: Math.abs(Number(limit)) });
const genLoadId = (size: Number) => [...Array(size)].map(() => Math.floor(Math.random() * 16).toString(16)).join(''); const genLoadId = (size: Number) =>
[...Array(size)]
.map(() => Math.floor(Math.random() * 16).toString(16))
.join("");
const guilds = showAllGuilds const guilds = showAllGuilds
? await Guild.find({ take: Math.abs(Number(limit || 24)) }) ? await Guild.find({ take: Math.abs(Number(limit || 24)) })
: await Guild.find({ where: { features: Like("%DISCOVERABLE%") }, take: Math.abs(Number(limit || 24)) }); : await Guild.find({
res.send({ recommended_guilds: guilds, load_id: `server_recs/${genLoadId(32)}` }).status(200); where: { features: Like("%DISCOVERABLE%") },
take: Math.abs(Number(limit || 24)),
});
res.send({
recommended_guilds: guilds,
load_id: `server_recs/${genLoadId(32)}`,
}).status(200);
}); });
export default router; export default router;

View File

@ -11,7 +11,7 @@ router.get("/", route({}), async (req: Request, res: Response) => {
webhooks: [], webhooks: [],
guild_scheduled_events: [], guild_scheduled_events: [],
threads: [], threads: [],
application_commands: [] application_commands: [],
}); });
}); });
export default router; export default router;

View File

@ -1,5 +1,15 @@
import { Request, Response, Router } from "express"; import { Request, Response, Router } from "express";
import { DiscordApiErrors, emitEvent, GuildBanAddEvent, GuildBanRemoveEvent, Ban, User, Member, BanRegistrySchema, BanModeratorSchema } from "@fosscord/util"; import {
DiscordApiErrors,
emitEvent,
GuildBanAddEvent,
GuildBanRemoveEvent,
Ban,
User,
Member,
BanRegistrySchema,
BanModeratorSchema,
} from "@fosscord/util";
import { HTTPError } from "lambert-server"; import { HTTPError } from "lambert-server";
import { getIpAdress, route } from "@fosscord/api"; import { getIpAdress, route } from "@fosscord/api";
@ -7,150 +17,184 @@ const router: Router = Router();
/* TODO: Deleting the secrets is just a temporary go-around. Views should be implemented for both safety and better handling. */ /* TODO: Deleting the secrets is just a temporary go-around. Views should be implemented for both safety and better handling. */
router.get("/", route({ permission: "BAN_MEMBERS" }), async (req: Request, res: Response) => { router.get(
const { guild_id } = req.params; "/",
route({ permission: "BAN_MEMBERS" }),
async (req: Request, res: Response) => {
const { guild_id } = req.params;
let bans = await Ban.find({ where: { guild_id: guild_id } }); let bans = await Ban.find({ where: { guild_id: guild_id } });
let promisesToAwait: object[] = []; let promisesToAwait: object[] = [];
const bansObj: object[] = []; const bansObj: object[] = [];
bans.filter((ban) => ban.user_id !== ban.executor_id); // pretend self-bans don't exist to prevent victim chasing bans.filter((ban) => ban.user_id !== ban.executor_id); // pretend self-bans don't exist to prevent victim chasing
bans.forEach((ban) => { bans.forEach((ban) => {
promisesToAwait.push(User.getPublicUser(ban.user_id)); promisesToAwait.push(User.getPublicUser(ban.user_id));
});
const bannedUsers: object[] = await Promise.all(promisesToAwait);
bans.forEach((ban, index) => {
const user = bannedUsers[index] as User;
bansObj.push({
reason: ban.reason,
user: {
username: user.username,
discriminator: user.discriminator,
id: user.id,
avatar: user.avatar,
public_flags: user.public_flags
}
}); });
});
return res.json(bansObj); const bannedUsers: object[] = await Promise.all(promisesToAwait);
});
router.get("/:user", route({ permission: "BAN_MEMBERS" }), async (req: Request, res: Response) => { bans.forEach((ban, index) => {
const { guild_id } = req.params; const user = bannedUsers[index] as User;
const user_id = req.params.ban; bansObj.push({
reason: ban.reason,
user: {
username: user.username,
discriminator: user.discriminator,
id: user.id,
avatar: user.avatar,
public_flags: user.public_flags,
},
});
});
let ban = await Ban.findOneOrFail({ where: { guild_id: guild_id, user_id: user_id } }) as BanRegistrySchema; return res.json(bansObj);
},
);
if (ban.user_id === ban.executor_id) throw DiscordApiErrors.UNKNOWN_BAN; router.get(
// pretend self-bans don't exist to prevent victim chasing "/:user",
route({ permission: "BAN_MEMBERS" }),
async (req: Request, res: Response) => {
const { guild_id } = req.params;
const user_id = req.params.ban;
/* Filter secret from registry. */ let ban = (await Ban.findOneOrFail({
where: { guild_id: guild_id, user_id: user_id },
})) as BanRegistrySchema;
ban = ban as BanModeratorSchema; if (ban.user_id === ban.executor_id) throw DiscordApiErrors.UNKNOWN_BAN;
// pretend self-bans don't exist to prevent victim chasing
delete ban.ip; /* Filter secret from registry. */
return res.json(ban); ban = ban as BanModeratorSchema;
});
router.put("/:user_id", route({ body: "BanCreateSchema", permission: "BAN_MEMBERS" }), async (req: Request, res: Response) => { delete ban.ip;
const { guild_id } = req.params;
const banned_user_id = req.params.user_id;
if ((req.user_id === banned_user_id) && (banned_user_id === req.permission!.cache.guild?.owner_id)) return res.json(ban);
throw new HTTPError("You are the guild owner, hence can't ban yourself", 403); },
);
if (req.permission!.cache.guild?.owner_id === banned_user_id) throw new HTTPError("You can't ban the owner", 400); router.put(
"/:user_id",
route({ body: "BanCreateSchema", permission: "BAN_MEMBERS" }),
async (req: Request, res: Response) => {
const { guild_id } = req.params;
const banned_user_id = req.params.user_id;
const banned_user = await User.getPublicUser(banned_user_id); if (
req.user_id === banned_user_id &&
banned_user_id === req.permission!.cache.guild?.owner_id
)
throw new HTTPError(
"You are the guild owner, hence can't ban yourself",
403,
);
const ban = Ban.create({ if (req.permission!.cache.guild?.owner_id === banned_user_id)
user_id: banned_user_id, throw new HTTPError("You can't ban the owner", 400);
guild_id: guild_id,
ip: getIpAdress(req),
executor_id: req.user_id,
reason: req.body.reason // || otherwise empty
});
await Promise.all([ const banned_user = await User.getPublicUser(banned_user_id);
Member.removeFromGuild(banned_user_id, guild_id),
ban.save(), const ban = Ban.create({
emitEvent({ user_id: banned_user_id,
event: "GUILD_BAN_ADD", guild_id: guild_id,
data: { ip: getIpAdress(req),
executor_id: req.user_id,
reason: req.body.reason, // || otherwise empty
});
await Promise.all([
Member.removeFromGuild(banned_user_id, guild_id),
ban.save(),
emitEvent({
event: "GUILD_BAN_ADD",
data: {
guild_id: guild_id,
user: banned_user,
},
guild_id: guild_id, guild_id: guild_id,
user: banned_user } as GuildBanAddEvent),
}, ]);
guild_id: guild_id
} as GuildBanAddEvent)
]);
return res.json(ban); return res.json(ban);
}); },
);
router.put("/@me", route({ body: "BanCreateSchema" }), async (req: Request, res: Response) => { router.put(
const { guild_id } = req.params; "/@me",
route({ body: "BanCreateSchema" }),
async (req: Request, res: Response) => {
const { guild_id } = req.params;
const banned_user = await User.getPublicUser(req.params.user_id); const banned_user = await User.getPublicUser(req.params.user_id);
if (req.permission!.cache.guild?.owner_id === req.params.user_id) if (req.permission!.cache.guild?.owner_id === req.params.user_id)
throw new HTTPError("You are the guild owner, hence can't ban yourself", 403); throw new HTTPError(
"You are the guild owner, hence can't ban yourself",
403,
);
const ban = Ban.create({ const ban = Ban.create({
user_id: req.params.user_id, user_id: req.params.user_id,
guild_id: guild_id, guild_id: guild_id,
ip: getIpAdress(req), ip: getIpAdress(req),
executor_id: req.params.user_id, executor_id: req.params.user_id,
reason: req.body.reason // || otherwise empty reason: req.body.reason, // || otherwise empty
}); });
await Promise.all([ await Promise.all([
Member.removeFromGuild(req.user_id, guild_id), Member.removeFromGuild(req.user_id, guild_id),
ban.save(), ban.save(),
emitEvent({ emitEvent({
event: "GUILD_BAN_ADD", event: "GUILD_BAN_ADD",
data: { data: {
guild_id: guild_id,
user: banned_user,
},
guild_id: guild_id, guild_id: guild_id,
user: banned_user } as GuildBanAddEvent),
}, ]);
guild_id: guild_id
} as GuildBanAddEvent)
]);
return res.json(ban); return res.json(ban);
}); },
);
router.delete("/:user_id", route({ permission: "BAN_MEMBERS" }), async (req: Request, res: Response) => { router.delete(
const { guild_id, user_id } = req.params; "/:user_id",
route({ permission: "BAN_MEMBERS" }),
async (req: Request, res: Response) => {
const { guild_id, user_id } = req.params;
let ban = await Ban.findOneOrFail({ where: { guild_id: guild_id, user_id: user_id } }); let ban = await Ban.findOneOrFail({
where: { guild_id: guild_id, user_id: user_id },
});
if (ban.user_id === ban.executor_id) throw DiscordApiErrors.UNKNOWN_BAN; if (ban.user_id === ban.executor_id) throw DiscordApiErrors.UNKNOWN_BAN;
// make self-bans irreversible and hide them from view to avoid victim chasing // make self-bans irreversible and hide them from view to avoid victim chasing
const banned_user = await User.getPublicUser(user_id); const banned_user = await User.getPublicUser(user_id);
await Promise.all([ await Promise.all([
Ban.delete({ Ban.delete({
user_id: user_id, user_id: user_id,
guild_id
}),
emitEvent({
event: "GUILD_BAN_REMOVE",
data: {
guild_id, guild_id,
user: banned_user }),
},
guild_id
} as GuildBanRemoveEvent)
]);
return res.status(204).send(); emitEvent({
}); event: "GUILD_BAN_REMOVE",
data: {
guild_id,
user: banned_user,
},
guild_id,
} as GuildBanRemoveEvent),
]);
return res.status(204).send();
},
);
export default router; export default router;

View File

@ -1,5 +1,10 @@
import { Router, Response, Request } from "express"; import { Router, Response, Request } from "express";
import { Channel, ChannelUpdateEvent, emitEvent, ChannelModifySchema } from "@fosscord/util"; import {
Channel,
ChannelUpdateEvent,
emitEvent,
ChannelModifySchema,
} from "@fosscord/util";
import { HTTPError } from "lambert-server"; import { HTTPError } from "lambert-server";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
const router = Router(); const router = Router();
@ -11,49 +16,77 @@ router.get("/", route({}), async (req: Request, res: Response) => {
res.json(channels); res.json(channels);
}); });
router.post("/", route({ body: "ChannelModifySchema", permission: "MANAGE_CHANNELS" }), async (req: Request, res: Response) => { router.post(
// creates a new guild channel https://discord.com/developers/docs/resources/guild#create-guild-channel "/",
const { guild_id } = req.params; route({ body: "ChannelModifySchema", permission: "MANAGE_CHANNELS" }),
const body = req.body as ChannelModifySchema; async (req: Request, res: Response) => {
// creates a new guild channel https://discord.com/developers/docs/resources/guild#create-guild-channel
const { guild_id } = req.params;
const body = req.body as ChannelModifySchema;
const channel = await Channel.createChannel({ ...body, guild_id }, req.user_id); const channel = await Channel.createChannel(
{ ...body, guild_id },
req.user_id,
);
res.status(201).json(channel); res.status(201).json(channel);
}); },
);
export type ChannelReorderSchema = { id: string; position?: number; lock_permissions?: boolean; parent_id?: string; }[]; export type ChannelReorderSchema = {
id: string;
position?: number;
lock_permissions?: boolean;
parent_id?: string;
}[];
router.patch("/", route({ body: "ChannelReorderSchema", permission: "MANAGE_CHANNELS" }), async (req: Request, res: Response) => { router.patch(
// changes guild channel position "/",
const { guild_id } = req.params; route({ body: "ChannelReorderSchema", permission: "MANAGE_CHANNELS" }),
const body = req.body as ChannelReorderSchema; async (req: Request, res: Response) => {
// changes guild channel position
const { guild_id } = req.params;
const body = req.body as ChannelReorderSchema;
await Promise.all([ await Promise.all([
body.map(async (x) => { body.map(async (x) => {
if (x.position == null && !x.parent_id) throw new HTTPError(`You need to at least specify position or parent_id`, 400); if (x.position == null && !x.parent_id)
throw new HTTPError(
`You need to at least specify position or parent_id`,
400,
);
const opts: any = {}; const opts: any = {};
if (x.position != null) opts.position = x.position; if (x.position != null) opts.position = x.position;
if (x.parent_id) { if (x.parent_id) {
opts.parent_id = x.parent_id; opts.parent_id = x.parent_id;
const parent_channel = await Channel.findOneOrFail({ const parent_channel = await Channel.findOneOrFail({
where: { id: x.parent_id, guild_id }, where: { id: x.parent_id, guild_id },
select: ["permission_overwrites"] select: ["permission_overwrites"],
}); });
if (x.lock_permissions) { if (x.lock_permissions) {
opts.permission_overwrites = parent_channel.permission_overwrites; opts.permission_overwrites =
parent_channel.permission_overwrites;
}
} }
}
await Channel.update({ guild_id, id: x.id }, opts); await Channel.update({ guild_id, id: x.id }, opts);
const channel = await Channel.findOneOrFail({ where: { guild_id, id: x.id } }); const channel = await Channel.findOneOrFail({
where: { guild_id, id: x.id },
});
await emitEvent({ event: "CHANNEL_UPDATE", data: channel, channel_id: x.id, guild_id } as ChannelUpdateEvent); await emitEvent({
}) event: "CHANNEL_UPDATE",
]); data: channel,
channel_id: x.id,
guild_id,
} as ChannelUpdateEvent);
}),
]);
res.sendStatus(204); res.sendStatus(204);
}); },
);
export default router; export default router;

View File

@ -1,4 +1,14 @@
import { Channel, emitEvent, GuildDeleteEvent, Guild, Member, Message, Role, Invite, Emoji } from "@fosscord/util"; import {
Channel,
emitEvent,
GuildDeleteEvent,
Guild,
Member,
Message,
Role,
Invite,
Emoji,
} from "@fosscord/util";
import { Router, Request, Response } from "express"; import { Router, Request, Response } from "express";
import { HTTPError } from "lambert-server"; import { HTTPError } from "lambert-server";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
@ -10,18 +20,22 @@ const router = Router();
router.post("/", route({}), async (req: Request, res: Response) => { router.post("/", route({}), async (req: Request, res: Response) => {
var { guild_id } = req.params; var { guild_id } = req.params;
const guild = await Guild.findOneOrFail({ where: { id: guild_id }, select: ["owner_id"] }); const guild = await Guild.findOneOrFail({
if (guild.owner_id !== req.user_id) throw new HTTPError("You are not the owner of this guild", 401); where: { id: guild_id },
select: ["owner_id"],
});
if (guild.owner_id !== req.user_id)
throw new HTTPError("You are not the owner of this guild", 401);
await Promise.all([ await Promise.all([
Guild.delete({ id: guild_id }), // this will also delete all guild related data Guild.delete({ id: guild_id }), // this will also delete all guild related data
emitEvent({ emitEvent({
event: "GUILD_DELETE", event: "GUILD_DELETE",
data: { data: {
id: guild_id id: guild_id,
}, },
guild_id: guild_id guild_id: guild_id,
} as GuildDeleteEvent) } as GuildDeleteEvent),
]); ]);
return res.sendStatus(204); return res.sendStatus(204);

View File

@ -6,33 +6,33 @@ import { route } from "@fosscord/api";
const router = Router(); const router = Router();
router.get("/", route({}), async (req: Request, res: Response) => { router.get("/", route({}), async (req: Request, res: Response) => {
const { guild_id } = req.params; const { guild_id } = req.params;
// TODO: // TODO:
// Load from database // Load from database
// Admin control, but for now it allows anyone to be discoverable // Admin control, but for now it allows anyone to be discoverable
res.send({ res.send({
guild_id: guild_id, guild_id: guild_id,
safe_environment: true, safe_environment: true,
healthy: true, healthy: true,
health_score_pending: false, health_score_pending: false,
size: true, size: true,
nsfw_properties: {}, nsfw_properties: {},
protected: true, protected: true,
sufficient: true, sufficient: true,
sufficient_without_grace_period: true, sufficient_without_grace_period: true,
valid_rules_channel: true, valid_rules_channel: true,
retention_healthy: true, retention_healthy: true,
engagement_healthy: true, engagement_healthy: true,
age: true, age: true,
minimum_age: 0, minimum_age: 0,
health_score: { health_score: {
avg_nonnew_participators: 0, avg_nonnew_participators: 0,
avg_nonnew_communicators: 0, avg_nonnew_communicators: 0,
num_intentful_joiners: 0, num_intentful_joiners: 0,
perc_ret_w1_intentful: 0 perc_ret_w1_intentful: 0,
}, },
minimum_size: 0 minimum_size: 0,
}); });
}); });

View File

@ -1,5 +1,17 @@
import { Router, Request, Response } from "express"; import { Router, Request, Response } from "express";
import { Config, DiscordApiErrors, emitEvent, Emoji, GuildEmojisUpdateEvent, handleFile, Member, Snowflake, User, EmojiCreateSchema, EmojiModifySchema } from "@fosscord/util"; import {
Config,
DiscordApiErrors,
emitEvent,
Emoji,
GuildEmojisUpdateEvent,
handleFile,
Member,
Snowflake,
User,
EmojiCreateSchema,
EmojiModifySchema,
} from "@fosscord/util";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
const router = Router(); const router = Router();
@ -9,7 +21,10 @@ router.get("/", route({}), async (req: Request, res: Response) => {
await Member.IsInGuildOrFail(req.user_id, guild_id); await Member.IsInGuildOrFail(req.user_id, guild_id);
const emojis = await Emoji.find({ where: { guild_id: guild_id }, relations: ["user"] }); const emojis = await Emoji.find({
where: { guild_id: guild_id },
relations: ["user"],
});
return res.json(emojis); return res.json(emojis);
}); });
@ -19,89 +34,115 @@ router.get("/:emoji_id", route({}), async (req: Request, res: Response) => {
await Member.IsInGuildOrFail(req.user_id, guild_id); await Member.IsInGuildOrFail(req.user_id, guild_id);
const emoji = await Emoji.findOneOrFail({ where: { guild_id: guild_id, id: emoji_id }, relations: ["user"] }); const emoji = await Emoji.findOneOrFail({
where: { guild_id: guild_id, id: emoji_id },
relations: ["user"],
});
return res.json(emoji); return res.json(emoji);
}); });
router.post("/", route({ body: "EmojiCreateSchema", permission: "MANAGE_EMOJIS_AND_STICKERS" }), async (req: Request, res: Response) => { router.post(
const { guild_id } = req.params; "/",
const body = req.body as EmojiCreateSchema; route({
body: "EmojiCreateSchema",
const id = Snowflake.generate(); permission: "MANAGE_EMOJIS_AND_STICKERS",
const emoji_count = await Emoji.count({ where: { guild_id: guild_id } }); }),
const { maxEmojis } = Config.get().limits.guild;
if (emoji_count >= maxEmojis) throw DiscordApiErrors.MAXIMUM_NUMBER_OF_EMOJIS_REACHED.withParams(maxEmojis);
if (body.require_colons == null) body.require_colons = true;
const user = await User.findOneOrFail({ where: { id: req.user_id } });
body.image = (await handleFile(`/emojis/${id}`, body.image)) as string;
const emoji = await Emoji.create({
id: id,
guild_id: guild_id,
...body,
require_colons: body.require_colons ?? undefined, // schema allows nulls, db does not
user: user,
managed: false,
animated: false, // TODO: Add support animated emojis
available: true,
roles: []
}).save();
await emitEvent({
event: "GUILD_EMOJIS_UPDATE",
guild_id: guild_id,
data: {
guild_id: guild_id,
emojis: await Emoji.find({ where: { guild_id: guild_id } })
}
} as GuildEmojisUpdateEvent);
return res.status(201).json(emoji);
});
router.patch(
"/:emoji_id",
route({ body: "EmojiModifySchema", permission: "MANAGE_EMOJIS_AND_STICKERS" }),
async (req: Request, res: Response) => { async (req: Request, res: Response) => {
const { emoji_id, guild_id } = req.params; const { guild_id } = req.params;
const body = req.body as EmojiModifySchema; const body = req.body as EmojiCreateSchema;
const emoji = await Emoji.create({ ...body, id: emoji_id, guild_id: guild_id }).save(); const id = Snowflake.generate();
const emoji_count = await Emoji.count({
where: { guild_id: guild_id },
});
const { maxEmojis } = Config.get().limits.guild;
if (emoji_count >= maxEmojis)
throw DiscordApiErrors.MAXIMUM_NUMBER_OF_EMOJIS_REACHED.withParams(
maxEmojis,
);
if (body.require_colons == null) body.require_colons = true;
const user = await User.findOneOrFail({ where: { id: req.user_id } });
body.image = (await handleFile(`/emojis/${id}`, body.image)) as string;
const emoji = await Emoji.create({
id: id,
guild_id: guild_id,
...body,
require_colons: body.require_colons ?? undefined, // schema allows nulls, db does not
user: user,
managed: false,
animated: false, // TODO: Add support animated emojis
available: true,
roles: [],
}).save();
await emitEvent({ await emitEvent({
event: "GUILD_EMOJIS_UPDATE", event: "GUILD_EMOJIS_UPDATE",
guild_id: guild_id, guild_id: guild_id,
data: { data: {
guild_id: guild_id, guild_id: guild_id,
emojis: await Emoji.find({ where: { guild_id: guild_id } }) emojis: await Emoji.find({ where: { guild_id: guild_id } }),
} },
} as GuildEmojisUpdateEvent);
return res.status(201).json(emoji);
},
);
router.patch(
"/:emoji_id",
route({
body: "EmojiModifySchema",
permission: "MANAGE_EMOJIS_AND_STICKERS",
}),
async (req: Request, res: Response) => {
const { emoji_id, guild_id } = req.params;
const body = req.body as EmojiModifySchema;
const emoji = await Emoji.create({
...body,
id: emoji_id,
guild_id: guild_id,
}).save();
await emitEvent({
event: "GUILD_EMOJIS_UPDATE",
guild_id: guild_id,
data: {
guild_id: guild_id,
emojis: await Emoji.find({ where: { guild_id: guild_id } }),
},
} as GuildEmojisUpdateEvent); } as GuildEmojisUpdateEvent);
return res.json(emoji); return res.json(emoji);
} },
); );
router.delete("/:emoji_id", route({ permission: "MANAGE_EMOJIS_AND_STICKERS" }), async (req: Request, res: Response) => { router.delete(
const { emoji_id, guild_id } = req.params; "/:emoji_id",
route({ permission: "MANAGE_EMOJIS_AND_STICKERS" }),
async (req: Request, res: Response) => {
const { emoji_id, guild_id } = req.params;
await Emoji.delete({ await Emoji.delete({
id: emoji_id, id: emoji_id,
guild_id: guild_id
});
await emitEvent({
event: "GUILD_EMOJIS_UPDATE",
guild_id: guild_id,
data: {
guild_id: guild_id, guild_id: guild_id,
emojis: await Emoji.find({ where: { guild_id: guild_id } }) });
}
} as GuildEmojisUpdateEvent);
res.sendStatus(204); await emitEvent({
}); event: "GUILD_EMOJIS_UPDATE",
guild_id: guild_id,
data: {
guild_id: guild_id,
emojis: await Emoji.find({ where: { guild_id: guild_id } }),
},
} as GuildEmojisUpdateEvent);
res.sendStatus(204);
},
);
export default router; export default router;

View File

@ -1,5 +1,15 @@
import { Request, Response, Router } from "express"; import { Request, Response, Router } from "express";
import { DiscordApiErrors, emitEvent, getPermission, getRights, Guild, GuildUpdateEvent, handleFile, Member, GuildCreateSchema } from "@fosscord/util"; import {
DiscordApiErrors,
emitEvent,
getPermission,
getRights,
Guild,
GuildUpdateEvent,
handleFile,
Member,
GuildCreateSchema,
} from "@fosscord/util";
import { HTTPError } from "lambert-server"; import { HTTPError } from "lambert-server";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
@ -26,9 +36,13 @@ router.get("/", route({}), async (req: Request, res: Response) => {
const [guild, member] = await Promise.all([ const [guild, member] = await Promise.all([
Guild.findOneOrFail({ where: { id: guild_id } }), Guild.findOneOrFail({ where: { id: guild_id } }),
Member.findOne({ where: { guild_id: guild_id, id: req.user_id } }) Member.findOne({ where: { guild_id: guild_id, id: req.user_id } }),
]); ]);
if (!member) throw new HTTPError("You are not a member of the guild you are trying to access", 401); if (!member)
throw new HTTPError(
"You are not a member of the guild you are trying to access",
401,
);
// @ts-ignore // @ts-ignore
guild.joined_at = member?.joined_at; guild.joined_at = member?.joined_at;
@ -36,39 +50,57 @@ router.get("/", route({}), async (req: Request, res: Response) => {
return res.send(guild); return res.send(guild);
}); });
router.patch("/", route({ body: "GuildUpdateSchema" }), async (req: Request, res: Response) => { router.patch(
const body = req.body as GuildUpdateSchema; "/",
const { guild_id } = req.params; route({ body: "GuildUpdateSchema" }),
async (req: Request, res: Response) => {
const body = req.body as GuildUpdateSchema;
const { guild_id } = req.params;
const rights = await getRights(req.user_id);
const permission = await getPermission(req.user_id, guild_id);
const rights = await getRights(req.user_id); if (!rights.has("MANAGE_GUILDS") || !permission.has("MANAGE_GUILD"))
const permission = await getPermission(req.user_id, guild_id); throw DiscordApiErrors.MISSING_PERMISSIONS.withParams(
"MANAGE_GUILD",
);
if (!rights.has("MANAGE_GUILDS") || !permission.has("MANAGE_GUILD")) // TODO: guild update check image
throw DiscordApiErrors.MISSING_PERMISSIONS.withParams("MANAGE_GUILD");
// TODO: guild update check image if (body.icon)
body.icon = await handleFile(`/icons/${guild_id}`, body.icon);
if (body.banner)
body.banner = await handleFile(`/banners/${guild_id}`, body.banner);
if (body.splash)
body.splash = await handleFile(
`/splashes/${guild_id}`,
body.splash,
);
if (body.icon) body.icon = await handleFile(`/icons/${guild_id}`, body.icon); var guild = await Guild.findOneOrFail({
if (body.banner) body.banner = await handleFile(`/banners/${guild_id}`, body.banner); where: { id: guild_id },
if (body.splash) body.splash = await handleFile(`/splashes/${guild_id}`, body.splash); relations: ["emojis", "roles", "stickers"],
});
// TODO: check if body ids are valid
guild.assign(body);
var guild = await Guild.findOneOrFail({ const data = guild.toJSON();
where: { id: guild_id }, // TODO: guild hashes
relations: ["emojis", "roles", "stickers"] // TODO: fix vanity_url_code, template_id
}); delete data.vanity_url_code;
// TODO: check if body ids are valid delete data.template_id;
guild.assign(body);
const data = guild.toJSON(); await Promise.all([
// TODO: guild hashes guild.save(),
// TODO: fix vanity_url_code, template_id emitEvent({
delete data.vanity_url_code; event: "GUILD_UPDATE",
delete data.template_id; data,
guild_id,
} as GuildUpdateEvent),
]);
await Promise.all([guild.save(), emitEvent({ event: "GUILD_UPDATE", data, guild_id } as GuildUpdateEvent)]); return res.json(data);
},
return res.json(data); );
});
export default router; export default router;

View File

@ -4,12 +4,19 @@ import { Request, Response, Router } from "express";
const router = Router(); const router = Router();
router.get("/", route({ permission: "MANAGE_GUILD" }), async (req: Request, res: Response) => { router.get(
const { guild_id } = req.params; "/",
route({ permission: "MANAGE_GUILD" }),
async (req: Request, res: Response) => {
const { guild_id } = req.params;
const invites = await Invite.find({ where: { guild_id }, relations: PublicInviteRelation }); const invites = await Invite.find({
where: { guild_id },
relations: PublicInviteRelation,
});
return res.json(invites); return res.json(invites);
}); },
);
export default router; export default router;

View File

@ -2,12 +2,12 @@ import { Router, Request, Response } from "express";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
const router = Router(); const router = Router();
router.get("/",route({}), async (req: Request, res: Response) => { router.get("/", route({}), async (req: Request, res: Response) => {
// TODO: member verification // TODO: member verification
res.status(404).json({ res.status(404).json({
message: "Unknown Guild Member Verification Form", message: "Unknown Guild Member Verification Form",
code: 10068 code: 10068,
}); });
}); });

View File

@ -1,5 +1,16 @@
import { Request, Response, Router } from "express"; import { Request, Response, Router } from "express";
import { Member, getPermission, getRights, Role, GuildMemberUpdateEvent, emitEvent, Sticker, Emoji, Guild, MemberChangeSchema } from "@fosscord/util"; import {
Member,
getPermission,
getRights,
Role,
GuildMemberUpdateEvent,
emitEvent,
Sticker,
Emoji,
Guild,
MemberChangeSchema,
} from "@fosscord/util";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
const router = Router(); const router = Router();
@ -8,48 +19,63 @@ router.get("/", route({}), async (req: Request, res: Response) => {
const { guild_id, member_id } = req.params; const { guild_id, member_id } = req.params;
await Member.IsInGuildOrFail(req.user_id, guild_id); await Member.IsInGuildOrFail(req.user_id, guild_id);
const member = await Member.findOneOrFail({ where: { id: member_id, guild_id } }); const member = await Member.findOneOrFail({
where: { id: member_id, guild_id },
});
return res.json(member); return res.json(member);
}); });
router.patch("/", route({ body: "MemberChangeSchema" }), async (req: Request, res: Response) => { router.patch(
let { guild_id, member_id } = req.params; "/",
if (member_id === "@me") member_id = req.user_id; route({ body: "MemberChangeSchema" }),
const body = req.body as MemberChangeSchema; async (req: Request, res: Response) => {
let { guild_id, member_id } = req.params;
if (member_id === "@me") member_id = req.user_id;
const body = req.body as MemberChangeSchema;
const member = await Member.findOneOrFail({ where: { id: member_id, guild_id }, relations: ["roles", "user"] }); const member = await Member.findOneOrFail({
const permission = await getPermission(req.user_id, guild_id); where: { id: member_id, guild_id },
const everyone = await Role.findOneOrFail({ where: { guild_id: guild_id, name: "@everyone", position: 0 } }); relations: ["roles", "user"],
});
const permission = await getPermission(req.user_id, guild_id);
const everyone = await Role.findOneOrFail({
where: { guild_id: guild_id, name: "@everyone", position: 0 },
});
if (body.roles) { if (body.roles) {
permission.hasThrow("MANAGE_ROLES"); permission.hasThrow("MANAGE_ROLES");
if (body.roles.indexOf(everyone.id) === -1) body.roles.push(everyone.id); if (body.roles.indexOf(everyone.id) === -1)
member.roles = body.roles.map((x) => Role.create({ id: x })); // foreign key constraint will fail if role doesn't exist body.roles.push(everyone.id);
} member.roles = body.roles.map((x) => Role.create({ id: x })); // foreign key constraint will fail if role doesn't exist
}
if ('nick' in body) { if ("nick" in body) {
permission.hasThrow(req.user_id == member.user.id ? "CHANGE_NICKNAME" : "MANAGE_NICKNAMES"); permission.hasThrow(
member.nick = body.nick?.trim() || undefined; req.user_id == member.user.id
} ? "CHANGE_NICKNAME"
: "MANAGE_NICKNAMES",
);
member.nick = body.nick?.trim() || undefined;
}
await member.save(); await member.save();
member.roles = member.roles.filter((x) => x.id !== everyone.id); member.roles = member.roles.filter((x) => x.id !== everyone.id);
// do not use promise.all as we have to first write to db before emitting the event to catch errors // do not use promise.all as we have to first write to db before emitting the event to catch errors
await emitEvent({ await emitEvent({
event: "GUILD_MEMBER_UPDATE", event: "GUILD_MEMBER_UPDATE",
guild_id, guild_id,
data: { ...member, roles: member.roles.map((x) => x.id) } data: { ...member, roles: member.roles.map((x) => x.id) },
} as GuildMemberUpdateEvent); } as GuildMemberUpdateEvent);
res.json(member); res.json(member);
}); },
);
router.put("/", route({}), async (req: Request, res: Response) => { router.put("/", route({}), async (req: Request, res: Response) => {
// TODO: Lurker mode // TODO: Lurker mode
const rights = await getRights(req.user_id); const rights = await getRights(req.user_id);
@ -59,23 +85,23 @@ router.put("/", route({}), async (req: Request, res: Response) => {
member_id = req.user_id; member_id = req.user_id;
rights.hasThrow("JOIN_GUILDS"); rights.hasThrow("JOIN_GUILDS");
} else { } else {
// TODO: join others by controller // TODO: join others by controller
} }
var guild = await Guild.findOneOrFail({ var guild = await Guild.findOneOrFail({
where: { id: guild_id } where: { id: guild_id },
}); });
var emoji = await Emoji.find({ var emoji = await Emoji.find({
where: { guild_id: guild_id } where: { guild_id: guild_id },
}); });
var roles = await Role.find({ var roles = await Role.find({
where: { guild_id: guild_id } where: { guild_id: guild_id },
}); });
var stickers = await Sticker.find({ var stickers = await Sticker.find({
where: { guild_id: guild_id } where: { guild_id: guild_id },
}); });
await Member.addToGuild(member_id, guild_id); await Member.addToGuild(member_id, guild_id);

View File

@ -4,19 +4,23 @@ import { Request, Response, Router } from "express";
const router = Router(); const router = Router();
router.patch("/", route({ body: "MemberNickChangeSchema" }), async (req: Request, res: Response) => { router.patch(
var { guild_id, member_id } = req.params; "/",
var permissionString: PermissionResolvable = "MANAGE_NICKNAMES"; route({ body: "MemberNickChangeSchema" }),
if (member_id === "@me") { async (req: Request, res: Response) => {
member_id = req.user_id; var { guild_id, member_id } = req.params;
permissionString = "CHANGE_NICKNAME"; var permissionString: PermissionResolvable = "MANAGE_NICKNAMES";
} if (member_id === "@me") {
member_id = req.user_id;
permissionString = "CHANGE_NICKNAME";
}
const perms = await getPermission(req.user_id, guild_id); const perms = await getPermission(req.user_id, guild_id);
perms.hasThrow(permissionString); perms.hasThrow(permissionString);
await Member.changeNickname(member_id, guild_id, req.body.nick); await Member.changeNickname(member_id, guild_id, req.body.nick);
res.status(200).send(); res.status(200).send();
}); },
);
export default router; export default router;

View File

@ -4,18 +4,26 @@ import { Request, Response, Router } from "express";
const router = Router(); const router = Router();
router.delete("/", route({ permission: "MANAGE_ROLES" }), async (req: Request, res: Response) => { router.delete(
const { guild_id, role_id, member_id } = req.params; "/",
route({ permission: "MANAGE_ROLES" }),
async (req: Request, res: Response) => {
const { guild_id, role_id, member_id } = req.params;
await Member.removeRole(member_id, guild_id, role_id); await Member.removeRole(member_id, guild_id, role_id);
res.sendStatus(204); res.sendStatus(204);
}); },
);
router.put("/", route({ permission: "MANAGE_ROLES" }), async (req: Request, res: Response) => { router.put(
const { guild_id, role_id, member_id } = req.params; "/",
route({ permission: "MANAGE_ROLES" }),
async (req: Request, res: Response) => {
const { guild_id, role_id, member_id } = req.params;
await Member.addRole(member_id, guild_id, role_id); await Member.addRole(member_id, guild_id, role_id);
res.sendStatus(204); res.sendStatus(204);
}); },
);
export default router; export default router;

View File

@ -12,7 +12,8 @@ const router = Router();
router.get("/", route({}), async (req: Request, res: Response) => { router.get("/", route({}), async (req: Request, res: Response) => {
const { guild_id } = req.params; const { guild_id } = req.params;
const limit = Number(req.query.limit) || 1; const limit = Number(req.query.limit) || 1;
if (limit > 1000 || limit < 1) throw new HTTPError("Limit must be between 1 and 1000"); if (limit > 1000 || limit < 1)
throw new HTTPError("Limit must be between 1 and 1000");
const after = `${req.query.after}`; const after = `${req.query.after}`;
const query = after ? { id: MoreThan(after) } : {}; const query = after ? { id: MoreThan(after) } : {};
@ -22,7 +23,7 @@ router.get("/", route({}), async (req: Request, res: Response) => {
where: { guild_id, ...query }, where: { guild_id, ...query },
select: PublicMemberProjection, select: PublicMemberProjection,
take: limit, take: limit,
order: { id: "ASC" } order: { id: "ASC" },
}); });
return res.json(members); return res.json(members);

View File

@ -10,36 +10,62 @@ router.get("/", route({}), async (req: Request, res: Response) => {
const { const {
channel_id, channel_id,
content, content,
include_nsfw, // TODO include_nsfw, // TODO
offset, offset,
sort_order, sort_order,
sort_by, // TODO: Handle 'relevance' sort_by, // TODO: Handle 'relevance'
limit, limit,
author_id, author_id,
} = req.query; } = req.query;
const parsedLimit = Number(limit) || 50; const parsedLimit = Number(limit) || 50;
if (parsedLimit < 1 || parsedLimit > 100) throw new HTTPError("limit must be between 1 and 100", 422); if (parsedLimit < 1 || parsedLimit > 100)
throw new HTTPError("limit must be between 1 and 100", 422);
if (sort_order) { if (sort_order) {
if (typeof sort_order != "string" if (
|| ["desc", "asc"].indexOf(sort_order) == -1) typeof sort_order != "string" ||
throw FieldErrors({ sort_order: { message: "Value must be one of ('desc', 'asc').", code: "BASE_TYPE_CHOICES" } }); // todo this is wrong ["desc", "asc"].indexOf(sort_order) == -1
)
throw FieldErrors({
sort_order: {
message: "Value must be one of ('desc', 'asc').",
code: "BASE_TYPE_CHOICES",
},
}); // todo this is wrong
} }
const permissions = await getPermission(req.user_id, req.params.guild_id, channel_id as string); const permissions = await getPermission(
req.user_id,
req.params.guild_id,
channel_id as string,
);
permissions.hasThrow("VIEW_CHANNEL"); permissions.hasThrow("VIEW_CHANNEL");
if (!permissions.has("READ_MESSAGE_HISTORY")) return res.json({ messages: [], total_results: 0 }); if (!permissions.has("READ_MESSAGE_HISTORY"))
return res.json({ messages: [], total_results: 0 });
var query: FindManyOptions<Message> = { var query: FindManyOptions<Message> = {
order: { timestamp: sort_order ? sort_order.toUpperCase() as "ASC" | "DESC" : "DESC" }, order: {
timestamp: sort_order
? (sort_order.toUpperCase() as "ASC" | "DESC")
: "DESC",
},
take: parsedLimit || 0, take: parsedLimit || 0,
where: { where: {
guild: { guild: {
id: req.params.guild_id, id: req.params.guild_id,
}, },
}, },
relations: ["author", "webhook", "application", "mentions", "mention_roles", "mention_channels", "sticker_items", "attachments"], relations: [
"author",
"webhook",
"application",
"mentions",
"mention_roles",
"mention_channels",
"sticker_items",
"attachments",
],
skip: offset ? Number(offset) : 0, skip: offset ? Number(offset) : 0,
}; };
//@ts-ignore //@ts-ignore
@ -51,32 +77,34 @@ router.get("/", route({}), async (req: Request, res: Response) => {
const messages: Message[] = await Message.find(query); const messages: Message[] = await Message.find(query);
const messagesDto = messages.map(x => [{ const messagesDto = messages.map((x) => [
id: x.id, {
type: x.type, id: x.id,
content: x.content, type: x.type,
channel_id: x.channel_id, content: x.content,
author: { channel_id: x.channel_id,
id: x.author?.id, author: {
username: x.author?.username, id: x.author?.id,
avatar: x.author?.avatar, username: x.author?.username,
avatar_decoration: null, avatar: x.author?.avatar,
discriminator: x.author?.discriminator, avatar_decoration: null,
public_flags: x.author?.public_flags, discriminator: x.author?.discriminator,
public_flags: x.author?.public_flags,
},
attachments: x.attachments,
embeds: x.embeds,
mentions: x.mentions,
mention_roles: x.mention_roles,
pinned: x.pinned,
mention_everyone: x.mention_everyone,
tts: x.tts,
timestamp: x.timestamp,
edited_timestamp: x.edited_timestamp,
flags: x.flags,
components: x.components,
hit: true,
}, },
attachments: x.attachments, ]);
embeds: x.embeds,
mentions: x.mentions,
mention_roles: x.mention_roles,
pinned: x.pinned,
mention_everyone: x.mention_everyone,
tts: x.tts,
timestamp: x.timestamp,
edited_timestamp: x.edited_timestamp,
flags: x.flags,
components: x.components,
hit: true,
}]);
return res.json({ return res.json({
messages: messagesDto, messages: messagesDto,
@ -84,4 +112,4 @@ router.get("/", route({}), async (req: Request, res: Response) => {
}); });
}); });
export default router; export default router;

View File

@ -5,7 +5,12 @@ import { route } from "@fosscord/api";
const router = Router(); const router = Router();
//Returns all inactive members, respecting role hierarchy //Returns all inactive members, respecting role hierarchy
export const inactiveMembers = async (guild_id: string, user_id: string, days: number, roles: string[] = []) => { export const inactiveMembers = async (
guild_id: string,
user_id: string,
days: number,
roles: string[] = [],
) => {
var date = new Date(); var date = new Date();
date.setDate(date.getDate() - days); date.setDate(date.getDate() - days);
//Snowflake should have `generateFromTime` method? Or similar? //Snowflake should have `generateFromTime` method? Or similar?
@ -19,21 +24,27 @@ export const inactiveMembers = async (guild_id: string, user_id: string, days: n
where: [ where: [
{ {
guild_id, guild_id,
last_message_id: LessThan(minId.toString()) last_message_id: LessThan(minId.toString()),
}, },
{ {
last_message_id: IsNull() last_message_id: IsNull(),
} },
], ],
relations: ["roles"] relations: ["roles"],
}); });
console.log(members); console.log(members);
if (!members.length) return []; if (!members.length) return [];
//I'm sure I can do this in the above db query ( and it would probably be better to do so ), but oh well. //I'm sure I can do this in the above db query ( and it would probably be better to do so ), but oh well.
if (roles.length && members.length) members = members.filter((user) => user.roles?.some((role) => roles.includes(role.id))); if (roles.length && members.length)
members = members.filter((user) =>
user.roles?.some((role) => roles.includes(role.id)),
);
const me = await Member.findOneOrFail({ where: { id: user_id, guild_id }, relations: ["roles"] }); const me = await Member.findOneOrFail({
where: { id: user_id, guild_id },
relations: ["roles"],
});
const myHighestRole = Math.max(...(me.roles?.map((x) => x.position) || [])); const myHighestRole = Math.max(...(me.roles?.map((x) => x.position) || []));
const guild = await Guild.findOneOrFail({ where: { id: guild_id } }); const guild = await Guild.findOneOrFail({ where: { id: guild_id } });
@ -44,8 +55,8 @@ export const inactiveMembers = async (guild_id: string, user_id: string, days: n
member.roles?.some( member.roles?.some(
(role) => (role) =>
role.position < myHighestRole || //roles higher than me can't be kicked role.position < myHighestRole || //roles higher than me can't be kicked
me.id === guild.owner_id //owner can kick anyone me.id === guild.owner_id, //owner can kick anyone
) ),
); );
return members; return members;
@ -57,23 +68,39 @@ router.get("/", route({}), async (req: Request, res: Response) => {
var roles = req.query.include_roles; var roles = req.query.include_roles;
if (typeof roles === "string") roles = [roles]; //express will return array otherwise if (typeof roles === "string") roles = [roles]; //express will return array otherwise
const members = await inactiveMembers(req.params.guild_id, req.user_id, days, roles as string[]); const members = await inactiveMembers(
req.params.guild_id,
req.user_id,
days,
roles as string[],
);
res.send({ pruned: members.length }); res.send({ pruned: members.length });
}); });
router.post("/", route({ permission: "KICK_MEMBERS", right: "KICK_BAN_MEMBERS" }), async (req: Request, res: Response) => { router.post(
const days = parseInt(req.body.days); "/",
route({ permission: "KICK_MEMBERS", right: "KICK_BAN_MEMBERS" }),
async (req: Request, res: Response) => {
const days = parseInt(req.body.days);
var roles = req.query.include_roles; var roles = req.query.include_roles;
if (typeof roles === "string") roles = [roles]; if (typeof roles === "string") roles = [roles];
const { guild_id } = req.params; const { guild_id } = req.params;
const members = await inactiveMembers(guild_id, req.user_id, days, roles as string[]); const members = await inactiveMembers(
guild_id,
req.user_id,
days,
roles as string[],
);
await Promise.all(members.map((x) => Member.removeFromGuild(x.id, guild_id))); await Promise.all(
members.map((x) => Member.removeFromGuild(x.id, guild_id)),
);
res.send({ purged: members.length }); res.send({ purged: members.length });
}); },
);
export default router; export default router;

View File

@ -9,7 +9,12 @@ router.get("/", route({}), async (req: Request, res: Response) => {
const { guild_id } = req.params; const { guild_id } = req.params;
const guild = await Guild.findOneOrFail({ where: { id: guild_id } }); const guild = await Guild.findOneOrFail({ where: { id: guild_id } });
//TODO we should use an enum for guild's features and not hardcoded strings //TODO we should use an enum for guild's features and not hardcoded strings
return res.json(await getVoiceRegions(getIpAdress(req), guild.features.includes("VIP_REGIONS"))); return res.json(
await getVoiceRegions(
getIpAdress(req),
guild.features.includes("VIP_REGIONS"),
),
);
}); });
export default router; export default router;

View File

@ -1,5 +1,13 @@
import { Router, Request, Response } from "express"; import { Router, Request, Response } from "express";
import { Role, Member, GuildRoleUpdateEvent, GuildRoleDeleteEvent, emitEvent, handleFile, RoleModifySchema } from "@fosscord/util"; import {
Role,
Member,
GuildRoleUpdateEvent,
GuildRoleDeleteEvent,
emitEvent,
handleFile,
RoleModifySchema,
} from "@fosscord/util";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
import { HTTPError } from "lambert-server"; import { HTTPError } from "lambert-server";
@ -12,57 +20,72 @@ router.get("/", route({}), async (req: Request, res: Response) => {
return res.json(role); return res.json(role);
}); });
router.delete("/", route({ permission: "MANAGE_ROLES" }), async (req: Request, res: Response) => { router.delete(
const { guild_id, role_id } = req.params; "/",
if (role_id === guild_id) throw new HTTPError("You can't delete the @everyone role"); route({ permission: "MANAGE_ROLES" }),
async (req: Request, res: Response) => {
const { guild_id, role_id } = req.params;
if (role_id === guild_id)
throw new HTTPError("You can't delete the @everyone role");
await Promise.all([ await Promise.all([
Role.delete({ Role.delete({
id: role_id, id: role_id,
guild_id: guild_id guild_id: guild_id,
}), }),
emitEvent({ emitEvent({
event: "GUILD_ROLE_DELETE", event: "GUILD_ROLE_DELETE",
guild_id,
data: {
guild_id, guild_id,
role_id data: {
} guild_id,
} as GuildRoleDeleteEvent) role_id,
]); },
} as GuildRoleDeleteEvent),
]);
res.sendStatus(204); res.sendStatus(204);
}); },
);
// TODO: check role hierarchy // TODO: check role hierarchy
router.patch("/", route({ body: "RoleModifySchema", permission: "MANAGE_ROLES" }), async (req: Request, res: Response) => { router.patch(
const { role_id, guild_id } = req.params; "/",
const body = req.body as RoleModifySchema; route({ body: "RoleModifySchema", permission: "MANAGE_ROLES" }),
async (req: Request, res: Response) => {
const { role_id, guild_id } = req.params;
const body = req.body as RoleModifySchema;
if (body.icon && body.icon.length) body.icon = await handleFile(`/role-icons/${role_id}`, body.icon as string); if (body.icon && body.icon.length)
else body.icon = undefined; body.icon = await handleFile(
`/role-icons/${role_id}`,
body.icon as string,
);
else body.icon = undefined;
const role = Role.create({ const role = Role.create({
...body, ...body,
id: role_id, id: role_id,
guild_id,
permissions: String(req.permission!.bitfield & BigInt(body.permissions || "0"))
});
await Promise.all([
role.save(),
emitEvent({
event: "GUILD_ROLE_UPDATE",
guild_id, guild_id,
data: { permissions: String(
guild_id, req.permission!.bitfield & BigInt(body.permissions || "0"),
role ),
} });
} as GuildRoleUpdateEvent)
]);
res.json(role); await Promise.all([
}); role.save(),
emitEvent({
event: "GUILD_ROLE_UPDATE",
guild_id,
data: {
guild_id,
role,
},
} as GuildRoleUpdateEvent),
]);
res.json(role);
},
);
export default router; export default router;

View File

@ -29,70 +29,87 @@ router.get("/", route({}), async (req: Request, res: Response) => {
return res.json(roles); return res.json(roles);
}); });
router.post("/", route({ body: "RoleModifySchema", permission: "MANAGE_ROLES" }), async (req: Request, res: Response) => { router.post(
const guild_id = req.params.guild_id; "/",
const body = req.body as RoleModifySchema; route({ body: "RoleModifySchema", permission: "MANAGE_ROLES" }),
async (req: Request, res: Response) => {
const guild_id = req.params.guild_id;
const body = req.body as RoleModifySchema;
const role_count = await Role.count({ where: { guild_id } }); const role_count = await Role.count({ where: { guild_id } });
const { maxRoles } = Config.get().limits.guild; const { maxRoles } = Config.get().limits.guild;
if (role_count > maxRoles) throw DiscordApiErrors.MAXIMUM_ROLES.withParams(maxRoles); if (role_count > maxRoles)
throw DiscordApiErrors.MAXIMUM_ROLES.withParams(maxRoles);
const role = Role.create({ const role = Role.create({
// values before ...body are default and can be overriden // values before ...body are default and can be overriden
position: 0, position: 0,
hoist: false, hoist: false,
color: 0, color: 0,
mentionable: false, mentionable: false,
...body, ...body,
guild_id: guild_id, guild_id: guild_id,
managed: false, managed: false,
permissions: String(req.permission!.bitfield & BigInt(body.permissions || "0")), permissions: String(
tags: undefined, req.permission!.bitfield & BigInt(body.permissions || "0"),
icon: undefined, ),
unicode_emoji: undefined tags: undefined,
}); icon: undefined,
unicode_emoji: undefined,
});
await Promise.all([ await Promise.all([
role.save(), role.save(),
emitEvent({
event: "GUILD_ROLE_CREATE",
guild_id,
data: {
guild_id,
role: role
}
} as GuildRoleCreateEvent)
]);
res.json(role);
});
router.patch("/", route({ body: "RolePositionUpdateSchema" }), async (req: Request, res: Response) => {
const { guild_id } = req.params;
const body = req.body as RolePositionUpdateSchema;
const perms = await getPermission(req.user_id, guild_id);
perms.hasThrow("MANAGE_ROLES");
await Promise.all(body.map(async (x) => Role.update({ guild_id, id: x.id }, { position: x.position })));
const roles = await Role.find({ where: body.map((x) => ({ id: x.id, guild_id })) });
await Promise.all(
roles.map((x) =>
emitEvent({ emitEvent({
event: "GUILD_ROLE_UPDATE", event: "GUILD_ROLE_CREATE",
guild_id, guild_id,
data: { data: {
guild_id, guild_id,
role: x role: role,
} },
} as GuildRoleUpdateEvent) } as GuildRoleCreateEvent),
) ]);
);
res.json(roles); res.json(role);
}); },
);
router.patch(
"/",
route({ body: "RolePositionUpdateSchema" }),
async (req: Request, res: Response) => {
const { guild_id } = req.params;
const body = req.body as RolePositionUpdateSchema;
const perms = await getPermission(req.user_id, guild_id);
perms.hasThrow("MANAGE_ROLES");
await Promise.all(
body.map(async (x) =>
Role.update({ guild_id, id: x.id }, { position: x.position }),
),
);
const roles = await Role.find({
where: body.map((x) => ({ id: x.id, guild_id })),
});
await Promise.all(
roles.map((x) =>
emitEvent({
event: "GUILD_ROLE_UPDATE",
guild_id,
data: {
guild_id,
role: x,
},
} as GuildRoleUpdateEvent),
),
);
res.json(roles);
},
);
export default router; export default router;

View File

@ -26,15 +26,18 @@ const bodyParser = multer({
limits: { limits: {
fileSize: 1024 * 1024 * 100, fileSize: 1024 * 1024 * 100,
fields: 10, fields: 10,
files: 1 files: 1,
}, },
storage: multer.memoryStorage() storage: multer.memoryStorage(),
}).single("file"); }).single("file");
router.post( router.post(
"/", "/",
bodyParser, bodyParser,
route({ permission: "MANAGE_EMOJIS_AND_STICKERS", body: "ModifyGuildStickerSchema" }), route({
permission: "MANAGE_EMOJIS_AND_STICKERS",
body: "ModifyGuildStickerSchema",
}),
async (req: Request, res: Response) => { async (req: Request, res: Response) => {
if (!req.file) throw new HTTPError("missing file"); if (!req.file) throw new HTTPError("missing file");
@ -49,15 +52,15 @@ router.post(
id, id,
type: StickerType.GUILD, type: StickerType.GUILD,
format_type: getStickerFormat(req.file.mimetype), format_type: getStickerFormat(req.file.mimetype),
available: true available: true,
}).save(), }).save(),
uploadFile(`/stickers/${id}`, req.file) uploadFile(`/stickers/${id}`, req.file),
]); ]);
await sendStickerUpdateEvent(guild_id); await sendStickerUpdateEvent(guild_id);
res.json(sticker); res.json(sticker);
} },
); );
export function getStickerFormat(mime_type: string) { export function getStickerFormat(mime_type: string) {
@ -71,7 +74,9 @@ export function getStickerFormat(mime_type: string) {
case "image/gif": case "image/gif":
return StickerFormatType.GIF; return StickerFormatType.GIF;
default: default:
throw new HTTPError("invalid sticker format: must be png, apng or lottie"); throw new HTTPError(
"invalid sticker format: must be png, apng or lottie",
);
} }
} }
@ -79,21 +84,30 @@ router.get("/:sticker_id", route({}), async (req: Request, res: Response) => {
const { guild_id, sticker_id } = req.params; const { guild_id, sticker_id } = req.params;
await Member.IsInGuildOrFail(req.user_id, guild_id); await Member.IsInGuildOrFail(req.user_id, guild_id);
res.json(await Sticker.findOneOrFail({ where: { guild_id, id: sticker_id } })); res.json(
await Sticker.findOneOrFail({ where: { guild_id, id: sticker_id } }),
);
}); });
router.patch( router.patch(
"/:sticker_id", "/:sticker_id",
route({ body: "ModifyGuildStickerSchema", permission: "MANAGE_EMOJIS_AND_STICKERS" }), route({
body: "ModifyGuildStickerSchema",
permission: "MANAGE_EMOJIS_AND_STICKERS",
}),
async (req: Request, res: Response) => { async (req: Request, res: Response) => {
const { guild_id, sticker_id } = req.params; const { guild_id, sticker_id } = req.params;
const body = req.body as ModifyGuildStickerSchema; const body = req.body as ModifyGuildStickerSchema;
const sticker = await Sticker.create({ ...body, guild_id, id: sticker_id }).save(); const sticker = await Sticker.create({
...body,
guild_id,
id: sticker_id,
}).save();
await sendStickerUpdateEvent(guild_id); await sendStickerUpdateEvent(guild_id);
return res.json(sticker); return res.json(sticker);
} },
); );
async function sendStickerUpdateEvent(guild_id: string) { async function sendStickerUpdateEvent(guild_id: string) {
@ -102,18 +116,22 @@ async function sendStickerUpdateEvent(guild_id: string) {
guild_id: guild_id, guild_id: guild_id,
data: { data: {
guild_id: guild_id, guild_id: guild_id,
stickers: await Sticker.find({ where: { guild_id: guild_id } }) stickers: await Sticker.find({ where: { guild_id: guild_id } }),
} },
} as GuildStickersUpdateEvent); } as GuildStickersUpdateEvent);
} }
router.delete("/:sticker_id", route({ permission: "MANAGE_EMOJIS_AND_STICKERS" }), async (req: Request, res: Response) => { router.delete(
const { guild_id, sticker_id } = req.params; "/:sticker_id",
route({ permission: "MANAGE_EMOJIS_AND_STICKERS" }),
async (req: Request, res: Response) => {
const { guild_id, sticker_id } = req.params;
await Sticker.delete({ guild_id, id: sticker_id }); await Sticker.delete({ guild_id, id: sticker_id });
await sendStickerUpdateEvent(guild_id); await sendStickerUpdateEvent(guild_id);
return res.sendStatus(204); return res.sendStatus(204);
}); },
);
export default router; export default router;

View File

@ -20,63 +20,97 @@ const TemplateGuildProjection: (keyof Guild)[] = [
"afk_channel_id", "afk_channel_id",
"system_channel_id", "system_channel_id",
"system_channel_flags", "system_channel_flags",
"icon" "icon",
]; ];
router.get("/", route({}), async (req: Request, res: Response) => { router.get("/", route({}), async (req: Request, res: Response) => {
const { guild_id } = req.params; const { guild_id } = req.params;
var templates = await Template.find({ where: { source_guild_id: guild_id } }); var templates = await Template.find({
where: { source_guild_id: guild_id },
});
return res.json(templates); return res.json(templates);
}); });
router.post("/", route({ body: "TemplateCreateSchema", permission: "MANAGE_GUILD" }), async (req: Request, res: Response) => { router.post(
const { guild_id } = req.params; "/",
const guild = await Guild.findOneOrFail({ where: { id: guild_id }, select: TemplateGuildProjection }); route({ body: "TemplateCreateSchema", permission: "MANAGE_GUILD" }),
const exists = await Template.findOneOrFail({ where: { id: guild_id } }).catch((e) => { }); async (req: Request, res: Response) => {
if (exists) throw new HTTPError("Template already exists", 400); const { guild_id } = req.params;
const guild = await Guild.findOneOrFail({
where: { id: guild_id },
select: TemplateGuildProjection,
});
const exists = await Template.findOneOrFail({
where: { id: guild_id },
}).catch((e) => {});
if (exists) throw new HTTPError("Template already exists", 400);
const template = await Template.create({ const template = await Template.create({
...req.body, ...req.body,
code: generateCode(), code: generateCode(),
creator_id: req.user_id, creator_id: req.user_id,
created_at: new Date(), created_at: new Date(),
updated_at: new Date(), updated_at: new Date(),
source_guild_id: guild_id, source_guild_id: guild_id,
serialized_source_guild: guild serialized_source_guild: guild,
}).save(); }).save();
res.json(template); res.json(template);
}); },
);
router.delete("/:code", route({ permission: "MANAGE_GUILD" }), async (req: Request, res: Response) => { router.delete(
const { code, guild_id } = req.params; "/:code",
route({ permission: "MANAGE_GUILD" }),
async (req: Request, res: Response) => {
const { code, guild_id } = req.params;
const template = await Template.delete({ const template = await Template.delete({
code, code,
source_guild_id: guild_id source_guild_id: guild_id,
}); });
res.json(template); res.json(template);
}); },
);
router.put("/:code", route({ permission: "MANAGE_GUILD" }), async (req: Request, res: Response) => { router.put(
const { code, guild_id } = req.params; "/:code",
const guild = await Guild.findOneOrFail({ where: { id: guild_id }, select: TemplateGuildProjection }); route({ permission: "MANAGE_GUILD" }),
async (req: Request, res: Response) => {
const { code, guild_id } = req.params;
const guild = await Guild.findOneOrFail({
where: { id: guild_id },
select: TemplateGuildProjection,
});
const template = await Template.create({ code, serialized_source_guild: guild }).save(); const template = await Template.create({
code,
serialized_source_guild: guild,
}).save();
res.json(template); res.json(template);
}); },
);
router.patch("/:code", route({ body: "TemplateModifySchema", permission: "MANAGE_GUILD" }), async (req: Request, res: Response) => { router.patch(
const { code, guild_id } = req.params; "/:code",
const { name, description } = req.body; route({ body: "TemplateModifySchema", permission: "MANAGE_GUILD" }),
async (req: Request, res: Response) => {
const { code, guild_id } = req.params;
const { name, description } = req.body;
const template = await Template.create({ code, name: name, description: description, source_guild_id: guild_id }).save(); const template = await Template.create({
code,
name: name,
description: description,
source_guild_id: guild_id,
}).save();
res.json(template); res.json(template);
}); },
);
export default router; export default router;

View File

@ -1,4 +1,10 @@
import { Channel, ChannelType, Guild, Invite, VanityUrlSchema } from "@fosscord/util"; import {
Channel,
ChannelType,
Guild,
Invite,
VanityUrlSchema,
} from "@fosscord/util";
import { Router, Request, Response } from "express"; import { Router, Request, Response } from "express";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
import { HTTPError } from "lambert-server"; import { HTTPError } from "lambert-server";
@ -7,52 +13,70 @@ const router = Router();
const InviteRegex = /\W/g; const InviteRegex = /\W/g;
router.get("/", route({ permission: "MANAGE_GUILD" }), async (req: Request, res: Response) => { router.get(
const { guild_id } = req.params; "/",
const guild = await Guild.findOneOrFail({ where: { id: guild_id } }); route({ permission: "MANAGE_GUILD" }),
async (req: Request, res: Response) => {
const { guild_id } = req.params;
const guild = await Guild.findOneOrFail({ where: { id: guild_id } });
if (!guild.features.includes("ALIASABLE_NAMES")) { if (!guild.features.includes("ALIASABLE_NAMES")) {
const invite = await Invite.findOne({ where: { guild_id: guild_id, vanity_url: true } }); const invite = await Invite.findOne({
if (!invite) return res.json({ code: null }); where: { guild_id: guild_id, vanity_url: true },
});
if (!invite) return res.json({ code: null });
return res.json({ code: invite.code, uses: invite.uses }); return res.json({ code: invite.code, uses: invite.uses });
} else { } else {
const invite = await Invite.find({ where: { guild_id: guild_id, vanity_url: true } }); const invite = await Invite.find({
if (!invite || invite.length == 0) return res.json({ code: null }); where: { guild_id: guild_id, vanity_url: true },
});
if (!invite || invite.length == 0) return res.json({ code: null });
return res.json(invite.map((x) => ({ code: x.code, uses: x.uses }))); return res.json(
} invite.map((x) => ({ code: x.code, uses: x.uses })),
}); );
}
},
);
router.patch("/", route({ body: "VanityUrlSchema", permission: "MANAGE_GUILD" }), async (req: Request, res: Response) => { router.patch(
const { guild_id } = req.params; "/",
const body = req.body as VanityUrlSchema; route({ body: "VanityUrlSchema", permission: "MANAGE_GUILD" }),
const code = body.code?.replace(InviteRegex, ""); async (req: Request, res: Response) => {
const { guild_id } = req.params;
const body = req.body as VanityUrlSchema;
const code = body.code?.replace(InviteRegex, "");
const guild = await Guild.findOneOrFail({ where: { id: guild_id } }); const guild = await Guild.findOneOrFail({ where: { id: guild_id } });
if (!guild.features.includes("VANITY_URL")) throw new HTTPError("Your guild doesn't support vanity urls"); if (!guild.features.includes("VANITY_URL"))
throw new HTTPError("Your guild doesn't support vanity urls");
if (!code || code.length === 0) throw new HTTPError("Code cannot be null or empty"); if (!code || code.length === 0)
throw new HTTPError("Code cannot be null or empty");
const invite = await Invite.findOne({ where: { code } }); const invite = await Invite.findOne({ where: { code } });
if (invite) throw new HTTPError("Invite already exists"); if (invite) throw new HTTPError("Invite already exists");
const { id } = await Channel.findOneOrFail({ where: { guild_id, type: ChannelType.GUILD_TEXT } }); const { id } = await Channel.findOneOrFail({
where: { guild_id, type: ChannelType.GUILD_TEXT },
});
await Invite.create({ await Invite.create({
vanity_url: true, vanity_url: true,
code: code, code: code,
temporary: false, temporary: false,
uses: 0, uses: 0,
max_uses: 0, max_uses: 0,
max_age: 0, max_age: 0,
created_at: new Date(), created_at: new Date(),
expires_at: new Date(), expires_at: new Date(),
guild_id: guild_id, guild_id: guild_id,
channel_id: id channel_id: id,
}).save(); }).save();
return res.json({ code: code }); return res.json({ code: code });
}); },
);
export default router; export default router;

View File

@ -1,52 +1,71 @@
import { Channel, ChannelType, DiscordApiErrors, emitEvent, getPermission, VoiceState, VoiceStateUpdateEvent, VoiceStateUpdateSchema } from "@fosscord/util"; import {
Channel,
ChannelType,
DiscordApiErrors,
emitEvent,
getPermission,
VoiceState,
VoiceStateUpdateEvent,
VoiceStateUpdateSchema,
} from "@fosscord/util";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
import { Request, Response, Router } from "express"; import { Request, Response, Router } from "express";
const router = Router(); const router = Router();
//TODO need more testing when community guild and voice stage channel are working //TODO need more testing when community guild and voice stage channel are working
router.patch("/", route({ body: "VoiceStateUpdateSchema" }), async (req: Request, res: Response) => { router.patch(
const body = req.body as VoiceStateUpdateSchema; "/",
var { guild_id, user_id } = req.params; route({ body: "VoiceStateUpdateSchema" }),
if (user_id === "@me") user_id = req.user_id; async (req: Request, res: Response) => {
const body = req.body as VoiceStateUpdateSchema;
var { guild_id, user_id } = req.params;
if (user_id === "@me") user_id = req.user_id;
const perms = await getPermission(req.user_id, guild_id, body.channel_id); const perms = await getPermission(
req.user_id,
guild_id,
body.channel_id,
);
/* /*
From https://discord.com/developers/docs/resources/guild#modify-current-user-voice-state From https://discord.com/developers/docs/resources/guild#modify-current-user-voice-state
You must have the MUTE_MEMBERS permission to unsuppress others. You can always suppress yourself. You must have the MUTE_MEMBERS permission to unsuppress others. You can always suppress yourself.
You must have the REQUEST_TO_SPEAK permission to request to speak. You can always clear your own request to speak. You must have the REQUEST_TO_SPEAK permission to request to speak. You can always clear your own request to speak.
*/ */
if (body.suppress && user_id !== req.user_id) { if (body.suppress && user_id !== req.user_id) {
perms.hasThrow("MUTE_MEMBERS"); perms.hasThrow("MUTE_MEMBERS");
}
if (!body.suppress) body.request_to_speak_timestamp = new Date();
if (body.request_to_speak_timestamp) perms.hasThrow("REQUEST_TO_SPEAK");
const voice_state = await VoiceState.findOne({
where: {
guild_id,
channel_id: body.channel_id,
user_id
} }
}); if (!body.suppress) body.request_to_speak_timestamp = new Date();
if (!voice_state) throw DiscordApiErrors.UNKNOWN_VOICE_STATE; if (body.request_to_speak_timestamp) perms.hasThrow("REQUEST_TO_SPEAK");
voice_state.assign(body); const voice_state = await VoiceState.findOne({
const channel = await Channel.findOneOrFail({ where: { guild_id, id: body.channel_id } }); where: {
if (channel.type !== ChannelType.GUILD_STAGE_VOICE) { guild_id,
throw DiscordApiErrors.CANNOT_EXECUTE_ON_THIS_CHANNEL_TYPE; channel_id: body.channel_id,
} user_id,
},
});
if (!voice_state) throw DiscordApiErrors.UNKNOWN_VOICE_STATE;
await Promise.all([ voice_state.assign(body);
voice_state.save(), const channel = await Channel.findOneOrFail({
emitEvent({ where: { guild_id, id: body.channel_id },
event: "VOICE_STATE_UPDATE", });
data: voice_state, if (channel.type !== ChannelType.GUILD_STAGE_VOICE) {
guild_id throw DiscordApiErrors.CANNOT_EXECUTE_ON_THIS_CHANNEL_TYPE;
} as VoiceStateUpdateEvent) }
]);
return res.sendStatus(204); await Promise.all([
}); voice_state.save(),
emitEvent({
event: "VOICE_STATE_UPDATE",
data: voice_state,
guild_id,
} as VoiceStateUpdateEvent),
]);
return res.sendStatus(204);
},
);
export default router; export default router;

View File

@ -14,20 +14,30 @@ router.get("/", route({}), async (req: Request, res: Response) => {
res.json(guild.welcome_screen); res.json(guild.welcome_screen);
}); });
router.patch("/", route({ body: "GuildUpdateWelcomeScreenSchema", permission: "MANAGE_GUILD" }), async (req: Request, res: Response) => { router.patch(
const guild_id = req.params.guild_id; "/",
const body = req.body as GuildUpdateWelcomeScreenSchema; route({
body: "GuildUpdateWelcomeScreenSchema",
permission: "MANAGE_GUILD",
}),
async (req: Request, res: Response) => {
const guild_id = req.params.guild_id;
const body = req.body as GuildUpdateWelcomeScreenSchema;
const guild = await Guild.findOneOrFail({ where: { id: guild_id } }); const guild = await Guild.findOneOrFail({ where: { id: guild_id } });
if (!guild.welcome_screen.enabled) throw new HTTPError("Welcome screen disabled", 400); if (!guild.welcome_screen.enabled)
if (body.welcome_channels) guild.welcome_screen.welcome_channels = body.welcome_channels; // TODO: check if they exist and are valid throw new HTTPError("Welcome screen disabled", 400);
if (body.description) guild.welcome_screen.description = body.description; if (body.welcome_channels)
if (body.enabled != null) guild.welcome_screen.enabled = body.enabled; guild.welcome_screen.welcome_channels = body.welcome_channels; // TODO: check if they exist and are valid
if (body.description)
guild.welcome_screen.description = body.description;
if (body.enabled != null) guild.welcome_screen.enabled = body.enabled;
await guild.save(); await guild.save();
res.sendStatus(204); res.sendStatus(204);
}); },
);
export default router; export default router;

View File

@ -1,5 +1,12 @@
import { Request, Response, Router } from "express"; import { Request, Response, Router } from "express";
import { Config, Permissions, Guild, Invite, Channel, Member } from "@fosscord/util"; import {
Config,
Permissions,
Guild,
Invite,
Channel,
Member,
} from "@fosscord/util";
import { HTTPError } from "lambert-server"; import { HTTPError } from "lambert-server";
import { random, route } from "@fosscord/api"; import { random, route } from "@fosscord/api";
@ -21,7 +28,9 @@ router.get("/", route({}), async (req: Request, res: Response) => {
if (!guild.widget_enabled) throw new HTTPError("Widget Disabled", 404); if (!guild.widget_enabled) throw new HTTPError("Widget Disabled", 404);
// Fetch existing widget invite for widget channel // Fetch existing widget invite for widget channel
var invite = await Invite.findOne({ where: { channel_id: guild.widget_channel_id } }); var invite = await Invite.findOne({
where: { channel_id: guild.widget_channel_id },
});
if (guild.widget_channel_id && !invite) { if (guild.widget_channel_id && !invite) {
// Create invite for channel if none exists // Create invite for channel if none exists
@ -45,16 +54,24 @@ router.get("/", route({}), async (req: Request, res: Response) => {
// Fetch voice channels, and the @everyone permissions object // Fetch voice channels, and the @everyone permissions object
const channels = [] as any[]; const channels = [] as any[];
(await Channel.find({ where: { guild_id: guild_id, type: 2 }, order: { position: "ASC" } })).filter((doc) => { (
await Channel.find({
where: { guild_id: guild_id, type: 2 },
order: { position: "ASC" },
})
).filter((doc) => {
// Only return channels where @everyone has the CONNECT permission // Only return channels where @everyone has the CONNECT permission
if ( if (
doc.permission_overwrites === undefined || doc.permission_overwrites === undefined ||
Permissions.channelPermission(doc.permission_overwrites, Permissions.FLAGS.CONNECT) === Permissions.FLAGS.CONNECT Permissions.channelPermission(
doc.permission_overwrites,
Permissions.FLAGS.CONNECT,
) === Permissions.FLAGS.CONNECT
) { ) {
channels.push({ channels.push({
id: doc.id, id: doc.id,
name: doc.name, name: doc.name,
position: doc.position position: doc.position,
}); });
} }
}); });
@ -70,7 +87,7 @@ router.get("/", route({}), async (req: Request, res: Response) => {
instant_invite: invite?.code, instant_invite: invite?.code,
channels: channels, channels: channels,
members: members, members: members,
presence_count: guild.presence_count presence_count: guild.presence_count,
}; };
res.set("Cache-Control", "public, max-age=300"); res.set("Cache-Control", "public, max-age=300");

View File

@ -24,8 +24,13 @@ router.get("/", route({}), async (req: Request, res: Response) => {
// Fetch parameter // Fetch parameter
const style = req.query.style?.toString() || "shield"; const style = req.query.style?.toString() || "shield";
if (!["shield", "banner1", "banner2", "banner3", "banner4"].includes(style)) { if (
throw new HTTPError("Value must be one of ('shield', 'banner1', 'banner2', 'banner3', 'banner4').", 400); !["shield", "banner1", "banner2", "banner3", "banner4"].includes(style)
) {
throw new HTTPError(
"Value must be one of ('shield', 'banner1', 'banner2', 'banner3', 'banner4').",
400,
);
} }
// Setup canvas // Setup canvas
@ -34,7 +39,17 @@ router.get("/", route({}), async (req: Request, res: Response) => {
const sizeOf = require("image-size"); const sizeOf = require("image-size");
// TODO: Widget style templates need Fosscord branding // TODO: Widget style templates need Fosscord branding
const source = path.join(__dirname, "..", "..", "..", "..", "..", "assets", "widget", `${style}.png`); const source = path.join(
__dirname,
"..",
"..",
"..",
"..",
"..",
"assets",
"widget",
`${style}.png`,
);
if (!fs.existsSync(source)) { if (!fs.existsSync(source)) {
throw new HTTPError("Widget template does not exist.", 400); throw new HTTPError("Widget template does not exist.", 400);
} }
@ -50,30 +65,68 @@ router.get("/", route({}), async (req: Request, res: Response) => {
switch (style) { switch (style) {
case "shield": case "shield":
ctx.textAlign = "center"; ctx.textAlign = "center";
await drawText(ctx, 73, 13, "#FFFFFF", "thin 10px Verdana", presence); await drawText(
ctx,
73,
13,
"#FFFFFF",
"thin 10px Verdana",
presence,
);
break; break;
case "banner1": case "banner1":
if (icon) await drawIcon(ctx, 20, 27, 50, icon); if (icon) await drawIcon(ctx, 20, 27, 50, icon);
await drawText(ctx, 83, 51, "#FFFFFF", "12px Verdana", name, 22); await drawText(ctx, 83, 51, "#FFFFFF", "12px Verdana", name, 22);
await drawText(ctx, 83, 66, "#C9D2F0FF", "thin 11px Verdana", presence); await drawText(
ctx,
83,
66,
"#C9D2F0FF",
"thin 11px Verdana",
presence,
);
break; break;
case "banner2": case "banner2":
if (icon) await drawIcon(ctx, 13, 19, 36, icon); if (icon) await drawIcon(ctx, 13, 19, 36, icon);
await drawText(ctx, 62, 34, "#FFFFFF", "12px Verdana", name, 15); await drawText(ctx, 62, 34, "#FFFFFF", "12px Verdana", name, 15);
await drawText(ctx, 62, 49, "#C9D2F0FF", "thin 11px Verdana", presence); await drawText(
ctx,
62,
49,
"#C9D2F0FF",
"thin 11px Verdana",
presence,
);
break; break;
case "banner3": case "banner3":
if (icon) await drawIcon(ctx, 20, 20, 50, icon); if (icon) await drawIcon(ctx, 20, 20, 50, icon);
await drawText(ctx, 83, 44, "#FFFFFF", "12px Verdana", name, 27); await drawText(ctx, 83, 44, "#FFFFFF", "12px Verdana", name, 27);
await drawText(ctx, 83, 58, "#C9D2F0FF", "thin 11px Verdana", presence); await drawText(
ctx,
83,
58,
"#C9D2F0FF",
"thin 11px Verdana",
presence,
);
break; break;
case "banner4": case "banner4":
if (icon) await drawIcon(ctx, 21, 136, 50, icon); if (icon) await drawIcon(ctx, 21, 136, 50, icon);
await drawText(ctx, 84, 156, "#FFFFFF", "13px Verdana", name, 27); await drawText(ctx, 84, 156, "#FFFFFF", "13px Verdana", name, 27);
await drawText(ctx, 84, 171, "#C9D2F0FF", "thin 12px Verdana", presence); await drawText(
ctx,
84,
171,
"#C9D2F0FF",
"thin 12px Verdana",
presence,
);
break; break;
default: default:
throw new HTTPError("Value must be one of ('shield', 'banner1', 'banner2', 'banner3', 'banner4').", 400); throw new HTTPError(
"Value must be one of ('shield', 'banner1', 'banner2', 'banner3', 'banner4').",
400,
);
} }
// Return final image // Return final image
@ -83,7 +136,13 @@ router.get("/", route({}), async (req: Request, res: Response) => {
return res.send(buffer); return res.send(buffer);
}); });
async function drawIcon(canvas: any, x: number, y: number, scale: number, icon: string) { async function drawIcon(
canvas: any,
x: number,
y: number,
scale: number,
icon: string,
) {
// @ts-ignore // @ts-ignore
const img = new require("canvas").Image(); const img = new require("canvas").Image();
img.src = icon; img.src = icon;
@ -101,10 +160,19 @@ async function drawIcon(canvas: any, x: number, y: number, scale: number, icon:
canvas.restore(); canvas.restore();
} }
async function drawText(canvas: any, x: number, y: number, color: string, font: string, text: string, maxcharacters?: number) { async function drawText(
canvas: any,
x: number,
y: number,
color: string,
font: string,
text: string,
maxcharacters?: number,
) {
canvas.fillStyle = color; canvas.fillStyle = color;
canvas.font = font; canvas.font = font;
if (text.length > (maxcharacters || 0) && maxcharacters) text = text.slice(0, maxcharacters) + "..."; if (text.length > (maxcharacters || 0) && maxcharacters)
text = text.slice(0, maxcharacters) + "...";
canvas.fillText(text, x, y); canvas.fillText(text, x, y);
} }

View File

@ -10,18 +10,31 @@ router.get("/", route({}), async (req: Request, res: Response) => {
const guild = await Guild.findOneOrFail({ where: { id: guild_id } }); const guild = await Guild.findOneOrFail({ where: { id: guild_id } });
return res.json({ enabled: guild.widget_enabled || false, channel_id: guild.widget_channel_id || null }); return res.json({
enabled: guild.widget_enabled || false,
channel_id: guild.widget_channel_id || null,
});
}); });
// https://discord.com/developers/docs/resources/guild#modify-guild-widget // https://discord.com/developers/docs/resources/guild#modify-guild-widget
router.patch("/", route({ body: "WidgetModifySchema", permission: "MANAGE_GUILD" }), async (req: Request, res: Response) => { router.patch(
const body = req.body as WidgetModifySchema; "/",
const { guild_id } = req.params; route({ body: "WidgetModifySchema", permission: "MANAGE_GUILD" }),
async (req: Request, res: Response) => {
const body = req.body as WidgetModifySchema;
const { guild_id } = req.params;
await Guild.update({ id: guild_id }, { widget_enabled: body.enabled, widget_channel_id: body.channel_id }); await Guild.update(
// Widget invite for the widget_channel_id gets created as part of the /guilds/{guild.id}/widget.json request { id: guild_id },
{
widget_enabled: body.enabled,
widget_channel_id: body.channel_id,
},
);
// Widget invite for the widget_channel_id gets created as part of the /guilds/{guild.id}/widget.json request
return res.json(body); return res.json(body);
}); },
);
export default router; export default router;

View File

@ -1,32 +1,47 @@
import { Router, Request, Response } from "express"; import { Router, Request, Response } from "express";
import { Role, Guild, Config, getRights, Member, DiscordApiErrors, GuildCreateSchema } from "@fosscord/util"; import {
Role,
Guild,
Config,
getRights,
Member,
DiscordApiErrors,
GuildCreateSchema,
} from "@fosscord/util";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
const router: Router = Router(); const router: Router = Router();
//TODO: create default channel //TODO: create default channel
router.post("/", route({ body: "GuildCreateSchema", right: "CREATE_GUILDS" }), async (req: Request, res: Response) => { router.post(
const body = req.body as GuildCreateSchema; "/",
route({ body: "GuildCreateSchema", right: "CREATE_GUILDS" }),
async (req: Request, res: Response) => {
const body = req.body as GuildCreateSchema;
const { maxGuilds } = Config.get().limits.user; const { maxGuilds } = Config.get().limits.user;
const guild_count = await Member.count({ where: { id: req.user_id } }); const guild_count = await Member.count({ where: { id: req.user_id } });
const rights = await getRights(req.user_id); const rights = await getRights(req.user_id);
if ((guild_count >= maxGuilds) && !rights.has("MANAGE_GUILDS")) { if (guild_count >= maxGuilds && !rights.has("MANAGE_GUILDS")) {
throw DiscordApiErrors.MAXIMUM_GUILDS.withParams(maxGuilds); throw DiscordApiErrors.MAXIMUM_GUILDS.withParams(maxGuilds);
} }
const guild = await Guild.createGuild({ ...body, owner_id: req.user_id }); const guild = await Guild.createGuild({
...body,
owner_id: req.user_id,
});
const { autoJoin } = Config.get().guild; const { autoJoin } = Config.get().guild;
if (autoJoin.enabled && !autoJoin.guilds?.length) { if (autoJoin.enabled && !autoJoin.guilds?.length) {
// @ts-ignore // @ts-ignore
await Config.set({ guild: { autoJoin: { guilds: [guild.id] } } }); await Config.set({ guild: { autoJoin: { guilds: [guild.id] } } });
} }
await Member.addToGuild(req.user_id, guild.id); await Member.addToGuild(req.user_id, guild.id);
res.status(201).json({ id: guild.id }); res.status(201).json({ id: guild.id });
}); },
);
export default router; export default router;

View File

@ -1,29 +1,58 @@
import { Request, Response, Router } from "express"; import { Request, Response, Router } from "express";
import { Template, Guild, Role, Snowflake, Config, Member, GuildTemplateCreateSchema } from "@fosscord/util"; import {
Template,
Guild,
Role,
Snowflake,
Config,
Member,
GuildTemplateCreateSchema,
} from "@fosscord/util";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
import { DiscordApiErrors } from "@fosscord/util"; import { DiscordApiErrors } from "@fosscord/util";
import fetch from "node-fetch"; import fetch from "node-fetch";
const router: Router = Router(); const router: Router = Router();
router.get("/:code", route({}), async (req: Request, res: Response) => { router.get("/:code", route({}), async (req: Request, res: Response) => {
const { allowDiscordTemplates, allowRaws, enabled } = Config.get().templates; const { allowDiscordTemplates, allowRaws, enabled } =
if (!enabled) res.json({ code: 403, message: "Template creation & usage is disabled on this instance." }).sendStatus(403); Config.get().templates;
if (!enabled)
res.json({
code: 403,
message: "Template creation & usage is disabled on this instance.",
}).sendStatus(403);
const { code } = req.params; const { code } = req.params;
if (code.startsWith("discord:")) { if (code.startsWith("discord:")) {
if (!allowDiscordTemplates) return res.json({ code: 403, message: "Discord templates cannot be used on this instance." }).sendStatus(403); if (!allowDiscordTemplates)
return res
.json({
code: 403,
message:
"Discord templates cannot be used on this instance.",
})
.sendStatus(403);
const discordTemplateID = code.split("discord:", 2)[1]; const discordTemplateID = code.split("discord:", 2)[1];
const discordTemplateData = await fetch(`https://discord.com/api/v9/guilds/templates/${discordTemplateID}`, { const discordTemplateData = await fetch(
method: "get", `https://discord.com/api/v9/guilds/templates/${discordTemplateID}`,
headers: { "Content-Type": "application/json" } {
}); method: "get",
headers: { "Content-Type": "application/json" },
},
);
return res.json(await discordTemplateData.json()); return res.json(await discordTemplateData.json());
} }
if (code.startsWith("external:")) { if (code.startsWith("external:")) {
if (!allowRaws) return res.json({ code: 403, message: "Importing raws is disabled on this instance." }).sendStatus(403); if (!allowRaws)
return res
.json({
code: 403,
message: "Importing raws is disabled on this instance.",
})
.sendStatus(403);
return res.json(code.split("external:", 2)[1]); return res.json(code.split("external:", 2)[1]);
} }
@ -32,48 +61,72 @@ router.get("/:code", route({}), async (req: Request, res: Response) => {
res.json(template); res.json(template);
}); });
router.post("/:code", route({ body: "GuildTemplateCreateSchema" }), async (req: Request, res: Response) => { router.post(
const { enabled, allowTemplateCreation, allowDiscordTemplates, allowRaws } = Config.get().templates; "/:code",
if (!enabled) return res.json({ code: 403, message: "Template creation & usage is disabled on this instance." }).sendStatus(403); route({ body: "GuildTemplateCreateSchema" }),
if (!allowTemplateCreation) return res.json({ code: 403, message: "Template creation is disabled on this instance." }).sendStatus(403); async (req: Request, res: Response) => {
const {
enabled,
allowTemplateCreation,
allowDiscordTemplates,
allowRaws,
} = Config.get().templates;
if (!enabled)
return res
.json({
code: 403,
message:
"Template creation & usage is disabled on this instance.",
})
.sendStatus(403);
if (!allowTemplateCreation)
return res
.json({
code: 403,
message: "Template creation is disabled on this instance.",
})
.sendStatus(403);
const { code } = req.params; const { code } = req.params;
const body = req.body as GuildTemplateCreateSchema; const body = req.body as GuildTemplateCreateSchema;
const { maxGuilds } = Config.get().limits.user; const { maxGuilds } = Config.get().limits.user;
const guild_count = await Member.count({ where: { id: req.user_id } }); const guild_count = await Member.count({ where: { id: req.user_id } });
if (guild_count >= maxGuilds) { if (guild_count >= maxGuilds) {
throw DiscordApiErrors.MAXIMUM_GUILDS.withParams(maxGuilds); throw DiscordApiErrors.MAXIMUM_GUILDS.withParams(maxGuilds);
} }
const template = await Template.findOneOrFail({ where: { code: code } }); const template = await Template.findOneOrFail({
where: { code: code },
});
const guild_id = Snowflake.generate(); const guild_id = Snowflake.generate();
const [guild, role] = await Promise.all([ const [guild, role] = await Promise.all([
Guild.create({ Guild.create({
...body, ...body,
...template.serialized_source_guild, ...template.serialized_source_guild,
id: guild_id, id: guild_id,
owner_id: req.user_id owner_id: req.user_id,
}).save(), }).save(),
Role.create({ Role.create({
id: guild_id, id: guild_id,
guild_id: guild_id, guild_id: guild_id,
color: 0, color: 0,
hoist: false, hoist: false,
managed: true, managed: true,
mentionable: true, mentionable: true,
name: "@everyone", name: "@everyone",
permissions: BigInt("2251804225").toString(), // TODO: where did this come from? permissions: BigInt("2251804225").toString(), // TODO: where did this come from?
position: 0, position: 0,
}).save() }).save(),
]); ]);
await Member.addToGuild(req.user_id, guild_id); await Member.addToGuild(req.user_id, guild_id);
res.status(201).json({ id: guild.id }); res.status(201).json({ id: guild.id });
}); },
);
export default router; export default router;

View File

@ -1,5 +1,13 @@
import { Router, Request, Response } from "express"; import { Router, Request, Response } from "express";
import { emitEvent, getPermission, Guild, Invite, InviteDeleteEvent, User, PublicInviteRelation } from "@fosscord/util"; import {
emitEvent,
getPermission,
Guild,
Invite,
InviteDeleteEvent,
User,
PublicInviteRelation,
} from "@fosscord/util";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
import { HTTPError } from "lambert-server"; import { HTTPError } from "lambert-server";
@ -8,24 +16,45 @@ const router: Router = Router();
router.get("/:code", route({}), async (req: Request, res: Response) => { router.get("/:code", route({}), async (req: Request, res: Response) => {
const { code } = req.params; const { code } = req.params;
const invite = await Invite.findOneOrFail({ where: { code }, relations: PublicInviteRelation }); const invite = await Invite.findOneOrFail({
where: { code },
relations: PublicInviteRelation,
});
res.status(200).send(invite); res.status(200).send(invite);
}); });
router.post("/:code", route({ right: "USE_MASS_INVITES" }), async (req: Request, res: Response) => { router.post(
const { code } = req.params; "/:code",
const { guild_id } = await Invite.findOneOrFail({ where: { code: code } }); route({ right: "USE_MASS_INVITES" }),
const { features } = await Guild.findOneOrFail({ where: { id: guild_id } }); async (req: Request, res: Response) => {
const { public_flags } = await User.findOneOrFail({ where: { id: req.user_id } }); const { code } = req.params;
const { guild_id } = await Invite.findOneOrFail({
where: { code: code },
});
const { features } = await Guild.findOneOrFail({
where: { id: guild_id },
});
const { public_flags } = await User.findOneOrFail({
where: { id: req.user_id },
});
if (features.includes("INTERNAL_EMPLOYEE_ONLY") && (public_flags & 1) !== 1) throw new HTTPError("Only intended for the staff of this server.", 401); if (
if (features.includes("INVITES_CLOSED")) throw new HTTPError("Sorry, this guild has joins closed.", 403); features.includes("INTERNAL_EMPLOYEE_ONLY") &&
(public_flags & 1) !== 1
)
throw new HTTPError(
"Only intended for the staff of this server.",
401,
);
if (features.includes("INVITES_CLOSED"))
throw new HTTPError("Sorry, this guild has joins closed.", 403);
const invite = await Invite.joinGuild(req.user_id, code); const invite = await Invite.joinGuild(req.user_id, code);
res.json(invite); res.json(invite);
}); },
);
// * cant use permission of route() function because path doesn't have guild_id/channel_id // * cant use permission of route() function because path doesn't have guild_id/channel_id
router.delete("/:code", route({}), async (req: Request, res: Response) => { router.delete("/:code", route({}), async (req: Request, res: Response) => {
@ -36,7 +65,10 @@ router.delete("/:code", route({}), async (req: Request, res: Response) => {
const permission = await getPermission(req.user_id, guild_id, channel_id); const permission = await getPermission(req.user_id, guild_id, channel_id);
if (!permission.has("MANAGE_GUILD") && !permission.has("MANAGE_CHANNELS")) if (!permission.has("MANAGE_GUILD") && !permission.has("MANAGE_CHANNELS"))
throw new HTTPError("You missing the MANAGE_GUILD or MANAGE_CHANNELS permission", 401); throw new HTTPError(
"You missing the MANAGE_GUILD or MANAGE_CHANNELS permission",
401,
);
await Promise.all([ await Promise.all([
Invite.delete({ code }), Invite.delete({ code }),
@ -46,9 +78,9 @@ router.delete("/:code", route({}), async (req: Request, res: Response) => {
data: { data: {
channel_id: channel_id, channel_id: channel_id,
guild_id: guild_id, guild_id: guild_id,
code: code code: code,
} },
} as InviteDeleteEvent) } as InviteDeleteEvent),
]); ]);
res.json({ invite: invite }); res.json({ invite: invite });

Some files were not shown because too many files have changed in this diff Show More