From 359a1c96764be5bb47dc6a05ffc39e19c6c5f279 Mon Sep 17 00:00:00 2001 From: SrGooglo Date: Mon, 26 Aug 2024 13:52:28 +0000 Subject: [PATCH] merge from local --- .../index.js | 14 +++++--- packages/server/gateway/index.js | 3 ++ .../middlewares/withAuthentication/index.js | 36 +++++++++++-------- .../routes/server-keys/[access_id]/delete.js | 27 ++++++++++++++ .../[access_id]/regenerate/post.js | 25 +++++++++++++ .../auth/routes/server-keys/generate/post.js | 25 +++++++++++++ .../auth/routes/server-keys/my/get.js | 5 +++ .../posts/classes/posts/methods/toggleLike.js | 1 + .../posts/classes/posts/methods/toggleSave.js | 36 ++++++++++++------- .../posts/[post_id]/toggle_like/post.js | 3 +- .../posts/[post_id]/toggle_save/post.js | 3 +- 11 files changed, 143 insertions(+), 35 deletions(-) rename packages/server/db_models/{authorizedServerTokens => serverKeys}/index.js (66%) create mode 100644 packages/server/services/auth/routes/server-keys/[access_id]/delete.js create mode 100644 packages/server/services/auth/routes/server-keys/[access_id]/regenerate/post.js create mode 100644 packages/server/services/auth/routes/server-keys/generate/post.js diff --git a/packages/server/db_models/authorizedServerTokens/index.js b/packages/server/db_models/serverKeys/index.js similarity index 66% rename from packages/server/db_models/authorizedServerTokens/index.js rename to packages/server/db_models/serverKeys/index.js index b569fc49..259f1c92 100755 --- a/packages/server/db_models/authorizedServerTokens/index.js +++ b/packages/server/db_models/serverKeys/index.js @@ -1,14 +1,15 @@ export default { - name: "authorizedServerTokens", - collection: "authorizedServerTokens", + name: "ServerKeys", + collection: "server_keys", schema: { - client_id: { + access_id: { type: String, required: true, }, - token: { + secret_token: { type: String, required: true, + select: false, }, access: { type: Array, @@ -20,7 +21,10 @@ export default { description: { type: String, }, - createdAt: { + owner_user_id: { + type: String, + }, + created_at: { type: Date, default: Date.now, }, diff --git a/packages/server/gateway/index.js b/packages/server/gateway/index.js index 2d5337fa..633e006f 100644 --- a/packages/server/gateway/index.js +++ b/packages/server/gateway/index.js @@ -380,6 +380,9 @@ export default class Gateway { async initialize() { onExit(this.onGatewayExit) + process.stdout.setMaxListeners(50) + process.stderr.setMaxListeners(50) + this.services = await scanServices() this.proxy = new Proxy() this.ipcRouter = new IPCRouter() diff --git a/packages/server/middlewares/withAuthentication/index.js b/packages/server/middlewares/withAuthentication/index.js index 57c1ddc8..11ad32af 100755 --- a/packages/server/middlewares/withAuthentication/index.js +++ b/packages/server/middlewares/withAuthentication/index.js @@ -1,5 +1,4 @@ -import { authorizedServerTokens } from "../../db_models" -import SecureEntry from "../../classes/SecureEntry" +import { ServerKeys } from "../../db_models" import AuthToken from "../../classes/AuthToken" export default async (req, res) => { @@ -42,20 +41,21 @@ export default async (req, res) => { return } case "Server": { - const [client_id, token] = tokenAuthHeader[1].split(":") + const [access_id, secret_token] = tokenAuthHeader[1].split(":") - if (client_id === "undefined" || token === "undefined") { + if (access_id === "undefined" || secret_token === "undefined") { return reject({ error: "Invalid server token" }) } - const secureEntries = new SecureEntry(authorizedServerTokens) - - const serverTokenEntry = await secureEntries.get(client_id, undefined, { - keyName: "client_id", - valueName: "token", + const serverTokenEntry = await ServerKeys.findOne({ + access_id, }) + .select("+secret_token") + .catch((err) => { + return null + }) if (!serverTokenEntry) { return reject({ @@ -63,16 +63,22 @@ export default async (req, res) => { }) } - if (serverTokenEntry !== token) { + if (serverTokenEntry.secret_token !== secret_token) { return reject({ - error: "Missmatching server token" + error: "Missmatching secret_token" }) } - req.user = { - __server: true, - _id: client_id, - roles: ["server"], + req.auth = { + server: true, + token: tokenAuthHeader, + decoded: null, + session: { + __server_key: true, + user_id: serverTokenEntry.owner_user_id, + created_at: serverTokenEntry.created_at, + }, + user: async () => await User.findOne({ _id: serverTokenEntry.owner_user_id }), } return diff --git a/packages/server/services/auth/routes/server-keys/[access_id]/delete.js b/packages/server/services/auth/routes/server-keys/[access_id]/delete.js new file mode 100644 index 00000000..4bcf468d --- /dev/null +++ b/packages/server/services/auth/routes/server-keys/[access_id]/delete.js @@ -0,0 +1,27 @@ +import { ServerKeys } from "@db_models" + +export default { + middlewares: ["withAuthentication"], + fn: async (req, res) => { + const { access_id } = req.params + const { user_id } = req.auth.session + + const serverKey = await ServerKeys.findOne({ + access_id: access_id, + owner_user_id: user_id + }) + + if (!serverKey) { + throw new OperationError(404, "Server key not found") + } + + await ServerKeys.findOneAndDelete({ + access_id: access_id, + owner_user_id: user_id, + }) + + return { + deleted: true + } + } +} \ No newline at end of file diff --git a/packages/server/services/auth/routes/server-keys/[access_id]/regenerate/post.js b/packages/server/services/auth/routes/server-keys/[access_id]/regenerate/post.js new file mode 100644 index 00000000..7f34c4e0 --- /dev/null +++ b/packages/server/services/auth/routes/server-keys/[access_id]/regenerate/post.js @@ -0,0 +1,25 @@ +import { ServerKeys } from "@db_models" + +export default { + middlewares: ["withAuthentication"], + fn: async (req, res) => { + const { access_id } = req.params + const { user_id } = req.auth.session + + let serverKey = await ServerKeys.findOne({ + access_id: access_id, + owner_user_id: user_id + }) + .select("+secret_token") + + if (!serverKey) { + throw new OperationError(404, "Server key not found") + } + + serverKey.secret_token = nanoid(36) + + await serverKey.save() + + return serverKey + } +} \ No newline at end of file diff --git a/packages/server/services/auth/routes/server-keys/generate/post.js b/packages/server/services/auth/routes/server-keys/generate/post.js new file mode 100644 index 00000000..82b481de --- /dev/null +++ b/packages/server/services/auth/routes/server-keys/generate/post.js @@ -0,0 +1,25 @@ +import { ServerKeys } from "@db_models" +import crypto from "crypto" + +export default { + middlewares: ["withAuthentication"], + fn: async (req, res) => { + const user_id = req.auth.session.user_id + + const access_id = crypto.randomUUID() + const secret = nanoid(36) + + const serverKey = new ServerKeys({ + name: req.body.name, + access_id: access_id, + secret_token: secret, + access: ["readWrite"], + owner_user_id: user_id, + created_at: new Date().getTime(), + }) + + await serverKey.save() + + return serverKey + } +} \ No newline at end of file diff --git a/packages/server/services/auth/routes/server-keys/my/get.js b/packages/server/services/auth/routes/server-keys/my/get.js index 153ce6db..7e38d6f9 100644 --- a/packages/server/services/auth/routes/server-keys/my/get.js +++ b/packages/server/services/auth/routes/server-keys/my/get.js @@ -1,7 +1,12 @@ +import { ServerKeys } from "@db_models" export default { middlewares: ["withAuthentication"], fn: async (req, res) => { + const user_id = req.auth.session.user_id + return await ServerKeys.find({ + owner_user_id: user_id + }) } } \ No newline at end of file diff --git a/packages/server/services/posts/classes/posts/methods/toggleLike.js b/packages/server/services/posts/classes/posts/methods/toggleLike.js index 9a0a3661..2981a93a 100644 --- a/packages/server/services/posts/classes/posts/methods/toggleLike.js +++ b/packages/server/services/posts/classes/posts/methods/toggleLike.js @@ -55,6 +55,7 @@ export default async (payload = {}) => { global.websocket.io.of("/").emit(`post.like.update`, eventData) return { + post_id: post_id, liked: to, count: count } diff --git a/packages/server/services/posts/classes/posts/methods/toggleSave.js b/packages/server/services/posts/classes/posts/methods/toggleSave.js index 53f86eb5..07a1e0aa 100644 --- a/packages/server/services/posts/classes/posts/methods/toggleSave.js +++ b/packages/server/services/posts/classes/posts/methods/toggleSave.js @@ -1,7 +1,7 @@ import { Post, PostSave } from "@db_models" export default async (payload = {}) => { - let { post_id, user_id } = payload + let { post_id, user_id, to } = payload if (!post_id || !user_id) { throw new OperationError(400, "Missing post_id or user_id") @@ -16,26 +16,36 @@ export default async (payload = {}) => { throw new OperationError(404, "Post not found") } - let post = await PostSave.findOne({ post_id, user_id }) + let saveObj = await PostSave.findOne({ post_id, user_id }) - if (post) { - await PostSave.findByIdAndDelete(post._id).catch((err) => { - throw new OperationError(500, `An error has occurred: ${err.message}`) - }) + if (typeof to === "undefined") { + if (saveObj) { + to = false + } else { + to = true + } + } - post = null - } else { - post = new PostSave({ + if (to) { + saveObj = new PostSave({ post_id, user_id, }) - await post.save().catch((err) => { - throw new OperationError(500, `An error has occurred: ${err.message}`) - }) + await saveObj.save() + } else { + await PostSave.findByIdAndDelete(saveObj._id) + + saveObj = null } + const count = await PostSave.countDocuments({ + post_id, + }) + return { - saved: !!post, + post_id: post_id, + saved: !!saveObj, + count: count, } } \ No newline at end of file diff --git a/packages/server/services/posts/routes/posts/[post_id]/toggle_like/post.js b/packages/server/services/posts/routes/posts/[post_id]/toggle_like/post.js index 4232b97b..5b80505f 100644 --- a/packages/server/services/posts/routes/posts/[post_id]/toggle_like/post.js +++ b/packages/server/services/posts/routes/posts/[post_id]/toggle_like/post.js @@ -5,7 +5,8 @@ export default { fn: async (req, res) => { const result = await Posts.toggleLike({ post_id: req.params.post_id, - user_id: req.auth.session.user_id + user_id: req.auth.session.user_id, + to: req.body?.to, }) return result diff --git a/packages/server/services/posts/routes/posts/[post_id]/toggle_save/post.js b/packages/server/services/posts/routes/posts/[post_id]/toggle_save/post.js index 4d2bbfd5..2bf106f7 100644 --- a/packages/server/services/posts/routes/posts/[post_id]/toggle_save/post.js +++ b/packages/server/services/posts/routes/posts/[post_id]/toggle_save/post.js @@ -5,7 +5,8 @@ export default { fn: async (req, res) => { const result = await Posts.toggleSave({ post_id: req.params.post_id, - user_id: req.auth.session.user_id + user_id: req.auth.session.user_id, + to: req.body?.to, }) return result