mirror of
https://github.com/ragestudio/comty.git
synced 2025-06-09 10:34:17 +00:00
merge from local
This commit is contained in:
parent
5733503bc0
commit
359a1c9676
@ -1,14 +1,15 @@
|
||||
export default {
|
||||
name: "authorizedServerTokens",
|
||||
collection: "authorizedServerTokens",
|
||||
name: "ServerKeys",
|
||||
collection: "server_keys",
|
||||
schema: {
|
||||
client_id: {
|
||||
access_id: {
|
||||
type: String,
|
||||
required: true,
|
||||
},
|
||||
token: {
|
||||
secret_token: {
|
||||
type: String,
|
||||
required: true,
|
||||
select: false,
|
||||
},
|
||||
access: {
|
||||
type: Array,
|
||||
@ -20,7 +21,10 @@ export default {
|
||||
description: {
|
||||
type: String,
|
||||
},
|
||||
createdAt: {
|
||||
owner_user_id: {
|
||||
type: String,
|
||||
},
|
||||
created_at: {
|
||||
type: Date,
|
||||
default: Date.now,
|
||||
},
|
||||
@ -380,6 +380,9 @@ export default class Gateway {
|
||||
async initialize() {
|
||||
onExit(this.onGatewayExit)
|
||||
|
||||
process.stdout.setMaxListeners(50)
|
||||
process.stderr.setMaxListeners(50)
|
||||
|
||||
this.services = await scanServices()
|
||||
this.proxy = new Proxy()
|
||||
this.ipcRouter = new IPCRouter()
|
||||
|
||||
@ -1,5 +1,4 @@
|
||||
import { authorizedServerTokens } from "../../db_models"
|
||||
import SecureEntry from "../../classes/SecureEntry"
|
||||
import { ServerKeys } from "../../db_models"
|
||||
import AuthToken from "../../classes/AuthToken"
|
||||
|
||||
export default async (req, res) => {
|
||||
@ -42,20 +41,21 @@ export default async (req, res) => {
|
||||
return
|
||||
}
|
||||
case "Server": {
|
||||
const [client_id, token] = tokenAuthHeader[1].split(":")
|
||||
const [access_id, secret_token] = tokenAuthHeader[1].split(":")
|
||||
|
||||
if (client_id === "undefined" || token === "undefined") {
|
||||
if (access_id === "undefined" || secret_token === "undefined") {
|
||||
return reject({
|
||||
error: "Invalid server token"
|
||||
})
|
||||
}
|
||||
|
||||
const secureEntries = new SecureEntry(authorizedServerTokens)
|
||||
|
||||
const serverTokenEntry = await secureEntries.get(client_id, undefined, {
|
||||
keyName: "client_id",
|
||||
valueName: "token",
|
||||
const serverTokenEntry = await ServerKeys.findOne({
|
||||
access_id,
|
||||
})
|
||||
.select("+secret_token")
|
||||
.catch((err) => {
|
||||
return null
|
||||
})
|
||||
|
||||
if (!serverTokenEntry) {
|
||||
return reject({
|
||||
@ -63,16 +63,22 @@ export default async (req, res) => {
|
||||
})
|
||||
}
|
||||
|
||||
if (serverTokenEntry !== token) {
|
||||
if (serverTokenEntry.secret_token !== secret_token) {
|
||||
return reject({
|
||||
error: "Missmatching server token"
|
||||
error: "Missmatching secret_token"
|
||||
})
|
||||
}
|
||||
|
||||
req.user = {
|
||||
__server: true,
|
||||
_id: client_id,
|
||||
roles: ["server"],
|
||||
req.auth = {
|
||||
server: true,
|
||||
token: tokenAuthHeader,
|
||||
decoded: null,
|
||||
session: {
|
||||
__server_key: true,
|
||||
user_id: serverTokenEntry.owner_user_id,
|
||||
created_at: serverTokenEntry.created_at,
|
||||
},
|
||||
user: async () => await User.findOne({ _id: serverTokenEntry.owner_user_id }),
|
||||
}
|
||||
|
||||
return
|
||||
|
||||
@ -0,0 +1,27 @@
|
||||
import { ServerKeys } from "@db_models"
|
||||
|
||||
export default {
|
||||
middlewares: ["withAuthentication"],
|
||||
fn: async (req, res) => {
|
||||
const { access_id } = req.params
|
||||
const { user_id } = req.auth.session
|
||||
|
||||
const serverKey = await ServerKeys.findOne({
|
||||
access_id: access_id,
|
||||
owner_user_id: user_id
|
||||
})
|
||||
|
||||
if (!serverKey) {
|
||||
throw new OperationError(404, "Server key not found")
|
||||
}
|
||||
|
||||
await ServerKeys.findOneAndDelete({
|
||||
access_id: access_id,
|
||||
owner_user_id: user_id,
|
||||
})
|
||||
|
||||
return {
|
||||
deleted: true
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,25 @@
|
||||
import { ServerKeys } from "@db_models"
|
||||
|
||||
export default {
|
||||
middlewares: ["withAuthentication"],
|
||||
fn: async (req, res) => {
|
||||
const { access_id } = req.params
|
||||
const { user_id } = req.auth.session
|
||||
|
||||
let serverKey = await ServerKeys.findOne({
|
||||
access_id: access_id,
|
||||
owner_user_id: user_id
|
||||
})
|
||||
.select("+secret_token")
|
||||
|
||||
if (!serverKey) {
|
||||
throw new OperationError(404, "Server key not found")
|
||||
}
|
||||
|
||||
serverKey.secret_token = nanoid(36)
|
||||
|
||||
await serverKey.save()
|
||||
|
||||
return serverKey
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,25 @@
|
||||
import { ServerKeys } from "@db_models"
|
||||
import crypto from "crypto"
|
||||
|
||||
export default {
|
||||
middlewares: ["withAuthentication"],
|
||||
fn: async (req, res) => {
|
||||
const user_id = req.auth.session.user_id
|
||||
|
||||
const access_id = crypto.randomUUID()
|
||||
const secret = nanoid(36)
|
||||
|
||||
const serverKey = new ServerKeys({
|
||||
name: req.body.name,
|
||||
access_id: access_id,
|
||||
secret_token: secret,
|
||||
access: ["readWrite"],
|
||||
owner_user_id: user_id,
|
||||
created_at: new Date().getTime(),
|
||||
})
|
||||
|
||||
await serverKey.save()
|
||||
|
||||
return serverKey
|
||||
}
|
||||
}
|
||||
@ -1,7 +1,12 @@
|
||||
import { ServerKeys } from "@db_models"
|
||||
|
||||
export default {
|
||||
middlewares: ["withAuthentication"],
|
||||
fn: async (req, res) => {
|
||||
const user_id = req.auth.session.user_id
|
||||
|
||||
return await ServerKeys.find({
|
||||
owner_user_id: user_id
|
||||
})
|
||||
}
|
||||
}
|
||||
@ -55,6 +55,7 @@ export default async (payload = {}) => {
|
||||
global.websocket.io.of("/").emit(`post.like.update`, eventData)
|
||||
|
||||
return {
|
||||
post_id: post_id,
|
||||
liked: to,
|
||||
count: count
|
||||
}
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
import { Post, PostSave } from "@db_models"
|
||||
|
||||
export default async (payload = {}) => {
|
||||
let { post_id, user_id } = payload
|
||||
let { post_id, user_id, to } = payload
|
||||
|
||||
if (!post_id || !user_id) {
|
||||
throw new OperationError(400, "Missing post_id or user_id")
|
||||
@ -16,26 +16,36 @@ export default async (payload = {}) => {
|
||||
throw new OperationError(404, "Post not found")
|
||||
}
|
||||
|
||||
let post = await PostSave.findOne({ post_id, user_id })
|
||||
let saveObj = await PostSave.findOne({ post_id, user_id })
|
||||
|
||||
if (post) {
|
||||
await PostSave.findByIdAndDelete(post._id).catch((err) => {
|
||||
throw new OperationError(500, `An error has occurred: ${err.message}`)
|
||||
})
|
||||
if (typeof to === "undefined") {
|
||||
if (saveObj) {
|
||||
to = false
|
||||
} else {
|
||||
to = true
|
||||
}
|
||||
}
|
||||
|
||||
post = null
|
||||
} else {
|
||||
post = new PostSave({
|
||||
if (to) {
|
||||
saveObj = new PostSave({
|
||||
post_id,
|
||||
user_id,
|
||||
})
|
||||
|
||||
await post.save().catch((err) => {
|
||||
throw new OperationError(500, `An error has occurred: ${err.message}`)
|
||||
})
|
||||
await saveObj.save()
|
||||
} else {
|
||||
await PostSave.findByIdAndDelete(saveObj._id)
|
||||
|
||||
saveObj = null
|
||||
}
|
||||
|
||||
const count = await PostSave.countDocuments({
|
||||
post_id,
|
||||
})
|
||||
|
||||
return {
|
||||
saved: !!post,
|
||||
post_id: post_id,
|
||||
saved: !!saveObj,
|
||||
count: count,
|
||||
}
|
||||
}
|
||||
@ -5,7 +5,8 @@ export default {
|
||||
fn: async (req, res) => {
|
||||
const result = await Posts.toggleLike({
|
||||
post_id: req.params.post_id,
|
||||
user_id: req.auth.session.user_id
|
||||
user_id: req.auth.session.user_id,
|
||||
to: req.body?.to,
|
||||
})
|
||||
|
||||
return result
|
||||
|
||||
@ -5,7 +5,8 @@ export default {
|
||||
fn: async (req, res) => {
|
||||
const result = await Posts.toggleSave({
|
||||
post_id: req.params.post_id,
|
||||
user_id: req.auth.session.user_id
|
||||
user_id: req.auth.session.user_id,
|
||||
to: req.body?.to,
|
||||
})
|
||||
|
||||
return result
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user