2016-12-28 23:49:51 +01:00
|
|
|
/**
|
|
|
|
* Core Server
|
|
|
|
*/
|
|
|
|
|
2023-01-13 05:40:33 +01:00
|
|
|
import cluster from "node:cluster";
|
|
|
|
import * as fs from "node:fs";
|
|
|
|
import * as http from "node:http";
|
2023-11-26 21:33:46 +01:00
|
|
|
import Koa from "koa";
|
2023-12-05 08:12:10 +01:00
|
|
|
import Router from "@koa/router";
|
|
|
|
import cors from "@koa/cors";
|
2023-11-26 21:33:46 +01:00
|
|
|
import mount from "koa-mount";
|
2023-12-05 08:12:10 +01:00
|
|
|
import koaLogger from "koa-logger";
|
2023-01-13 05:40:33 +01:00
|
|
|
import * as slow from "koa-slow";
|
2023-04-28 01:32:37 +02:00
|
|
|
|
2023-12-05 08:12:10 +01:00
|
|
|
import { IsNull } from "typeorm";
|
2024-04-19 19:07:08 +02:00
|
|
|
import { config, envOption } from "@/config.js";
|
2023-12-05 08:12:10 +01:00
|
|
|
import Logger from "@/services/logger.js";
|
|
|
|
import { Users } from "@/models/index.js";
|
2024-05-10 21:52:59 +02:00
|
|
|
import { fetchMeta, stringToAcct } from "backend-rs";
|
2023-01-13 05:40:33 +01:00
|
|
|
import { genIdenticon } from "@/misc/gen-identicon.js";
|
2023-12-05 08:12:10 +01:00
|
|
|
import { createTemp } from "@/misc/create-temp.js";
|
2024-04-15 10:28:20 +02:00
|
|
|
import megalodon, { type MegalodonInterface } from "megalodon";
|
2023-01-13 05:40:33 +01:00
|
|
|
import activityPub from "./activitypub.js";
|
2023-12-05 08:12:10 +01:00
|
|
|
import nodeinfo from "./nodeinfo.js";
|
|
|
|
import wellKnown from "./well-known.js";
|
2023-01-13 05:40:33 +01:00
|
|
|
import apiServer from "./api/index.js";
|
|
|
|
import fileServer from "./file/index.js";
|
|
|
|
import proxyServer from "./proxy/index.js";
|
|
|
|
import webServer from "./web/index.js";
|
2023-12-05 08:12:10 +01:00
|
|
|
import { initializeStreamingServer } from "./api/streaming.js";
|
|
|
|
import { koaBody } from "koa-body";
|
|
|
|
import removeTrailingSlash from "koa-remove-trailing-slashes";
|
|
|
|
import { v4 as uuid } from "uuid";
|
2024-02-21 14:23:24 +01:00
|
|
|
import { inspect } from "node:util";
|
2023-01-13 05:40:33 +01:00
|
|
|
|
|
|
|
export const serverLogger = new Logger("server", "gray", false);
|
2017-01-17 00:06:39 +01:00
|
|
|
|
2018-04-12 23:06:18 +02:00
|
|
|
// Init app
|
2018-04-12 17:51:55 +02:00
|
|
|
const app = new Koa();
|
|
|
|
app.proxy = true;
|
2017-11-13 11:58:29 +01:00
|
|
|
|
2023-04-28 01:32:37 +02:00
|
|
|
app.use(removeTrailingSlash());
|
2023-03-01 15:04:01 +01:00
|
|
|
|
2023-05-22 05:07:25 +02:00
|
|
|
app.use(
|
|
|
|
cors({
|
|
|
|
origin: "*",
|
|
|
|
}),
|
|
|
|
);
|
|
|
|
|
2023-01-13 05:40:33 +01:00
|
|
|
if (!["production", "test"].includes(process.env.NODE_ENV || "")) {
|
2018-04-19 11:03:46 +02:00
|
|
|
// Logger
|
2023-01-13 05:40:33 +01:00
|
|
|
app.use(
|
|
|
|
koaLogger((str) => {
|
2024-04-25 01:03:38 +02:00
|
|
|
serverLogger.debug(str);
|
2023-01-13 05:40:33 +01:00
|
|
|
}),
|
|
|
|
);
|
2018-04-26 04:46:42 +02:00
|
|
|
|
|
|
|
// Delay
|
2021-10-08 14:24:05 +02:00
|
|
|
if (envOption.slow) {
|
2023-01-13 05:40:33 +01:00
|
|
|
app.use(
|
|
|
|
slow({
|
|
|
|
delay: 3000,
|
|
|
|
}),
|
|
|
|
);
|
2019-02-04 02:03:49 +01:00
|
|
|
}
|
2018-04-19 11:03:46 +02:00
|
|
|
}
|
|
|
|
|
2018-04-12 17:51:55 +02:00
|
|
|
// HSTS
|
|
|
|
// 6months (15552000sec)
|
2023-01-13 05:40:33 +01:00
|
|
|
if (config.url.startsWith("https") && !config.disableHsts) {
|
2018-04-13 00:34:27 +02:00
|
|
|
app.use(async (ctx, next) => {
|
2023-01-13 05:40:33 +01:00
|
|
|
ctx.set("strict-transport-security", "max-age=15552000; preload");
|
2018-04-13 00:34:27 +02:00
|
|
|
await next();
|
2018-04-11 22:54:54 +02:00
|
|
|
});
|
|
|
|
}
|
|
|
|
|
2023-01-13 05:40:33 +01:00
|
|
|
app.use(mount("/api", apiServer));
|
|
|
|
app.use(mount("/files", fileServer));
|
|
|
|
app.use(mount("/proxy", proxyServer));
|
2018-04-12 23:17:14 +02:00
|
|
|
|
2018-04-12 17:51:55 +02:00
|
|
|
// Init router
|
|
|
|
const router = new Router();
|
2023-02-11 00:33:01 +01:00
|
|
|
const mastoRouter = new Router();
|
|
|
|
|
2023-02-11 22:16:45 +01:00
|
|
|
mastoRouter.use(
|
|
|
|
koaBody({
|
|
|
|
urlencoded: true,
|
2023-03-02 03:37:49 +01:00
|
|
|
multipart: true,
|
2023-02-11 22:16:45 +01:00
|
|
|
}),
|
|
|
|
);
|
2017-01-07 15:57:45 +01:00
|
|
|
|
2023-02-13 15:12:04 +01:00
|
|
|
mastoRouter.use(async (ctx, next) => {
|
|
|
|
if (ctx.request.query) {
|
|
|
|
if (!ctx.request.body || Object.keys(ctx.request.body).length === 0) {
|
2023-02-13 20:17:07 +01:00
|
|
|
ctx.request.body = ctx.request.query;
|
2023-02-13 15:12:04 +01:00
|
|
|
} else {
|
2023-02-13 20:17:07 +01:00
|
|
|
ctx.request.body = { ...ctx.request.body, ...ctx.request.query };
|
2023-02-13 15:12:04 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
await next();
|
|
|
|
});
|
|
|
|
|
2018-04-12 17:51:55 +02:00
|
|
|
// Routing
|
|
|
|
router.use(activityPub.routes());
|
2019-02-05 09:42:55 +01:00
|
|
|
router.use(nodeinfo.routes());
|
|
|
|
router.use(wellKnown.routes());
|
2018-04-12 23:17:14 +02:00
|
|
|
|
2023-01-13 05:40:33 +01:00
|
|
|
router.get("/avatar/@:acct", async (ctx) => {
|
2024-04-11 23:10:11 +02:00
|
|
|
const { username, host } = stringToAcct(ctx.params.acct);
|
2021-10-24 14:02:50 +02:00
|
|
|
const user = await Users.findOne({
|
2022-03-26 07:34:00 +01:00
|
|
|
where: {
|
|
|
|
usernameLower: username.toLowerCase(),
|
2023-01-13 05:40:33 +01:00
|
|
|
host: host == null || host === config.host ? IsNull() : host,
|
2022-03-26 07:34:00 +01:00
|
|
|
isSuspended: false,
|
|
|
|
},
|
2023-01-13 05:40:33 +01:00
|
|
|
relations: ["avatar"],
|
2021-10-24 14:02:50 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
if (user) {
|
2022-04-17 14:18:18 +02:00
|
|
|
ctx.redirect(Users.getAvatarUrlSync(user));
|
2021-10-24 14:02:50 +02:00
|
|
|
} else {
|
2023-01-13 05:40:33 +01:00
|
|
|
ctx.redirect("/static-assets/user-unknown.png");
|
2021-10-24 14:02:50 +02:00
|
|
|
}
|
|
|
|
});
|
|
|
|
|
2023-01-13 05:40:33 +01:00
|
|
|
router.get("/identicon/:x", async (ctx) => {
|
2024-06-05 05:30:05 +02:00
|
|
|
const meta = await fetchMeta();
|
2023-07-03 01:20:40 +02:00
|
|
|
if (meta.enableIdenticonGeneration) {
|
|
|
|
const [temp, cleanup] = await createTemp();
|
|
|
|
await genIdenticon(ctx.params.x, fs.createWriteStream(temp));
|
|
|
|
ctx.set("Content-Type", "image/png");
|
|
|
|
ctx.body = fs.createReadStream(temp).on("close", () => cleanup());
|
2023-07-03 08:08:33 +02:00
|
|
|
} else {
|
|
|
|
ctx.redirect("/static-assets/avatar.png");
|
2023-07-03 01:20:40 +02:00
|
|
|
}
|
2019-04-15 13:37:21 +02:00
|
|
|
});
|
|
|
|
|
2023-02-11 00:33:01 +01:00
|
|
|
mastoRouter.get("/oauth/authorize", async (ctx) => {
|
2023-03-01 15:04:01 +01:00
|
|
|
const { client_id, state, redirect_uri } = ctx.request.query;
|
2023-02-07 22:56:07 +01:00
|
|
|
console.log(ctx.request.req);
|
2023-03-01 15:04:01 +01:00
|
|
|
let param = "mastodon=true";
|
2023-03-31 04:10:03 +02:00
|
|
|
if (state) param += `&state=${state}`;
|
|
|
|
if (redirect_uri) param += `&redirect_uri=${redirect_uri}`;
|
|
|
|
const client = client_id ? client_id : "";
|
|
|
|
ctx.redirect(
|
|
|
|
`${Buffer.from(client.toString(), "base64").toString()}?${param}`,
|
|
|
|
);
|
2023-02-07 22:56:07 +01:00
|
|
|
});
|
|
|
|
|
2023-02-11 00:33:01 +01:00
|
|
|
mastoRouter.post("/oauth/token", async (ctx) => {
|
2023-02-28 17:23:04 +01:00
|
|
|
const body: any = ctx.request.body || ctx.request.query;
|
2023-03-31 04:10:03 +02:00
|
|
|
console.log("token-request", body);
|
|
|
|
console.log("token-query", ctx.request.query);
|
|
|
|
if (body.grant_type === "client_credentials") {
|
2023-03-12 05:02:41 +01:00
|
|
|
const ret = {
|
|
|
|
access_token: uuid(),
|
|
|
|
token_type: "Bearer",
|
|
|
|
scope: "read",
|
2024-04-08 09:58:43 +02:00
|
|
|
created_at: Math.floor(Date.now() / 1000),
|
2023-03-12 05:02:41 +01:00
|
|
|
};
|
|
|
|
ctx.body = ret;
|
|
|
|
return;
|
|
|
|
}
|
2023-10-10 16:35:21 +02:00
|
|
|
let client_id: any = body.client_id;
|
2023-02-10 23:00:15 +01:00
|
|
|
const BASE_URL = `${ctx.request.protocol}://${ctx.request.hostname}`;
|
2023-10-04 17:56:56 +02:00
|
|
|
const generator = (megalodon as any).default;
|
2023-10-10 16:35:21 +02:00
|
|
|
const client = generator(BASE_URL, null) as MegalodonInterface;
|
2023-02-28 17:23:04 +01:00
|
|
|
let token = null;
|
2023-02-11 01:07:44 +01:00
|
|
|
if (body.code) {
|
2023-03-02 03:37:49 +01:00
|
|
|
//m = body.code.match(/^([a-zA-Z0-9]{8})([a-zA-Z0-9]{4})([a-zA-Z0-9]{4})([a-zA-Z0-9]{4})([a-zA-Z0-9]{12})/);
|
|
|
|
//if (!m.length) {
|
|
|
|
// ctx.body = { error: "Invalid code" };
|
|
|
|
// return;
|
|
|
|
//}
|
|
|
|
//token = `${m[1]}-${m[2]}-${m[3]}-${m[4]}-${m[5]}`
|
2023-03-31 04:10:03 +02:00
|
|
|
console.log(body.code, token);
|
|
|
|
token = body.code;
|
2023-02-11 22:16:45 +01:00
|
|
|
}
|
2024-04-25 01:03:38 +02:00
|
|
|
if (Array.isArray(client_id)) {
|
2023-02-11 22:16:45 +01:00
|
|
|
client_id = client_id.toString();
|
2023-02-11 01:17:35 +01:00
|
|
|
} else if (!client_id) {
|
|
|
|
client_id = null;
|
|
|
|
}
|
2023-02-07 22:56:07 +01:00
|
|
|
try {
|
2023-02-11 00:41:19 +01:00
|
|
|
const atData = await client.fetchAccessToken(
|
2023-02-11 01:17:35 +01:00
|
|
|
client_id,
|
2023-02-11 00:41:19 +01:00
|
|
|
body.client_secret,
|
2023-02-28 17:23:04 +01:00
|
|
|
token ? token : "",
|
2023-02-11 00:41:19 +01:00
|
|
|
);
|
2023-02-28 17:23:04 +01:00
|
|
|
const ret = {
|
2023-10-10 16:35:21 +02:00
|
|
|
access_token: atData.accessToken,
|
2023-02-11 00:41:19 +01:00
|
|
|
token_type: "Bearer",
|
2023-03-31 04:10:03 +02:00
|
|
|
scope: body.scope || "read write follow push",
|
2024-04-08 09:58:43 +02:00
|
|
|
created_at: Math.floor(Date.now() / 1000),
|
2023-02-09 23:21:50 +01:00
|
|
|
};
|
2024-04-25 01:03:38 +02:00
|
|
|
serverLogger.debug("Mastodon API token response", ret);
|
2023-02-28 17:23:04 +01:00
|
|
|
ctx.body = ret;
|
2023-02-07 22:56:07 +01:00
|
|
|
} catch (err: any) {
|
2024-04-25 01:03:38 +02:00
|
|
|
serverLogger.warn(err);
|
2023-02-07 22:56:07 +01:00
|
|
|
ctx.status = 401;
|
|
|
|
ctx.body = err.response.data;
|
|
|
|
}
|
2018-11-29 08:23:45 +01:00
|
|
|
});
|
|
|
|
|
2018-04-12 17:51:55 +02:00
|
|
|
// Register router
|
2023-02-11 00:33:01 +01:00
|
|
|
app.use(mastoRouter.routes());
|
2023-02-11 00:51:45 +01:00
|
|
|
app.use(router.routes());
|
2016-12-28 23:49:51 +01:00
|
|
|
|
2022-02-27 03:07:39 +01:00
|
|
|
app.use(mount(webServer));
|
2018-04-13 00:34:27 +02:00
|
|
|
|
2018-03-28 18:20:40 +02:00
|
|
|
function createServer() {
|
2022-03-08 15:23:18 +01:00
|
|
|
return http.createServer(app.callback());
|
2018-03-28 18:20:40 +02:00
|
|
|
}
|
2016-12-28 23:49:51 +01:00
|
|
|
|
2019-01-23 05:35:22 +01:00
|
|
|
// For testing
|
|
|
|
export const startServer = () => {
|
|
|
|
const server = createServer();
|
|
|
|
|
2022-02-27 03:07:39 +01:00
|
|
|
initializeStreamingServer(server);
|
2019-01-23 05:35:22 +01:00
|
|
|
|
2023-07-17 02:44:48 +02:00
|
|
|
server.listen({
|
|
|
|
port: config.port,
|
2023-07-28 20:35:58 +02:00
|
|
|
host: config.bind,
|
2023-07-17 02:44:48 +02:00
|
|
|
});
|
2019-01-23 05:35:22 +01:00
|
|
|
|
|
|
|
return server;
|
|
|
|
};
|
|
|
|
|
2023-01-13 05:40:33 +01:00
|
|
|
export default () =>
|
|
|
|
new Promise((resolve) => {
|
|
|
|
const server = createServer();
|
|
|
|
|
|
|
|
initializeStreamingServer(server);
|
|
|
|
|
|
|
|
server.on("error", (e) => {
|
|
|
|
switch ((e as any).code) {
|
|
|
|
case "EACCES":
|
|
|
|
serverLogger.error(
|
|
|
|
`You do not have permission to listen on port ${config.port}.`,
|
|
|
|
);
|
|
|
|
break;
|
|
|
|
case "EADDRINUSE":
|
|
|
|
serverLogger.error(
|
|
|
|
`Port ${config.port} is already in use by another process.`,
|
|
|
|
);
|
|
|
|
break;
|
|
|
|
default:
|
2024-04-25 01:03:38 +02:00
|
|
|
serverLogger.error(inspect(e));
|
2023-01-13 05:40:33 +01:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (cluster.isWorker) {
|
|
|
|
process.send!("listenFailed");
|
|
|
|
} else {
|
|
|
|
// disableClustering
|
|
|
|
process.exit(1);
|
|
|
|
}
|
|
|
|
});
|
2017-01-16 23:51:27 +01:00
|
|
|
|
2023-07-28 20:35:58 +02:00
|
|
|
server.listen(
|
|
|
|
{
|
|
|
|
port: config.port,
|
|
|
|
host: config.bind,
|
|
|
|
},
|
|
|
|
() => resolve(undefined),
|
|
|
|
);
|
2022-05-19 04:49:07 +02:00
|
|
|
});
|