diff --git a/packages/app/package.json b/packages/app/package.json index ecad1750..2c689ccb 100644 --- a/packages/app/package.json +++ b/packages/app/package.json @@ -43,7 +43,7 @@ "js-cookie": "3.0.1", "jwt-decode": "3.1.2", "less": "4.1.2", - "linebridge": "0.10.13", + "linebridge": "0.11.13", "moment": "2.29.1", "mpegts.js": "^1.6.10", "nprogress": "^0.2.0", diff --git a/packages/app/src/components/UserRegister/index.jsx b/packages/app/src/components/UserRegister/index.jsx index a582f827..5018f5c0 100644 --- a/packages/app/src/components/UserRegister/index.jsx +++ b/packages/app/src/components/UserRegister/index.jsx @@ -14,8 +14,8 @@ const steps = [ content: (props) => { return
{ @@ -34,8 +34,8 @@ const steps = [ content: (props) => { return
{ diff --git a/packages/app/src/extensions/api.extension.js b/packages/app/src/extensions/api.extension.js index 78c6cffc..63b140cb 100644 --- a/packages/app/src/extensions/api.extension.js +++ b/packages/app/src/extensions/api.extension.js @@ -63,11 +63,13 @@ export default class ApiExtension extends Extension { } const handleResponse = async (data) => { + // handle token regeneration if (data.headers?.regenerated_token) { Session.token = data.headers.regenerated_token console.debug("[REGENERATION] New token generated") } + // handle 401 responses if (data instanceof Error) { if (data.response.status === 401) { window.app.eventBus.emit("invalid_session") diff --git a/packages/app/src/extensions/shortcuts.extension.js b/packages/app/src/extensions/shortcuts.extension.js index 933a3099..e45f77e4 100644 --- a/packages/app/src/extensions/shortcuts.extension.js +++ b/packages/app/src/extensions/shortcuts.extension.js @@ -7,6 +7,7 @@ export default class ShortcutsExtension extends Extension { this.shortcuts = {} document.addEventListener("keydown", (event) => { + // FIXME: event.key sometimes is not defined const key = event.key.toLowerCase() const shortcut = this.shortcuts[key] diff --git a/packages/app/src/models/session/index.js b/packages/app/src/models/session/index.js index 677c0e0a..a6199df9 100644 --- a/packages/app/src/models/session/index.js +++ b/packages/app/src/models/session/index.js @@ -44,8 +44,8 @@ export default class Session { //* BASIC HANDLERS login = (payload, callback) => { const body = { - username: window.btoa(payload.username), - password: window.btoa(payload.password), + username: payload.username, //window.btoa(payload.username), + password: payload.password, //window.btoa(payload.password), } return this.generateNewToken(body, (err, res) => { diff --git a/packages/app/src/pages/login/index.jsx b/packages/app/src/pages/login/index.jsx index f887649d..79f9f7c1 100644 --- a/packages/app/src/pages/login/index.jsx +++ b/packages/app/src/pages/login/index.jsx @@ -15,8 +15,8 @@ const formInstance = [ icon: "User", placeholder: "Username", props: { - autocorrect: "off", - autocapitalize: "none", + autoCorrect: "off", + autoCapitalize: "none", className: "login-form-username", }, }, diff --git a/packages/server/package.json b/packages/server/package.json index a15f16a9..530e8eb3 100644 --- a/packages/server/package.json +++ b/packages/server/package.json @@ -8,14 +8,13 @@ "license": "MIT", "dependencies": { "@corenode/utils": "0.28.26", - "@nanoexpress/middleware-file-upload": "^1.0.6", "axios": "0.25.0", "bcrypt": "5.0.1", "connect-mongo": "4.6.0", "corenode": "0.28.26", "dicebar_lib": "1.0.1", "jsonwebtoken": "8.5.1", - "linebridge": "0.10.13", + "linebridge": "0.11.13", "moment": "2.29.1", "mongoose": "6.1.9", "nanoid": "3.2.0", diff --git a/packages/server/src/controllers/ConfigController/index.js b/packages/server/src/controllers/ConfigController/index.js index 7599d9f5..6b0209dd 100644 --- a/packages/server/src/controllers/ConfigController/index.js +++ b/packages/server/src/controllers/ConfigController/index.js @@ -1,6 +1,6 @@ -import { ComplexController } from "linebridge/dist/classes" +import { Controller } from "linebridge/dist/server" -export default class ConfigController extends ComplexController { +export default class ConfigController extends Controller { static refName = "ConfigController" static useMiddlewares = ["withAuthentication", "onlyAdmin"] diff --git a/packages/server/src/controllers/FilesController/index.js b/packages/server/src/controllers/FilesController/index.js index 5b9f5c21..b0d1c322 100644 --- a/packages/server/src/controllers/FilesController/index.js +++ b/packages/server/src/controllers/FilesController/index.js @@ -1,4 +1,4 @@ -import { ComplexController } from "linebridge/dist/classes" +import { Controller } from "linebridge/dist/server" import path from "path" import fs from "fs" import stream from "stream" @@ -7,28 +7,32 @@ function resolveToUrl(filepath) { return `${global.globalPublicURI}/uploads/${filepath}` } -export default class FilesController extends ComplexController { - static refName = "FilesController" +export default class FilesController extends Controller { + static disabled = true get = { - "/uploads/:id": (req, res) => { - const filePath = path.join(global.uploadPath, req.params?.id) + "/uploads/:id": { + enabled: false, + fn: (req, res) => { + const filePath = path.join(global.uploadPath, req.params?.id) - const readStream = fs.createReadStream(filePath) - const passTrough = new stream.PassThrough() + const readStream = fs.createReadStream(filePath) + const passTrough = new stream.PassThrough() - stream.pipeline(readStream, passTrough, (err) => { - if (err) { - return res.status(400) - } - }) + stream.pipeline(readStream, passTrough, (err) => { + if (err) { + return res.status(400) + } + }) - return passTrough.pipe(res) + return passTrough.pipe(res) + }, } } post = { "/upload": { + enabled: false, middlewares: ["withAuthentication", "fileUpload"], fn: async (req, res) => { const urls = [] diff --git a/packages/server/src/controllers/PostsController/index.js b/packages/server/src/controllers/PostsController/index.js index a8743fbe..5336e577 100644 --- a/packages/server/src/controllers/PostsController/index.js +++ b/packages/server/src/controllers/PostsController/index.js @@ -1,8 +1,8 @@ -import { ComplexController } from "linebridge/dist/classes" +import { Controller } from "linebridge/dist/server" import { Schematized } from "../../lib" import { Post, User } from "../../models" -export default class PostsController extends ComplexController { +export default class PostsController extends Controller { static refName = "PostsController" static useMiddlewares = ["withAuthentication"] diff --git a/packages/server/src/controllers/PublicController/index.js b/packages/server/src/controllers/PublicController/index.js index 664e431c..b8c532dc 100644 --- a/packages/server/src/controllers/PublicController/index.js +++ b/packages/server/src/controllers/PublicController/index.js @@ -1,6 +1,6 @@ -import { ComplexController } from "linebridge/dist/classes" +import { Controller } from "linebridge/dist/server" -export default class PublicController extends ComplexController { +export default class PublicController extends Controller { static refName = "PublicController" post = { diff --git a/packages/server/src/controllers/RolesController/index.js b/packages/server/src/controllers/RolesController/index.js index d00dbed7..52a24c32 100644 --- a/packages/server/src/controllers/RolesController/index.js +++ b/packages/server/src/controllers/RolesController/index.js @@ -1,8 +1,8 @@ -import { ComplexController } from "linebridge/dist/classes" +import { Controller } from "linebridge/dist/server" import { Role, User } from "../../models" import { Schematized } from "../../lib" -export default class RolesController extends ComplexController { +export default class RolesController extends Controller { static refName = "RolesController" static useMiddlewares = ["roles"] @@ -61,11 +61,11 @@ export default class RolesController extends ComplexController { }, async (req, res) => { // check if issuer user is admin if (!req.isAdmin()) { - return res.status(403).send("You do not have administrator permission") + return res.status(403).json("You do not have administrator permission") } if (!Array.isArray(req.selection.update)) { - return res.status(400).send("Invalid update request") + return res.status(400).json("Invalid update request") } req.selection.update.forEach(async (update) => { @@ -82,7 +82,7 @@ export default class RolesController extends ComplexController { } }) - return res.send("done") + return res.json("done") }), }, } diff --git a/packages/server/src/controllers/SessionController/index.js b/packages/server/src/controllers/SessionController/index.js index 7cfee5b0..cba56050 100644 --- a/packages/server/src/controllers/SessionController/index.js +++ b/packages/server/src/controllers/SessionController/index.js @@ -1,8 +1,8 @@ -import { ComplexController } from "linebridge/dist/classes" +import { Controller } from "linebridge/dist/server" import { Session } from "../../models" import jwt from "jsonwebtoken" -export default class SessionController extends ComplexController { +export default class SessionController extends Controller { static refName = "SessionController" get = { @@ -75,18 +75,18 @@ export default class SessionController extends ComplexController { const { token, user_id } = req.body if (typeof user_id === "undefined") { - return res.status(400).send("No user_id provided") + return res.status(400).json("No user_id provided") } if (typeof token === "undefined") { - return res.status(400).send("No token provided") + return res.status(400).json("No token provided") } const session = await Session.findOneAndDelete({ user_id, token }) if (session) { - return res.send("done") + return res.json("done") } - return res.status(404).send("not found") + return res.status(404).json("not found") }, }, "/sessions": { @@ -95,15 +95,15 @@ export default class SessionController extends ComplexController { const { user_id } = req.body if (typeof user_id === "undefined") { - return res.status(400).send("No user_id provided") + return res.status(400).json("No user_id provided") } const allSessions = await Session.deleteMany({ user_id }) if (allSessions) { - return res.send("done") + return res.json("done") } - return res.status(404).send("not found") + return res.status(404).json("not found") } }, } diff --git a/packages/server/src/controllers/UserController/index.js b/packages/server/src/controllers/UserController/index.js index 85cc994d..1b54c4d2 100644 --- a/packages/server/src/controllers/UserController/index.js +++ b/packages/server/src/controllers/UserController/index.js @@ -1,6 +1,5 @@ -import { ComplexController } from "linebridge/dist/classes" +import { Controller } from "linebridge/dist/server" import passport from "passport" - import { User, UserFollow } from "../../models" import { Token, Schematized, createUser } from "../../lib" import SessionController from "../SessionController" @@ -13,7 +12,7 @@ const AllowedPublicUpdateFields = [ "description", ] -export default class UserController extends ComplexController { +export default class UserController extends Controller { static refName = "UserController" methods = { @@ -390,7 +389,7 @@ export default class UserController extends ComplexController { }) }) .catch((err) => { - return res.send(500).json({ + return res.json(500).json({ error: err.message }) }) @@ -420,7 +419,7 @@ export default class UserController extends ComplexController { }) }) .catch((err) => { - return res.send(500).json({ + return res.json(500).json({ error: err.message }) }) diff --git a/packages/server/src/index.js b/packages/server/src/index.js index 047b704c..4185bf6e 100644 --- a/packages/server/src/index.js +++ b/packages/server/src/index.js @@ -1,3 +1,13 @@ +// patches +const { Buffer } = require("buffer") + +global.b64Decode = (data) => { + return Buffer.from(data, "base64").toString("utf-8") +} +global.b64Encode = (data) => { + return Buffer.from(data, "utf-8").toString("base64") +} + Array.prototype.updateFromObjectKeys = function (obj) { this.forEach((value, index) => { if (obj[value] !== undefined) { @@ -9,21 +19,13 @@ Array.prototype.updateFromObjectKeys = function (obj) { } import path from "path" -import LinebridgeServer from "linebridge/dist/server" +import { Server as LinebridgeServer } from "linebridge/dist/server" import bcrypt from "bcrypt" import mongoose from "mongoose" import passport from "passport" import { User, Session, Config } from "./models" import jwt from "jsonwebtoken" -const { Buffer } = require("buffer") -const b64Decode = global.b64Decode = (data) => { - return Buffer.from(data, "base64").toString("utf-8") -} -const b64Encode = global.b64Encode = (data) => { - return Buffer.from(data, "utf-8").toString("base64") -} - const ExtractJwt = require("passport-jwt").ExtractJwt const LocalStrategy = require("passport-local").Strategy @@ -188,11 +190,11 @@ class Server { passwordField: "password", session: false }, (username, password, done) => { - User.findOne({ username: b64Decode(username) }).select("+password") + User.findOne({ username }).select("+password") .then((data) => { if (data === null) { return done(null, false, this.options.jwtStrategy) - } else if (!bcrypt.compareSync(b64Decode(password), data.password)) { + } else if (!bcrypt.compareSync(password, data.password)) { return done(null, false, this.options.jwtStrategy) } diff --git a/packages/server/src/lib/schematized/index.js b/packages/server/src/lib/schematized/index.js index c121c32d..b66248b3 100644 --- a/packages/server/src/lib/schematized/index.js +++ b/packages/server/src/lib/schematized/index.js @@ -1,11 +1,12 @@ export default (schema = {}, fn) => { return async (req, res, next) => { - if (typeof req.body === "undefined") { - req.body = {} - } - if (typeof req.query === "undefined") { - req.query = {} - } + // not necessary since linebridge lib will do this for you + // if (typeof req.body === "undefined") { + // req.body = {} + // } + // if (typeof req.query === "undefined") { + // req.query = {} + // } if (schema.required) { if (Array.isArray(schema.required)) { diff --git a/packages/server/src/middlewares/index.js b/packages/server/src/middlewares/index.js index f6bdcfcc..f277d24d 100644 --- a/packages/server/src/middlewares/index.js +++ b/packages/server/src/middlewares/index.js @@ -1,4 +1,4 @@ -const fileUpload = require("@nanoexpress/middleware-file-upload/cjs")() +// const fileUpload = require("@nanoexpress/middleware-file-upload/cjs")() export { default as withAuthentication } from "./withAuthentication" export { default as errorHandler } from "./errorHandler" @@ -7,4 +7,4 @@ export { default as roles } from "./roles" export { default as onlyAdmin } from "./onlyAdmin" export { default as permissions } from "./permissions" -export { fileUpload as fileUpload } \ No newline at end of file +// export { fileUpload as fileUpload } \ No newline at end of file diff --git a/packages/server/src/middlewares/onlyAdmin/index.js b/packages/server/src/middlewares/onlyAdmin/index.js index 1bac1ead..730faba8 100644 --- a/packages/server/src/middlewares/onlyAdmin/index.js +++ b/packages/server/src/middlewares/onlyAdmin/index.js @@ -1,6 +1,6 @@ export default (req, res, next) => { if (!req.user.roles.includes("admin")) { - return res.status(403).send({ error: "To make this request it is necessary to have administrator permissions" }) + return res.status(403).json({ error: "To make this request it is necessary to have administrator permissions" }) } next() diff --git a/packages/server/src/middlewares/withAuthentication/index.js b/packages/server/src/middlewares/withAuthentication/index.js index 71509706..4c1f7d52 100644 --- a/packages/server/src/middlewares/withAuthentication/index.js +++ b/packages/server/src/middlewares/withAuthentication/index.js @@ -4,7 +4,7 @@ import jwt from "jsonwebtoken" export default (req, res, next) => { function reject(description) { - return res.status(401).send({ error: `${description ?? "Invalid session"}` }) + return res.status(401).json({ error: `${description ?? "Invalid session"}` }) } const authHeader = req.headers?.authorization?.split(" ") @@ -34,7 +34,7 @@ export default (req, res, next) => { const userData = await User.findOne({ _id: currentSession.user_id }).select("+refreshToken") if (!userData) { - return res.status(404).send({ error: "No user data found" }) + return res.status(404).json({ error: "No user data found" }) } if (err) {