diff options
author | Kristóf Marussy <kristof@marussy.com> | 2022-07-10 16:07:45 +0200 |
---|---|---|
committer | Kristóf Marussy <kristof@marussy.com> | 2022-07-11 17:47:53 +0200 |
commit | fa1a7037b47f2e0114d8abc5a99d29239bd3637b (patch) | |
tree | 83404acf711aa8976dce47950edcca64836e0cd8 /src/internal-server/start | |
parent | 6.0.0-nightly.96 [skip ci] (diff) | |
download | ferdium-app-fa1a7037b47f2e0114d8abc5a99d29239bd3637b.tar.gz ferdium-app-fa1a7037b47f2e0114d8abc5a99d29239bd3637b.tar.zst ferdium-app-fa1a7037b47f2e0114d8abc5a99d29239bd3637b.zip |
refactor: local server import/export
Signed-off-by: Kristóf Marussy <kristof@marussy.com>
Diffstat (limited to 'src/internal-server/start')
-rw-r--r-- | src/internal-server/start/routes.js | 68 |
1 files changed, 55 insertions, 13 deletions
diff --git a/src/internal-server/start/routes.js b/src/internal-server/start/routes.js index 79c809f5f..736796bb8 100644 --- a/src/internal-server/start/routes.js +++ b/src/internal-server/start/routes.js | |||
@@ -5,6 +5,8 @@ | |||
5 | | | 5 | | |
6 | */ | 6 | */ |
7 | 7 | ||
8 | const { timingSafeEqual } = require('crypto'); | ||
9 | |||
8 | /** @type {typeof import('@adonisjs/framework/src/Route/Manager')} */ | 10 | /** @type {typeof import('@adonisjs/framework/src/Route/Manager')} */ |
9 | const Route = use('Route'); | 11 | const Route = use('Route'); |
10 | 12 | ||
@@ -14,14 +16,38 @@ const migrate = require('./migrate'); | |||
14 | 16 | ||
15 | migrate(); | 17 | migrate(); |
16 | 18 | ||
19 | async function validateToken(clientToken, response, next) { | ||
20 | const serverToken = process.env.FERDIUM_LOCAL_TOKEN; | ||
21 | const valid = serverToken && | ||
22 | clientToken && | ||
23 | timingSafeEqual(Buffer.from(clientToken, 'utf8'), Buffer.from(serverToken, 'utf8')); | ||
24 | if (valid) { | ||
25 | await next(); | ||
26 | return true; | ||
27 | } | ||
28 | return response.forbidden(); | ||
29 | } | ||
30 | |||
17 | const OnlyAllowFerdium = async ({ request, response }, next) => { | 31 | const OnlyAllowFerdium = async ({ request, response }, next) => { |
18 | const version = request.header('X-Franz-Version'); | 32 | const version = request.header('X-Franz-Version'); |
19 | if (!version) { | 33 | if (!version) { |
20 | return response.status(403).redirect('/'); | 34 | return response.forbidden(); |
21 | } | 35 | } |
22 | 36 | ||
23 | await next(); | 37 | const clientToken = request.header('X-Ferdium-Local-Token'); |
24 | return true; | 38 | return validateToken(clientToken, response, next); |
39 | }; | ||
40 | |||
41 | const RequireTokenInQS = async ({ request, response }, next) => { | ||
42 | const clientToken = request.get().token; | ||
43 | return validateToken(clientToken, response, next); | ||
44 | } | ||
45 | |||
46 | const FERDIUM_LOCAL_TOKEN_COOKIE = 'ferdium-local-token'; | ||
47 | |||
48 | const RequireAuthenticatedBrowser = async({ request, response }, next) => { | ||
49 | const clientToken = request.cookie(FERDIUM_LOCAL_TOKEN_COOKIE); | ||
50 | return validateToken(clientToken, response, next); | ||
25 | }; | 51 | }; |
26 | 52 | ||
27 | // Health: Returning if all systems function correctly | 53 | // Health: Returning if all systems function correctly |
@@ -67,16 +93,32 @@ Route.group(() => { | |||
67 | 93 | ||
68 | Route.group(() => { | 94 | Route.group(() => { |
69 | Route.get('icon/:id', 'ImageController.icon'); | 95 | Route.get('icon/:id', 'ImageController.icon'); |
70 | }).prefix(API_VERSION); | 96 | }) |
97 | .prefix(API_VERSION) | ||
98 | .middleware(RequireTokenInQS); | ||
71 | 99 | ||
72 | // Franz account import | 100 | Route.group(() => { |
73 | Route.post('import', 'UserController.import'); | 101 | // Franz account import |
74 | Route.get('import', ({ view }) => view.render('import')); | 102 | Route.post('import', 'UserController.import'); |
103 | Route.get('import', ({ view }) => view.render('import')); | ||
104 | |||
105 | // Account transfer | ||
106 | Route.get('export', 'UserController.export'); | ||
107 | Route.post('transfer', 'UserController.importFerdium'); | ||
108 | Route.get('transfer', ({ view }) => view.render('transfer')); | ||
75 | 109 | ||
76 | // Account transfer | 110 | // Index |
77 | Route.get('export', 'UserController.export'); | 111 | Route.get('/', ({ view }) => view.render('index')); |
78 | Route.post('transfer', 'UserController.importFerdium'); | 112 | }).middleware(RequireAuthenticatedBrowser); |
79 | Route.get('transfer', ({ view }) => view.render('transfer')); | ||
80 | 113 | ||
81 | // Index | 114 | Route.get('token/:token', ({ params: { token }, response }) => { |
82 | Route.get('/', ({ view }) => view.render('index')); | 115 | if (validateToken(token)) { |
116 | response.cookie(FERDIUM_LOCAL_TOKEN_COOKIE, token, { | ||
117 | httpOnly: true, | ||
118 | sameSite: true, | ||
119 | path: '/', | ||
120 | }); | ||
121 | return response.redirect('/'); | ||
122 | } | ||
123 | return response.forbidden(); | ||
124 | }); | ||