diff options
Diffstat (limited to 'src/routers')
| -rw-r--r-- | src/routers/Auth.ts | 100 | ||||
| -rw-r--r-- | src/routers/Image.ts | 107 | ||||
| -rw-r--r-- | src/routers/Profile.ts | 58 |
3 files changed, 265 insertions, 0 deletions
diff --git a/src/routers/Auth.ts b/src/routers/Auth.ts new file mode 100644 index 0000000..146bafe --- /dev/null +++ b/src/routers/Auth.ts @@ -0,0 +1,100 @@ +// Copyright 2022 NotDankEnough (ilotterytea) +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +import { Router, CookieOptions } from "express"; +import { PrismaClient, User } from "@prisma/client"; +import { randomBytes } from "crypto"; +import axios from "axios"; +import { Logger } from "tslog"; + +const log: Logger = new Logger({name: "authlog"}); + +function AuthRouter(dirPath: string, cfg: {[key: string]: any}, prisma: PrismaClient): Router { + const router: Router = Router(); + + router.get("/twitch", async (req, res) => { + if (!("code" in req.query)) { + return res.json({ + status: 400, + reason: "\"code\" query not found." + }).status(400); + } + + try { + const req_token = await axios.post("https://id.twitch.tv/oauth2/token", `client_id=${cfg.Auth.ClientID}&client_secret=${cfg.Auth.ClientSecret}&code=${req.query.code}&grant_type=authorization_code&redirect_uri=${cfg.Auth.RedirectURI}`, {headers: {"Content-Type": "application/x-www-form-urlencoded"}}); + + const ttv_user = await axios.get("https://api.twitch.tv/helix/users", { + responseType: "json", + headers: { + "Authorization": `Bearer ${req_token.data.access_token}`, + "Client-Id": cfg.Auth.ClientID + } + }); + + const user_data = ttv_user.data.data[0]; + + const user: User | null = await prisma.user.findFirst({ + where: { + alias_id: parseInt(user_data.id) + } + }); + + const key: string = randomBytes(16).toString("hex"); + const cookie_opts: CookieOptions = { + httpOnly: false, + secure: true, + sameSite: "lax" + }; + + if (!user) { + await prisma.user.create({ + data: { + alias_id: parseInt(user_data.id), + name: user_data.login, + desc: user_data.description, + pic: user_data.profile_image_url, + key: key + } + }); + + res.cookie("key", key, cookie_opts); + res.cookie("id", user_data.id, cookie_opts); + } else { + await prisma.user.update({ + where: {id: user.id}, + data: { + name: user_data.login, + desc: user_data.description, + pic: user_data.profile_image_url, + key: key + } + }); + + res.cookie("key", key, cookie_opts); + res.cookie("id", user_data.id, cookie_opts); + } + + res.redirect("/me"); + } catch (err: any) { + res.json({ + status: (err.response.data.status) ? err.response.data.status : 400, + message: (err.response.data.message) ? err.response.data.message : "Bad request." + }).status((err.response.data.status) ? err.response.data.status : 400); + } + }); + + return router; +} + +export default AuthRouter;
\ No newline at end of file diff --git a/src/routers/Image.ts b/src/routers/Image.ts new file mode 100644 index 0000000..dfd6a16 --- /dev/null +++ b/src/routers/Image.ts @@ -0,0 +1,107 @@ +// Copyright 2022 NotDankEnough (ilotterytea) +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +import { PrismaClient, User, Image } from "@prisma/client"; +import express from "express"; +import mime from "mime"; +import multer from "../clients/Multer"; + +function ImageRouter(dirPath: string, cfg: {[key: string]: any}, prisma: PrismaClient): express.Router { + const router: express.Router = express.Router(); + + router.get("/", async (req, res) => { + const user: User | null = await prisma.user.findFirst({ + where: { + alias_id: (req.cookies.id) ? parseInt(req.cookies.id) : null, + key: (req.cookies.key) ? req.cookies.key : "" + } + }); + + return res.render("pages/home", { + user: user, + cid: cfg.Auth.ClientID, + uri: cfg.Auth.RedirectURI + }); + }); + + router.post("/upload", multer.single("file"), async (req, res) => { + const auth: string[] | undefined = (req.headers["authorization"]) ? new Buffer(req.headers["authorization"], "base64").toString("utf-8").split(':') : undefined; + + var user: User | null = await prisma.user.findFirst({ + where: { + alias_id: (auth) ? parseInt(auth[1]) : (req.cookies.id) ? parseInt(req.cookies["id"]) : null, + key: (auth) ? auth[2] : (req.cookies.key) ? req.cookies["key"] : "" + } + }); + + const image: Image = await prisma.image.create({ + data: { + storage_id: req.file!.filename!, + ext: mime.getExtension(req.file!.mimetype)!, + userId: (user) ? user.id : null + } + }); + + return res.send(`https://i.hmmtodayiwill.ru/${image.id}`).status(200); + }); + + + router.get("/:imageId", async (req, res) => { + const auth: string[] | undefined = (req.headers["authorization"]) ? new Buffer(req.headers["authorization"], "base64").toString("utf-8").split(':') : undefined; + + var user: User | null = await prisma.user.findFirst({ + where: { + alias_id: (auth) ? parseInt(auth[0]) : (req.cookies.id) ? parseInt(req.cookies["id"]) : null, + key: (auth) ? auth[1] : (req.cookies.key) ? req.cookies["key"] : "" + } + }); + + const image: Image | null = await prisma.image.findFirst({ + where: { + id: req.params.imageId + } + }); + + if (!image) { + return res.json({ + status: 404, + reason: "Image ID " + req.params.imageId + " not found in database!" + }).status(404); + } + + if (image.is_hidden) { + if (user) { + if (image.userId !== user.id) { + return res.json({ + status: 401, + reason: "Image ID " + req.params.imageId + " have a hide flag." + }).status(401); + } else { + return res.sendFile(`${__dirname}/static/images/${image.storage_id}`); + } + } else { + return res.json({ + status: 401, + reason: "Image ID " + req.params.imageId + " have a hide flag." + }).status(401); + } + } + + return res.sendFile(`${dirPath}/static/images/${image.storage_id}`); + }); + + return router; +} + +export default ImageRouter;
\ No newline at end of file diff --git a/src/routers/Profile.ts b/src/routers/Profile.ts new file mode 100644 index 0000000..afc5e5d --- /dev/null +++ b/src/routers/Profile.ts @@ -0,0 +1,58 @@ +// Copyright 2022 NotDankEnough (ilotterytea) +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +import { PrismaClient, User, Image } from "@prisma/client"; +import { Router } from "express"; + +function ProfileRouter(dirPath: string, prisma: PrismaClient): Router { + const router: Router = Router(); + + router.get("/", async (req, res) => { + if (!req.cookies.id || !req.cookies.key) { + return res.redirect("/"); + } + + const user: User | null = await prisma.user.findFirst({ + where: { + alias_id: parseInt(req.cookies.id), + key: req.cookies.key + } + }); + + if (!user) { + return res.redirect("/"); + } + + var images: Image[] = await prisma.image.findMany({ + where: { + userId: user.id + }, + orderBy: { + timestamp: "desc" + } + }); + + const keyNotEncoded: string = `${user.id}:${user.alias_id}:${user.key}`; + + return res.render("pages/me", { + user: user, + images: images, + authKey: Buffer.alloc(keyNotEncoded.length, keyNotEncoded).toString("base64") + }); + }); + + return router; +} + +export default ProfileRouter;
\ No newline at end of file |