From 4a81106cf50388a48bdc6d4f52ca6217d1bdd7c2 Mon Sep 17 00:00:00 2001
From: naskya <m@naskya.net>
Date: Thu, 9 May 2024 21:49:56 +0900
Subject: [PATCH] chore (backend): remove generate-native-user-token
---
packages/backend-rs/index.d.ts | 4 +++-
packages/backend-rs/index.js | 5 +++--
packages/backend-rs/src/util/random.rs | 22 +++++++++++--------
.../api/common/generate-native-user-token.ts | 3 ---
.../backend/src/server/api/common/signup.ts | 3 +--
.../src/server/api/endpoints/app/create.ts | 4 ++--
.../src/server/api/endpoints/auth/accept.ts | 6 ++---
.../api/endpoints/i/regenerate-token.ts | 3 +--
.../server/api/endpoints/miauth/gen-token.ts | 4 ++--
.../src/services/create-system-user.ts | 5 ++---
10 files changed, 30 insertions(+), 29 deletions(-)
delete mode 100644 packages/backend/src/server/api/common/generate-native-user-token.ts
diff --git a/packages/backend-rs/index.d.ts b/packages/backend-rs/index.d.ts
index b161473d9a..1133fad209 100644
--- a/packages/backend-rs/index.d.ts
+++ b/packages/backend-rs/index.d.ts
@@ -1304,4 +1304,6 @@ export function getTimestamp(id: string): number
export function genId(): string
/** Generate an ID using a specific datetime */
export function genIdAt(date: Date): string
-export function secureRndstr(length?: number | undefined | null): string
+/** Generate random string based on [thread_rng] and [Alphanumeric]. */
+export function generateSecureRandomString(length: number): string
+export function generateUserToken(): string
diff --git a/packages/backend-rs/index.js b/packages/backend-rs/index.js
index 0d9938f9ed..287d4296fc 100644
--- a/packages/backend-rs/index.js
+++ b/packages/backend-rs/index.js
@@ -310,7 +310,7 @@ if (!nativeBinding) {
throw new Error(`Failed to load native binding`)
}
-const { SECOND, MINUTE, HOUR, DAY, USER_ONLINE_THRESHOLD, USER_ACTIVE_THRESHOLD, FILE_TYPE_BROWSERSAFE, loadEnv, loadConfig, stringToAcct, acctToString, addNoteToAntenna, isBlockedServer, isSilencedServer, isAllowedServer, checkWordMute, getFullApAccount, isSelfHost, isSameOrigin, extractHost, toPuny, isUnicodeEmoji, sqlLikeEscape, safeForSql, formatMilliseconds, getImageSizeFromUrl, getNoteSummary, isSafeUrl, latestVersion, toMastodonId, fromMastodonId, fetchMeta, metaToPugArgs, nyaify, hashPassword, verifyPassword, isOldPasswordAlgorithm, decodeReaction, countReactions, toDbReaction, removeOldAttestationChallenges, AntennaSrcEnum, DriveFileUsageHintEnum, MutedNoteReasonEnum, NoteVisibilityEnum, NotificationTypeEnum, PageVisibilityEnum, PollNotevisibilityEnum, RelayStatusEnum, UserEmojimodpermEnum, UserProfileFfvisibilityEnum, UserProfileMutingnotificationtypesEnum, initializeRustLogger, fetchNodeinfo, nodeinfo_2_1, nodeinfo_2_0, Protocol, Inbound, Outbound, watchNote, unwatchNote, publishToChannelStream, ChatEvent, publishToChatStream, ChatIndexEvent, publishToChatIndexStream, publishToBroadcastStream, publishToGroupChatStream, publishToModerationStream, getTimestamp, genId, genIdAt, secureRndstr } = nativeBinding
+const { SECOND, MINUTE, HOUR, DAY, USER_ONLINE_THRESHOLD, USER_ACTIVE_THRESHOLD, FILE_TYPE_BROWSERSAFE, loadEnv, loadConfig, stringToAcct, acctToString, addNoteToAntenna, isBlockedServer, isSilencedServer, isAllowedServer, checkWordMute, getFullApAccount, isSelfHost, isSameOrigin, extractHost, toPuny, isUnicodeEmoji, sqlLikeEscape, safeForSql, formatMilliseconds, getImageSizeFromUrl, getNoteSummary, isSafeUrl, latestVersion, toMastodonId, fromMastodonId, fetchMeta, metaToPugArgs, nyaify, hashPassword, verifyPassword, isOldPasswordAlgorithm, decodeReaction, countReactions, toDbReaction, removeOldAttestationChallenges, AntennaSrcEnum, DriveFileUsageHintEnum, MutedNoteReasonEnum, NoteVisibilityEnum, NotificationTypeEnum, PageVisibilityEnum, PollNotevisibilityEnum, RelayStatusEnum, UserEmojimodpermEnum, UserProfileFfvisibilityEnum, UserProfileMutingnotificationtypesEnum, initializeRustLogger, fetchNodeinfo, nodeinfo_2_1, nodeinfo_2_0, Protocol, Inbound, Outbound, watchNote, unwatchNote, publishToChannelStream, ChatEvent, publishToChatStream, ChatIndexEvent, publishToChatIndexStream, publishToBroadcastStream, publishToGroupChatStream, publishToModerationStream, getTimestamp, genId, genIdAt, generateSecureRandomString, generateUserToken } = nativeBinding
module.exports.SECOND = SECOND
module.exports.MINUTE = MINUTE
@@ -384,4 +384,5 @@ module.exports.publishToModerationStream = publishToModerationStream
module.exports.getTimestamp = getTimestamp
module.exports.genId = genId
module.exports.genIdAt = genIdAt
-module.exports.secureRndstr = secureRndstr
+module.exports.generateSecureRandomString = generateSecureRandomString
+module.exports.generateUserToken = generateUserToken
diff --git a/packages/backend-rs/src/util/random.rs b/packages/backend-rs/src/util/random.rs
index 61edbf11cf..4251a7c232 100644
--- a/packages/backend-rs/src/util/random.rs
+++ b/packages/backend-rs/src/util/random.rs
@@ -1,7 +1,8 @@
use rand::{distributions::Alphanumeric, thread_rng, Rng};
/// Generate random string based on [thread_rng] and [Alphanumeric].
-pub fn gen_string(length: u16) -> String {
+#[crate::export]
+pub fn generate_secure_random_string(length: u16) -> String {
thread_rng()
.sample_iter(Alphanumeric)
.take(length.into())
@@ -9,9 +10,9 @@ pub fn gen_string(length: u16) -> String {
.collect()
}
-#[crate::export(js_name = "secureRndstr")]
-pub fn native_random_str(length: Option<u16>) -> String {
- gen_string(length.unwrap_or(32))
+#[crate::export]
+pub fn generate_user_token() -> String {
+ generate_secure_random_string(16)
}
#[cfg(test)]
@@ -19,14 +20,17 @@ mod unit_test {
use pretty_assertions::{assert_eq, assert_ne};
use std::thread;
- use super::gen_string;
+ use super::generate_secure_random_string;
#[test]
fn can_generate_unique_strings() {
- assert_eq!(gen_string(16).len(), 16);
- assert_ne!(gen_string(16), gen_string(16));
- let s1 = thread::spawn(|| gen_string(16));
- let s2 = thread::spawn(|| gen_string(16));
+ assert_eq!(generate_secure_random_string(16).len(), 16);
+ assert_ne!(
+ generate_secure_random_string(16),
+ generate_secure_random_string(16)
+ );
+ let s1 = thread::spawn(|| generate_secure_random_string(16));
+ let s2 = thread::spawn(|| generate_secure_random_string(16));
assert_ne!(s1.join().unwrap(), s2.join().unwrap());
}
}
diff --git a/packages/backend/src/server/api/common/generate-native-user-token.ts b/packages/backend/src/server/api/common/generate-native-user-token.ts
deleted file mode 100644
index 495a1150d2..0000000000
--- a/packages/backend/src/server/api/common/generate-native-user-token.ts
+++ /dev/null
@@ -1,3 +0,0 @@
-import { secureRndstr } from "backend-rs";
-
-export default () => secureRndstr(16);
diff --git a/packages/backend/src/server/api/common/signup.ts b/packages/backend/src/server/api/common/signup.ts
index 40b59c8ed5..67f06ac4e1 100644
--- a/packages/backend/src/server/api/common/signup.ts
+++ b/packages/backend/src/server/api/common/signup.ts
@@ -1,10 +1,9 @@
import { generateKeyPair } from "node:crypto";
-import generateUserToken from "./generate-native-user-token.js";
import { User } from "@/models/entities/user.js";
import { Users, UsedUsernames } from "@/models/index.js";
import { UserProfile } from "@/models/entities/user-profile.js";
import { IsNull } from "typeorm";
-import { genId, hashPassword, toPuny } from "backend-rs";
+import { genId, generateUserToken, hashPassword, toPuny } from "backend-rs";
import { UserKeypair } from "@/models/entities/user-keypair.js";
import { UsedUsername } from "@/models/entities/used-username.js";
import { db } from "@/db/postgre.js";
diff --git a/packages/backend/src/server/api/endpoints/app/create.ts b/packages/backend/src/server/api/endpoints/app/create.ts
index 0d52d5fbcf..0d580d1535 100644
--- a/packages/backend/src/server/api/endpoints/app/create.ts
+++ b/packages/backend/src/server/api/endpoints/app/create.ts
@@ -1,6 +1,6 @@
import define from "@/server/api/define.js";
import { Apps } from "@/models/index.js";
-import { genId, secureRndstr } from "backend-rs";
+import { genId, generateSecureRandomString } from "backend-rs";
import { unique } from "@/prelude/array.js";
export const meta = {
@@ -40,7 +40,7 @@ export default define(meta, paramDef, async (ps, user) => {
includeSecret: true,
});
// Generate secret
- const secret = secureRndstr(32);
+ const secret = generateSecureRandomString(32);
// for backward compatibility
const permission = unique(
diff --git a/packages/backend/src/server/api/endpoints/auth/accept.ts b/packages/backend/src/server/api/endpoints/auth/accept.ts
index f14fa5529e..3bdc9e18b5 100644
--- a/packages/backend/src/server/api/endpoints/auth/accept.ts
+++ b/packages/backend/src/server/api/endpoints/auth/accept.ts
@@ -2,7 +2,7 @@ import * as crypto from "node:crypto";
import define from "@/server/api/define.js";
import { ApiError } from "@/server/api/error.js";
import { AuthSessions, AccessTokens, Apps } from "@/models/index.js";
-import { genId, secureRndstr } from "backend-rs";
+import { genId, generateSecureRandomString } from "backend-rs";
export const meta = {
tags: ["auth"],
@@ -37,10 +37,10 @@ export default define(meta, paramDef, async (ps, user) => {
}
// Generate access token
- const accessToken = secureRndstr(32);
+ const accessToken = generateSecureRandomString(32);
// Fetch exist access token
- const exist = await AccessTokens.exist({
+ const exist = await AccessTokens.exists({
where: {
appId: session.appId,
userId: user.id,
diff --git a/packages/backend/src/server/api/endpoints/i/regenerate-token.ts b/packages/backend/src/server/api/endpoints/i/regenerate-token.ts
index fd3023ab7a..4b1b3450af 100644
--- a/packages/backend/src/server/api/endpoints/i/regenerate-token.ts
+++ b/packages/backend/src/server/api/endpoints/i/regenerate-token.ts
@@ -3,10 +3,9 @@ import {
publishMainStream,
publishUserEvent,
} from "@/services/stream.js";
-import generateUserToken from "@/server/api/common/generate-native-user-token.js";
import define from "@/server/api/define.js";
import { Users, UserProfiles } from "@/models/index.js";
-import { verifyPassword } from "backend-rs";
+import { generateUserToken, verifyPassword } from "backend-rs";
export const meta = {
requireCredential: true,
diff --git a/packages/backend/src/server/api/endpoints/miauth/gen-token.ts b/packages/backend/src/server/api/endpoints/miauth/gen-token.ts
index d1527c51cf..ba46ca6088 100644
--- a/packages/backend/src/server/api/endpoints/miauth/gen-token.ts
+++ b/packages/backend/src/server/api/endpoints/miauth/gen-token.ts
@@ -1,6 +1,6 @@
import define from "@/server/api/define.js";
import { AccessTokens } from "@/models/index.js";
-import { genId, secureRndstr } from "backend-rs";
+import { genId, generateSecureRandomString } from "backend-rs";
export const meta = {
tags: ["auth"],
@@ -43,7 +43,7 @@ export const paramDef = {
export default define(meta, paramDef, async (ps, user) => {
// Generate access token
- const accessToken = secureRndstr(32);
+ const accessToken = generateSecureRandomString(32);
const now = new Date();
diff --git a/packages/backend/src/services/create-system-user.ts b/packages/backend/src/services/create-system-user.ts
index 802c59b288..d13d5a7bda 100644
--- a/packages/backend/src/services/create-system-user.ts
+++ b/packages/backend/src/services/create-system-user.ts
@@ -1,10 +1,9 @@
import { v4 as uuid } from "uuid";
-import generateNativeUserToken from "@/server/api/common/generate-native-user-token.js";
import { genRsaKeyPair } from "@/misc/gen-key-pair.js";
import { User } from "@/models/entities/user.js";
import { UserProfile } from "@/models/entities/user-profile.js";
import { IsNull } from "typeorm";
-import { genId, hashPassword } from "backend-rs";
+import { generateUserToken, genId, hashPassword } from "backend-rs";
import { UserKeypair } from "@/models/entities/user-keypair.js";
import { UsedUsername } from "@/models/entities/used-username.js";
import { db } from "@/db/postgre.js";
@@ -16,7 +15,7 @@ export async function createSystemUser(username: string) {
const hash = hashPassword(password);
// Generate secret
- const secret = generateNativeUserToken();
+ const secret = generateUserToken();
const keyPair = await genRsaKeyPair(4096);