knotteye
/
satyr
Archived
1
0
Fork 0
Code Issues Pull Requests Releases 5 Wiki Activity
This repository has been archived on 2021-01-16. You can view files and clone it, but cannot push or open issues/pull-requests.
satyr/src/http.ts

745 lines
25 KiB
TypeScript
Raw Normal View History

Added some api functions, an express server for the API and nunjucks Added nunjucks templates for frontend pages.
2019-09-28 21:43:25 -05:00
import * as express from "express";
import * as njk from "nunjucks";
import * as bodyparser from "body-parser";
Removed old IRC implementation User accounts are now only for streamers, update CLI, API, and config to reflect that. Fixed a bug with registration in api.ts Made http port configurable Added beginnings of socket.io chat server Possibly more, I took a break in the middle of this commit.
2019-10-17 16:01:35 -05:00
import * as socketio from "socket.io";
import * as http from "http";
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
import * as cookies from "cookie-parser";
Add working Socket.IO based chat Bump version I guess.
2019-10-20 16:09:28 -05:00
import * as dirty from "dirty";
Minor improvements to socket.io chat, including banning and unbanning per room, and spam detection and server bans
2019-12-07 21:23:50 -06:00
import * as socketSpam from "socket-anti-spam";
Added some api functions, an express server for the API and nunjucks Added nunjucks templates for frontend pages.
2019-09-28 21:43:25 -05:00
import * as api from "./api";
import * as db from "./database";
Working discord chat integration
2020-06-27 02:36:45 -05:00
import * as chatInteg from "./chat";
Big Refactor Stop using config and toml as dependencies Stop passing around config variables through function calls Add config.ts and pull the values you need directly in the files Remove irc.js for incoming new IRC solution Rename controller to index because that was stupid Minor git bullshit with the config folder Change to yaml as a config format
2019-12-21 08:59:35 -06:00
import { config } from "./config";
Remove extra FS import.
2019-12-05 16:19:07 -06:00
import { readdir, readFileSync, writeFileSync } from "fs";
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
import { JWT, JWK } from "jose";
Added some api functions, an express server for the API and nunjucks Added nunjucks templates for frontend pages.
2019-09-28 21:43:25 -05:00
Removed old IRC implementation User accounts are now only for streamers, update CLI, API, and config to reflect that. Fixed a bug with registration in api.ts Made http port configurable Added beginnings of socket.io chat server Possibly more, I took a break in the middle of this commit.
2019-10-17 16:01:35 -05:00
const app = express();
const server = http.createServer(app);
const io = socketio(server);
Add working Socket.IO based chat Bump version I guess.
2019-10-20 16:09:28 -05:00
const store = dirty();
Minor improvements to socket.io chat, including banning and unbanning per room, and spam detection and server bans
2019-12-07 21:23:50 -06:00
var banlist;
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
var jwkey;
try{
jwkey = JWK.asKey(readFileSync('./config/jwt.pem'));
Big Refactor Stop using config and toml as dependencies Stop passing around config variables through function calls Add config.ts and pull the values you need directly in the files Remove irc.js for incoming new IRC solution Rename controller to index because that was stupid Minor git bullshit with the config folder Change to yaml as a config format
2019-12-21 08:59:35 -06:00
console.log('Found key for JWT signing.');
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
} catch (e) {
console.log("No key found for JWT signing, generating one now.");
jwkey = JWK.generateSync('RSA', 2048, { use: 'sig' });
writeFileSync('./config/jwt.pem', jwkey.toPEM(true));
}
Added some api functions, an express server for the API and nunjucks Added nunjucks templates for frontend pages.
2019-09-28 21:43:25 -05:00
var njkconf;
Big Refactor Stop using config and toml as dependencies Stop passing around config variables through function calls Add config.ts and pull the values you need directly in the files Remove irc.js for incoming new IRC solution Rename controller to index because that was stupid Minor git bullshit with the config folder Change to yaml as a config format
2019-12-21 08:59:35 -06:00
async function init(){
Added some api functions, an express server for the API and nunjucks Added nunjucks templates for frontend pages.
2019-09-28 21:43:25 -05:00
njk.configure('templates', {
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
autoescape : true,
express : app,
Stop using dash.js, videojs supports it natively. Modal messages also work again Turn off watch in nunjucks config (oops) Change some redirects based on logged in status.
2019-12-04 17:36:48 -06:00
watch : false
Added some api functions, an express server for the API and nunjucks Added nunjucks templates for frontend pages.
2019-09-28 21:43:25 -05:00
});
Big Refactor Stop using config and toml as dependencies Stop passing around config variables through function calls Add config.ts and pull the values you need directly in the files Remove irc.js for incoming new IRC solution Rename controller to index because that was stupid Minor git bullshit with the config folder Change to yaml as a config format
2019-12-21 08:59:35 -06:00
njkconf = {
sitename: config['satyr']['name'],
domain: config['satyr']['domain'],
email: config['satyr']['email'],
rootredirect: config['satyr']['rootredirect'],
version: config['satyr']['version']
Added some api functions, an express server for the API and nunjucks Added nunjucks templates for frontend pages.
2019-09-28 21:43:25 -05:00
};
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
app.use(cookies());
Added some api functions, an express server for the API and nunjucks Added nunjucks templates for frontend pages.
2019-09-28 21:43:25 -05:00
app.use(bodyparser.json());
app.use(bodyparser.urlencoded({ extended: true }));
Big Refactor Stop using config and toml as dependencies Stop passing around config variables through function calls Add config.ts and pull the values you need directly in the files Remove irc.js for incoming new IRC solution Rename controller to index because that was stupid Minor git bullshit with the config folder Change to yaml as a config format
2019-12-21 08:59:35 -06:00
if(config['http']['hsts']){
Set sameSite on Authorization cookie Enable toggleable HSTS
2019-12-05 16:08:50 -06:00
app.use((req, res, next) => {
res.append('Strict-Transport-Security', 'max-age=5184000');
next();
});
}
app.disable('x-powered-by');
Make server side rendering fully configurable
2020-10-16 21:57:24 -05:00
//server-side site routes
if(config['http']['server_side_render'])
await initSite(config['satyr']['registration']);
//api routes
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
await initAPI();
Make server side rendering fully configurable
2020-10-16 21:57:24 -05:00
//static files if nothing else matches
Big Refactor Stop using config and toml as dependencies Stop passing around config variables through function calls Add config.ts and pull the values you need directly in the files Remove irc.js for incoming new IRC solution Rename controller to index because that was stupid Minor git bullshit with the config folder Change to yaml as a config format
2019-12-21 08:59:35 -06:00
app.use(express.static(config['http']['directory']));
Make server side rendering fully configurable
2020-10-16 21:57:24 -05:00
//client-side site routes
if(!config['http']['server_side_render'])
initial work on client-side templating
2020-10-14 00:03:45 -05:00
await initFE();
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
//404 Handler
app.use(function (req, res, next) {
if(tryDecode(req.cookies.Authorization)) {
res.status(404).render('404.njk', Object.assign({auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
}
else res.status(404).render('404.njk', njkconf);
//res.status(404).render('404.njk', njkconf);
});
Minor improvements to socket.io chat, including banning and unbanning per room, and spam detection and server bans
2019-12-07 21:23:50 -06:00
banlist = new dirty('./config/bans.db').on('load', () => {initChat()});
Big Refactor Stop using config and toml as dependencies Stop passing around config variables through function calls Add config.ts and pull the values you need directly in the files Remove irc.js for incoming new IRC solution Rename controller to index because that was stupid Minor git bullshit with the config folder Change to yaml as a config format
2019-12-21 08:59:35 -06:00
server.listen(config['http']['port']);
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
}
initial work on client-side templating
2020-10-14 00:03:45 -05:00
async function initFE(){
Big commit. Implement handlers for everything that's currently rendered server side in the client-side frontend. Add compiled templates file to .gitignore, will work out a system for making sure templates are compiled later. Fix a couple bugs in the API and templates. TODO for client-side rendering: Make sure templates get compiled before running the server. Add a config option to switch between server-side and client-side rendering Fancy SPA stuff like intercepting links to render changes without a page-reload
2020-10-14 07:44:19 -05:00
app.get('/', (req, res) => {
res.redirect(config['satyr']['rootredirect']);
});
app.get('/nunjucks-slim.js', (req, res) => {
res.sendFile(process.cwd()+'/node_modules/nunjucks/browser/nunjucks-slim.js');
});
app.get('/chat', (req, res) => {
res.sendFile(process.cwd()+'/templates/chat.html');
});
initial work on client-side templating
2020-10-14 00:03:45 -05:00
app.get('*', (req, res) => {
res.sendFile(process.cwd()+'/'+config['http']['directory']+'/index.html');
});
}
Minor improvements to socket.io chat, including banning and unbanning per room, and spam detection and server bans
2019-12-07 21:23:50 -06:00
async function newNick(socket, skip?: boolean, i?: number) {
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
if(socket.handshake.headers['cookie'] && !skip){
let c = await parseCookie(socket.handshake.headers['cookie']);
let t = await validToken(c['Authorization']);
Minor improvements to socket.io chat, including banning and unbanning per room, and spam detection and server bans
2019-12-07 21:23:50 -06:00
if(t) {
Fix a bug with socket ids not being recorded or looped through properly
2019-12-21 16:58:40 -06:00
store.set(t['username'], [].concat(store.get(t['username']), socket.id).filter(item => item !== undefined));
Minor improvements to socket.io chat, including banning and unbanning per room, and spam detection and server bans
2019-12-07 21:23:50 -06:00
return t['username'];
}
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
}
Minor improvements to socket.io chat, including banning and unbanning per room, and spam detection and server bans
2019-12-07 21:23:50 -06:00
if(!i) i = 10;
let n: string = 'Guest'+Math.floor(Math.random() * Math.floor(i));
if(store.get(n)) return newNick(socket, true, Math.floor(i * 10));
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
else {
store.set(n, socket.id);
return n;
}
}
Add full support for multiple connections with one account in Socket.IO Add LIST command
2019-12-04 19:06:56 -06:00
async function chgNick(socket, nick, f?: boolean) {
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
let rooms = Object.keys(socket.rooms);
for(let i=1;i<rooms.length;i++){
io.to(rooms[i]).emit('ALERT', socket.nick+' is now known as '+nick);
}
Add proper kicking and banning for users with multiple accounts.
2019-12-21 16:16:50 -06:00
if(store.get(socket.nick)) {
if(Array.isArray(store.get(socket.nick))) store.set(socket.nick, store.get(socket.nick).filter(item => item !== socket.id));
else store.rm(socket.nick);
}
Fix a bug with socket ids not being recorded or looped through properly
2019-12-21 16:58:40 -06:00
if(f) store.set(nick, [].concat(store.get(nick), [socket.id]).filter(item => item !== undefined));
else store.set(nick, socket.id);
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
socket.nick = nick;
}
async function genToken(u: string){
return await JWT.sign({
username: u
}, jwkey, {
expiresIn: '1 week',
iat: true,
kid: false
});//set jwt
}
async function validToken(t: any){
try {
let token = JWT.verify(t, jwkey);
return token;
}
catch (err){
return false;
}
}
function tryDecode(t: any){
try {
return JWT.decode(t);
}
catch (err){
return false;
}
}
async function parseCookie(c){
if(typeof(c) !== 'string' || !c.includes('=')) return {};
return Object.assign({[c.split('=')[0].trim()]:c.split('=')[1].split(';')[0].trim()}, await parseCookie(c.split(/;(.+)/)[1]));
}
async function initAPI() {
Add default value for a contact email Add an api function to list a users vods Document the existing REST API
2020-07-29 03:24:19 -05:00
app.get('/api/instance/info', (req, res) => {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json({
name: config['satyr']['name'],
domain: config['satyr']['domain'],
registration: config['satyr']['registration'],
version: config['satyr']['version'],
email: config['satyr']['email']
});
Add default value for a contact email Add an api function to list a users vods Document the existing REST API
2020-07-29 03:24:19 -05:00
});
app.get('/api/instance/config', (req, res) => {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json({
rtmp: {
Expose whether cluster mode is enabled over /api/instance/config
2020-10-17 22:08:56 -05:00
cluster: config['rtmp']['cluster'],
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
port: config['rtmp']['port'],
ping_timeout: config['rtmp']['ping_timeout']
},
media: {
Fix /api/instance/config
2020-08-23 09:41:48 -05:00
vods: config['media']['record'],
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
publicEndpoint: config['media']['publicEndpoint'],
privateEndpoint: config['media']['privateEndpoint'],
adaptive: config['transcode']['adaptive']
}
});
Add default value for a contact email Add an api function to list a users vods Document the existing REST API
2020-07-29 03:24:19 -05:00
});
Add paging and sorting to /api/users/live and /api/users/all calls
2020-07-30 02:49:02 -05:00
app.post('/api/users/live', (req, res) => {
let qs = 'SELECT username,title FROM user_meta WHERE live=1';
Add API function for getting a user's configuration.
2020-07-30 00:45:08 -05:00
Add paging and sorting to /api/users/live and /api/users/all calls
2020-07-30 02:49:02 -05:00
if(req.body.sort) {
switch (req.body.sort) {
case "alphabet":
qs += ' ORDER BY username ASC';
break;
case "alphabet-r":
qs += ' ORDER BY username DESC';
break;
default:
break;
}
Add API function for getting a user's configuration.
2020-07-30 00:45:08 -05:00
}
Add paging and sorting to /api/users/live and /api/users/all calls
2020-07-30 02:49:02 -05:00
if(!req.body.num || req.body.num > 50 || req.body.num === NaN || req.body.num === Infinity || typeof(req.body.num) !== 'number'){
req.body.num = 10;
Add API function for getting a user's configuration.
2020-07-30 00:45:08 -05:00
}
Add paging and sorting to /api/users/live and /api/users/all calls
2020-07-30 02:49:02 -05:00
qs += ' LIMIT '+req.body.num;
if(req.body.page && typeof(req.body.page) === 'number' && req.body.page !== NaN && req.body.page !== Infinity){
qs += ' OFFSET '+Math.floor(req.body.num * req.body.page);
}
db.query(qs+';').then((result) => {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
if(result) res.json({users: result});
else res.json({error:""});
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
});
});
Add paging and sorting to /api/users/live and /api/users/all calls
2020-07-30 02:49:02 -05:00
app.post('/api/users/all', (req, res) => {
Add live field to /api/users/all
2020-08-24 11:14:26 -05:00
let qs = 'SELECT username,title,live FROM user_meta';
Add API function for getting a user's configuration.
2020-07-30 00:45:08 -05:00
Add paging and sorting to /api/users/live and /api/users/all calls
2020-07-30 02:49:02 -05:00
if(req.body.sort) {
switch (req.body.sort) {
case "alphabet":
qs += ' ORDER BY username ASC';
break;
case "alphabet-r":
qs += ' ORDER BY username DESC';
break;
default:
break;
}
Add API function for getting a user's configuration.
2020-07-30 00:45:08 -05:00
}
Add paging and sorting to /api/users/live and /api/users/all calls
2020-07-30 02:49:02 -05:00
if(!req.body.num || req.body.num > 50 || req.body.num === NaN || req.body.num === Infinity || typeof(req.body.num) !== 'number'){
req.body.num = 10;
Add API function for getting a user's configuration.
2020-07-30 00:45:08 -05:00
}
Add paging and sorting to /api/users/live and /api/users/all calls
2020-07-30 02:49:02 -05:00
qs += ' LIMIT '+req.body.num;
if(req.body.page && typeof(req.body.page) === 'number' && req.body.page !== NaN && req.body.page !== Infinity){
qs += ' OFFSET '+Math.floor(req.body.num * req.body.page);
}
db.query(qs+';').then((result) => {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
if(result) res.json({users: result});
else res.json({error:""});
Add paging and sorting to /api/users/live and /api/users/all calls
2020-07-30 02:49:02 -05:00
});
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
});
app.post('/api/register', (req, res) => {
Add API handling of invite codes, add web page for inviting users.
2020-10-13 16:12:07 -05:00
if("invite" in req.body){
Fix a bug checking the validity of invite codes
2020-10-13 16:29:13 -05:00
api.validInvite(req.body.invite).then((v) => {
if(v){
api.register(req.body.username, req.body.password, req.body.confirm, true).then((result) => {
if(result[0]) return genToken(req.body.username).then((t) => {
res.cookie('Authorization', t, {maxAge: 604800000, httpOnly: true, sameSite: 'Lax'});
res.json(result);
api.useInvite(req.body.invite);
return;
});
Add API handling of invite codes, add web page for inviting users.
2020-10-13 16:12:07 -05:00
res.json(result);
});
Fix a bug checking the validity of invite codes
2020-10-13 16:29:13 -05:00
}
else res.json({error: "invalid invite code"});
});
Add API handling of invite codes, add web page for inviting users.
2020-10-13 16:12:07 -05:00
}
else
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
api.register(req.body.username, req.body.password, req.body.confirm).then( (result) => {
if(result[0]) return genToken(req.body.username).then((t) => {
Set sameSite on Authorization cookie Enable toggleable HSTS
2019-12-05 16:08:50 -06:00
res.cookie('Authorization', t, {maxAge: 604800000, httpOnly: true, sameSite: 'Lax'});
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json(result);
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
return;
});
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json(result);
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
});
});
app.post('/api/user/update', (req, res) => {
validToken(req.cookies.Authorization).then((t) => {
if(t) {
Fix bug where the profile page wouldn't set record flag.
2020-06-27 10:21:00 -05:00
if(req.body.record === "true") req.body.record = true;
else if(req.body.record === "false") req.body.record = false;
Add API functionality for twitch mirror.
2020-10-12 12:11:04 -05:00
if(req.body.twitch === "true") req.body.twitch = true;
else if(req.body.twitch === "false") req.body.twitch = false;
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
return api.update({name: t['username'],
title: "title" in req.body ? req.body.title : false,
bio: "bio" in req.body ? req.body.bio : false,
Add API functionality for twitch mirror.
2020-10-12 12:11:04 -05:00
rec: "record" in req.body ? req.body.record : "NA",
twitch: "twitch" in req.body ? req.body.twitch: "NA",
twitch_key: "twitch_key" in req.body ? req.body.twitch_key : false
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
}).then((r) => {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json(r);
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
return;
});
}
else {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json({error:"invalid token"});
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
return;
}
});
/*api.update(req.body.username, req.body.password, req.body.title, req.body.bio, req.body.record).then((result) => {
res.send(result);
});*/
});
Add updateChat function in api
2020-06-26 06:07:33 -05:00
app.post('/api/user/update/chat', (req, res) => {
validToken(req.cookies.Authorization).then((t) => {
if(t) {
return api.updateChat({name: t['username'],
discord: "discord" in req.body ? req.body.discord : false,
xmpp: "xmpp" in req.body ? req.body.xmpp : false,
twitch: "twitch" in req.body ? req.body.twitch : false,
irc: "irc" in req.body ? req.body.irc : false,
}).then((r) => {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json(r);
Add updateChat function in api
2020-06-26 06:07:33 -05:00
return;
});
}
else {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json({error:"invalid token"});
Add updateChat function in api
2020-06-26 06:07:33 -05:00
return;
}
});
/*api.update(req.body.username, req.body.password, req.body.title, req.body.bio, req.body.record).then((result) => {
res.send(result);
});*/
});
Add VOD management page and the ability to delete the user's own vods
2020-06-27 08:34:09 -05:00
app.post('/api/user/vods/delete', (req, res) => {
if(req.body.vlist === undefined || req.body.vlist === null || req.body.vlist === []){
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json({error:"no vods specified"});
Add VOD management page and the ability to delete the user's own vods
2020-06-27 08:34:09 -05:00
return;
}
validToken(req.cookies.Authorization).then((t) => {
if(t) {
//token is valid, process deletion request
return api.deleteVODs(req.body.vlist, t['username']).then((r)=> {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json(r)
Add VOD management page and the ability to delete the user's own vods
2020-06-27 08:34:09 -05:00
return;
});
}
else {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json({error:"invalid token"});
Add VOD management page and the ability to delete the user's own vods
2020-06-27 08:34:09 -05:00
return;
}
});
});
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
app.post('/api/user/password', (req, res) => {
validToken(req.cookies.Authorization).then((t) => {
if(t) {
return api.changepwd(t['username'], req.body.password, req.body.newpassword).then((r) => {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json(r);
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
return;
});
}
else {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json({error:"invalid token"});
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
return;
}
});
});
Implement an API call for getting the current stream key.
2020-07-30 01:34:22 -05:00
app.get('/api/user/streamkey/current', (req, res) => {
validToken(req.cookies.Authorization).then((t) => {
if(t) {
db.query('SELECT stream_key FROM users WHERE username='+db.raw.escape(t['username'])).then(o => {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
if(o[0]) res.json(o[0]);
else res.json({error:""});
Implement an API call for getting the current stream key.
2020-07-30 01:34:22 -05:00
});
}
else {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json({error:"invalid token"});
Implement an API call for getting the current stream key.
2020-07-30 01:34:22 -05:00
}
});
});
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
app.post('/api/user/streamkey', (req, res) => {
validToken(req.cookies.Authorization).then((t) => {
if(t) {
api.changesk(t['username']).then((r) => {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json(r);
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
});
}
else {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json({error:"invalid token"});
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
}
});
});
app.post('/api/login', (req, res) => {
if(req.cookies.Authorization) validToken(req.cookies.Authorization).then((t) => {
if(t) {
if(t['exp'] - 86400 < Math.floor(Date.now() / 1000)){
Big commit. Implement handlers for everything that's currently rendered server side in the client-side frontend. Add compiled templates file to .gitignore, will work out a system for making sure templates are compiled later. Fix a couple bugs in the API and templates. TODO for client-side rendering: Make sure templates get compiled before running the server. Add a config option to switch between server-side and client-side rendering Fancy SPA stuff like intercepting links to render changes without a page-reload
2020-10-14 07:44:19 -05:00
res.cookie('X-Auth-As', t['username'], {maxAge: 604800000, httpOnly: false, sameSite: 'Lax'});
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
return genToken(t['username']).then((t) => {
Set sameSite on Authorization cookie Enable toggleable HSTS
2019-12-05 16:08:50 -06:00
res.cookie('Authorization', t, {maxAge: 604800000, httpOnly: true, sameSite: 'Lax'});
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json({success:""});
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
return;
});
}
else {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json({success:"already verified"});
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
return;
}
}
else {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json({error:"invalid token"});
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
return;
}
});
else {
api.login(req.body.username, req.body.password).then((result) => {
if(!result){
genToken(req.body.username).then((t) => {
Set sameSite on Authorization cookie Enable toggleable HSTS
2019-12-05 16:08:50 -06:00
res.cookie('Authorization', t, {maxAge: 604800000, httpOnly: true, sameSite: 'Lax'});
Big commit. Implement handlers for everything that's currently rendered server side in the client-side frontend. Add compiled templates file to .gitignore, will work out a system for making sure templates are compiled later. Fix a couple bugs in the API and templates. TODO for client-side rendering: Make sure templates get compiled before running the server. Add a config option to switch between server-side and client-side rendering Fancy SPA stuff like intercepting links to render changes without a page-reload
2020-10-14 07:44:19 -05:00
res.cookie('X-Auth-As', req.body.username, {maxAge: 604800000, httpOnly: false, sameSite: 'Lax'});
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json({success:""});
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
})
}
else {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json(result);
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
}
});
}
Add default value for a contact email Add an api function to list a users vods Document the existing REST API
2020-07-29 03:24:19 -05:00
});
Add API function for getting a user's configuration.
2020-07-30 00:45:08 -05:00
app.get('/api/:user/vods', (req, res) => {
Add default value for a contact email Add an api function to list a users vods Document the existing REST API
2020-07-29 03:24:19 -05:00
readdir('./site/live/'+req.params.user, {withFileTypes: true} , (err, files) => {
if(err) {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json({vods: []});
Add default value for a contact email Add an api function to list a users vods Document the existing REST API
2020-07-29 03:24:19 -05:00
return;
}
var list = files.filter(fn => fn.name.endsWith('.mp4'));
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json({vods: list});
Add default value for a contact email Add an api function to list a users vods Document the existing REST API
2020-07-29 03:24:19 -05:00
});
});
Add API function for getting a user's configuration.
2020-07-30 00:45:08 -05:00
app.get('/api/:user/config', (req, res) => {
if(req.cookies.Authorization) validToken(req.cookies.Authorization).then(r => {
if(r && r['username'] === req.params.user) {
api.getConfig(req.params.user, true).then(re => {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json(re);
Add API function for getting a user's configuration.
2020-07-30 00:45:08 -05:00
});
return;
}
Fix /api/:user/config not returning all info for an authorized user.
2020-07-30 01:14:33 -05:00
else api.getConfig(req.params.user).then(re => {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json(re);
Add API function for getting a user's configuration.
2020-07-30 00:45:08 -05:00
});
return;
});
Fix /api/:user/config not returning all info for an authorized user.
2020-07-30 01:14:33 -05:00
else api.getConfig(req.params.user).then(r => {
Change API to set content-type headers. Rework some responses to make all responses in JSON. Increment version because of major API changes.
2020-08-03 05:01:20 -05:00
res.json(r);
Add API function for getting a user's configuration.
2020-07-30 00:45:08 -05:00
});
});
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
}
async function initSite(openReg) {
Added some api functions, an express server for the API and nunjucks Added nunjucks templates for frontend pages.
2019-09-28 21:43:25 -05:00
app.get('/', (req, res) => {
I don't even know. Filled out API for user management Proper escaping of user input for SQL queries (stream keys aren't user input) Filled out frontend with profile management, vods, etc. I don't remember there's probably more, fuck.
2019-10-05 14:34:57 -05:00
res.redirect(njkconf.rootredirect);
Added some api functions, an express server for the API and nunjucks Added nunjucks templates for frontend pages.
2019-09-28 21:43:25 -05:00
});
app.get('/about', (req, res) => {
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
if(tryDecode(req.cookies.Authorization)) {
res.render('about.njk', Object.assign({auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
}
else res.render('about.njk',njkconf);
Added some api functions, an express server for the API and nunjucks Added nunjucks templates for frontend pages.
2019-09-28 21:43:25 -05:00
});
I don't even know. Filled out API for user management Proper escaping of user input for SQL queries (stream keys aren't user input) Filled out frontend with profile management, vods, etc. I don't remember there's probably more, fuck.
2019-10-05 14:34:57 -05:00
app.get('/users', (req, res) => {
db.query('select username from users').then((result) => {
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
if(tryDecode(req.cookies.Authorization)) {
res.render('list.njk', Object.assign({list: result}, {auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
}
else res.render('list.njk', Object.assign({list: result}, njkconf));
//res.render('list.njk', Object.assign({list: result}, njkconf));
I don't even know. Filled out API for user management Proper escaping of user input for SQL queries (stream keys aren't user input) Filled out frontend with profile management, vods, etc. I don't remember there's probably more, fuck.
2019-10-05 14:34:57 -05:00
});
});
app.get('/users/live', (req, res) => {
db.query('select username,title from user_meta where live=1;').then((result) => {
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
if(tryDecode(req.cookies.Authorization)) {
res.render('live.njk', Object.assign({list: result}, {auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
}
else res.render('live.njk', Object.assign({list: result}, njkconf));
//res.render('live.njk', Object.assign({list: result}, njkconf));
I don't even know. Filled out API for user management Proper escaping of user input for SQL queries (stream keys aren't user input) Filled out frontend with profile management, vods, etc. I don't remember there's probably more, fuck.
2019-10-05 14:34:57 -05:00
});
});
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
app.get('/users/:user', (req, res) => {
db.query('select username,title,about from user_meta where username='+db.raw.escape(req.params.user)).then((result) => {
I don't even know. Filled out API for user management Proper escaping of user input for SQL queries (stream keys aren't user input) Filled out frontend with profile management, vods, etc. I don't remember there's probably more, fuck.
2019-10-05 14:34:57 -05:00
if(result[0]){
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
if(tryDecode(req.cookies.Authorization)) {
res.render('user.njk', Object.assign(result[0], {auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
}
else res.render('user.njk', Object.assign(result[0], njkconf));
//res.render('user.njk', Object.assign(result[0], njkconf));
I don't even know. Filled out API for user management Proper escaping of user input for SQL queries (stream keys aren't user input) Filled out frontend with profile management, vods, etc. I don't remember there's probably more, fuck.
2019-10-05 14:34:57 -05:00
}
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
else if(tryDecode(req.cookies.Authorization)) {
res.status(404).render('404.njk', Object.assign({auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
}
else res.status(404).render('404.njk', njkconf);
I don't even know. Filled out API for user management Proper escaping of user input for SQL queries (stream keys aren't user input) Filled out frontend with profile management, vods, etc. I don't remember there's probably more, fuck.
2019-10-05 14:34:57 -05:00
});
Added some api functions, an express server for the API and nunjucks Added nunjucks templates for frontend pages.
2019-09-28 21:43:25 -05:00
});
Add VOD management page and the ability to delete the user's own vods
2020-06-27 08:34:09 -05:00
app.get('/vods/:user/manage', (req, res) => {
db.query('select username from user_meta where username='+db.raw.escape(req.params.user)).then((result) => {
if(result[0]){
readdir('./site/live/'+result[0].username, {withFileTypes: true} , (err, files) => {
if(tryDecode(req.cookies.Authorization)) {
res.render('managevods.njk', Object.assign({user: result[0].username, list: files.filter(fn => fn.name.endsWith('.mp4'))}, {auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
}
else res.redirect('/login');
//res.render('vods.njk', Object.assign({user: result[0].username, list: files.filter(fn => fn.name.endsWith('.mp4'))}, njkconf));
});
}
else if(tryDecode(req.cookies.Authorization)) {
res.status(404).render('404.njk', Object.assign({auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
}
else res.status(404).render('404.njk', njkconf);
});
});
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
app.get('/vods/:user', (req, res) => {
db.query('select username from user_meta where username='+db.raw.escape(req.params.user)).then((result) => {
I don't even know. Filled out API for user management Proper escaping of user input for SQL queries (stream keys aren't user input) Filled out frontend with profile management, vods, etc. I don't remember there's probably more, fuck.
2019-10-05 14:34:57 -05:00
if(result[0]){
Remove extra FS import.
2019-12-05 16:19:07 -06:00
readdir('./site/live/'+result[0].username, {withFileTypes: true} , (err, files) => {
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
if(tryDecode(req.cookies.Authorization)) {
res.render('vods.njk', Object.assign({user: result[0].username, list: files.filter(fn => fn.name.endsWith('.mp4'))}, {auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
}
else res.render('vods.njk', Object.assign({user: result[0].username, list: files.filter(fn => fn.name.endsWith('.mp4'))}, njkconf));
//res.render('vods.njk', Object.assign({user: result[0].username, list: files.filter(fn => fn.name.endsWith('.mp4'))}, njkconf));
I don't even know. Filled out API for user management Proper escaping of user input for SQL queries (stream keys aren't user input) Filled out frontend with profile management, vods, etc. I don't remember there's probably more, fuck.
2019-10-05 14:34:57 -05:00
});
}
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
else if(tryDecode(req.cookies.Authorization)) {
res.status(404).render('404.njk', Object.assign({auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
}
else res.status(404).render('404.njk', njkconf);
I don't even know. Filled out API for user management Proper escaping of user input for SQL queries (stream keys aren't user input) Filled out frontend with profile management, vods, etc. I don't remember there's probably more, fuck.
2019-10-05 14:34:57 -05:00
});
});
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
app.get('/login', (req, res) => {
if(tryDecode(req.cookies.Authorization)) {
Stop using dash.js, videojs supports it natively. Modal messages also work again Turn off watch in nunjucks config (oops) Change some redirects based on logged in status.
2019-12-04 17:36:48 -06:00
res.redirect('/profile');
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
}
else res.render('login.njk',njkconf);
});
Add API handling of invite codes, add web page for inviting users.
2020-10-13 16:12:07 -05:00
app.get('/invite/:code', (req, res) => {
if(tryDecode(req.cookies.Authorization)) {
res.redirect('/profile');
}
else res.render('invite.njk',Object.assign({icode: req.params.code}, njkconf));
});
I don't even know. Filled out API for user management Proper escaping of user input for SQL queries (stream keys aren't user input) Filled out frontend with profile management, vods, etc. I don't remember there's probably more, fuck.
2019-10-05 14:34:57 -05:00
app.get('/register', (req, res) => {
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
if(tryDecode(req.cookies.Authorization) || !openReg) {
res.redirect(njkconf.rootredirect);
}
else res.render('registration.njk',njkconf);
Added some api functions, an express server for the API and nunjucks Added nunjucks templates for frontend pages.
2019-09-28 21:43:25 -05:00
});
I don't even know. Filled out API for user management Proper escaping of user input for SQL queries (stream keys aren't user input) Filled out frontend with profile management, vods, etc. I don't remember there's probably more, fuck.
2019-10-05 14:34:57 -05:00
app.get('/profile', (req, res) => {
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
if(tryDecode(req.cookies.Authorization)) {
Add templates for chat integration UI
2020-06-26 05:32:05 -05:00
db.query('select * from user_meta where username='+db.raw.escape(JWT.decode(req.cookies.Authorization)['username'])).then((result) => {
Fix bug where the profile page wouldn't set record flag.
2020-06-27 10:21:00 -05:00
db.query('select record_flag from users where username='+db.raw.escape(JWT.decode(req.cookies.Authorization)['username'])).then((r2) => {
Add sections in profile.njk for adjusting settings. Everything tested and working apart from the actual streaming functionality.
2020-10-12 13:34:24 -05:00
db.query('select enabled from twitch_mirror where username='+db.raw.escape(JWT.decode(req.cookies.Authorization)['username'])).then((r3) => {
res.render('profile.njk', Object.assign({twitch: r3[0]}, {rflag: r2[0]}, {meta: result[0]}, {auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
});
Fix bug where the profile page wouldn't set record flag.
2020-06-27 10:21:00 -05:00
});
Add templates for chat integration UI
2020-06-26 05:32:05 -05:00
});
//res.render('profile.njk', Object.assign({auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
}
else res.redirect('/login');
});
app.get('/profile/chat', (req, res) => {
if(tryDecode(req.cookies.Authorization)) {
db.query('select * from chat_integration where username='+db.raw.escape(JWT.decode(req.cookies.Authorization)['username'])).then((result) => {
res.render('chat_integ.njk', Object.assign({integ: result[0]}, {auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
});
//res.render('chat_integ.njk', Object.assign({auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
}
Stop using dash.js, videojs supports it natively. Modal messages also work again Turn off watch in nunjucks config (oops) Change some redirects based on logged in status.
2019-12-04 17:36:48 -06:00
else res.redirect('/login');
I don't even know. Filled out API for user management Proper escaping of user input for SQL queries (stream keys aren't user input) Filled out frontend with profile management, vods, etc. I don't remember there's probably more, fuck.
2019-10-05 14:34:57 -05:00
});
app.get('/changepwd', (req, res) => {
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
if(tryDecode(req.cookies.Authorization)) {
res.render('changepwd.njk', Object.assign({auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
}
Stop using dash.js, videojs supports it natively. Modal messages also work again Turn off watch in nunjucks config (oops) Change some redirects based on logged in status.
2019-12-04 17:36:48 -06:00
else res.redirect('/login');
I don't even know. Filled out API for user management Proper escaping of user input for SQL queries (stream keys aren't user input) Filled out frontend with profile management, vods, etc. I don't remember there's probably more, fuck.
2019-10-05 14:34:57 -05:00
});
Add working Socket.IO based chat Bump version I guess.
2019-10-20 16:09:28 -05:00
app.get('/chat', (req, res) => {
res.render('chat.html', njkconf);
});
Add help page, change base links. Turn off watch in nunjucks config. I do not know if that made it master, hopefully not.
2019-11-05 16:30:15 -06:00
app.get('/help', (req, res) => {
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
if(tryDecode(req.cookies.Authorization)) {
res.render('help.njk', Object.assign({auth: {is: true, name: JWT.decode(req.cookies.Authorization)['username']}}, njkconf));
}
else res.render('help.njk',njkconf);
I don't even know. Filled out API for user management Proper escaping of user input for SQL queries (stream keys aren't user input) Filled out frontend with profile management, vods, etc. I don't remember there's probably more, fuck.
2019-10-05 14:34:57 -05:00
});
Big Commit! Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made. API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem This file was added to .gitignore Two new depencies: cookie-parser and jose, for reading and signing JWTs. Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT. Refactor api.ts to reflect new requirements from endpoints. Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key. Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
2019-12-03 19:51:14 -06:00
}
Minor improvements to socket.io chat, including banning and unbanning per room, and spam detection and server bans
2019-12-07 21:23:50 -06:00
async function initChat() {
Big Refactor Stop using config and toml as dependencies Stop passing around config variables through function calls Add config.ts and pull the values you need directly in the files Remove irc.js for incoming new IRC solution Rename controller to index because that was stupid Minor git bullshit with the config folder Change to yaml as a config format
2019-12-21 08:59:35 -06:00
//set a cookie to request same nick
Removed old IRC implementation User accounts are now only for streamers, update CLI, API, and config to reflect that. Fixed a bug with registration in api.ts Made http port configurable Added beginnings of socket.io chat server Possibly more, I took a break in the middle of this commit.
2019-10-17 16:01:35 -05:00
//socket.io chat logic
Add working Socket.IO based chat Bump version I guess.
2019-10-20 16:09:28 -05:00
io.on('connection', async (socket) => {
socket.nick = await newNick(socket);
socket.on('JOINROOM', async (data) => {
let t: any = await db.query('select username from users where username='+db.raw.escape(data));
if(t[0]){
Bugfix for room bans
2019-12-08 17:18:31 -06:00
if(banlist.get(data) && banlist.get(data)[socket['handshake']['address']]){
if(Math.floor(banlist.get(data)[socket['handshake']['address']]['time'] + (banlist.get(data)[socket['handshake']['address']]['length'] * 60)) < Math.floor(Date.now() / 1000)){
banlist.set(data, Object.assign({}, banlist.get(data), {[socket['handshake']['address']]: null}));
Minor improvements to socket.io chat, including banning and unbanning per room, and spam detection and server bans
2019-12-07 21:23:50 -06:00
}
else {
socket.emit('ALERT', 'You are banned from that room');
return;
}
}
Add working Socket.IO based chat Bump version I guess.
2019-10-20 16:09:28 -05:00
socket.join(data);
Add config template for chat integration and db schema No other meaningfull changes (I think) It's been 7 months since last commit god I hope I didn't break anything.
2020-06-26 04:07:37 -05:00
io.to(data).emit('JOINED', {nick: socket.nick, room: data});
Add working Socket.IO based chat Bump version I guess.
2019-10-20 16:09:28 -05:00
}
else socket.emit('ALERT', 'Room does not exist');
});
Add full support for multiple connections with one account in Socket.IO Add LIST command
2019-12-04 19:06:56 -06:00
socket.on('LIST', (data) => {
let str = "";
let client;
io.in(data.room).clients((err, clients) => {
if(err) throw err;
if(clients === []) {
socket.emit('LIST', 'The room is empty.');
return;
}
for(let i=0;i<clients.length;i++) {
str += io.sockets.connected[clients[i]].nick+', ';
}
socket.emit('LIST', str.substring(0, str.length - 2));
});
});
Add working Socket.IO based chat Bump version I guess.
2019-10-20 16:09:28 -05:00
socket.on('LEAVEROOM', (data) => {
Add config template for chat integration and db schema No other meaningfull changes (I think) It's been 7 months since last commit god I hope I didn't break anything.
2020-06-26 04:07:37 -05:00
io.to(data).emit('LEFT', {nick: socket.nick, room: data});
Add working Socket.IO based chat Bump version I guess.
2019-10-20 16:09:28 -05:00
socket.leave(data);
});
socket.on('disconnecting', (reason) => {
let rooms = Object.keys(socket.rooms);
for(let i=1;i<rooms.length;i++){
io.to(rooms[i]).emit('ALERT', socket.nick+' disconnected');
}
Add proper kicking and banning for users with multiple accounts.
2019-12-21 16:16:50 -06:00
if(Array.isArray(store.get(socket.nick))) {
store.set(socket.nick, store.get(socket.nick).filter(item => item !== socket.id))
if(store.get(socket.nick) !== [])
return;
}
Add working Socket.IO based chat Bump version I guess.
2019-10-20 16:09:28 -05:00
store.rm(socket.nick);
});
socket.on('NICK', async (data) => {
data.nick = data.nick.replace(' ','');
let user = await db.query('select username from users where username='+db.raw.escape(data.nick));
if(user[0]){
if(!data.password){
socket.emit('ALERT','Incorrect username or password');
return false;
}
if(await db.validatePassword(data.nick, data.password)){
Add full support for multiple connections with one account in Socket.IO Add LIST command
2019-12-04 19:06:56 -06:00
chgNick(socket, data.nick, true);
Add working Socket.IO based chat Bump version I guess.
2019-10-20 16:09:28 -05:00
}
else socket.emit('ALERT','Incorrect username or password');
}
else {
Minor improvements to socket.io chat, including banning and unbanning per room, and spam detection and server bans
2019-12-07 21:23:50 -06:00
if(store.get(data.nick)){
socket.emit('ALERT', 'Nickname is already in use');
return false;
}
Add working Socket.IO based chat Bump version I guess.
2019-10-20 16:09:28 -05:00
chgNick(socket, data.nick);
}
});
Add config template for chat integration and db schema No other meaningfull changes (I think) It's been 7 months since last commit god I hope I didn't break anything.
2020-06-26 04:07:37 -05:00
socket.on('MSG', (data: object) => {
if(data['msg'] === "" || !data['msg'].replace(/\s/g, '').length) return;
if(socket.rooms[data['room']]) io.to(data['room']).emit('MSG', {nick: socket.nick, msg: data['msg'], room: data['room']});
Working discord chat integration
2020-06-27 02:36:45 -05:00
chatInteg.sendAll(data['room'], [socket.nick, data['msg']], "web");
Add working Socket.IO based chat Bump version I guess.
2019-10-20 16:09:28 -05:00
});
socket.on('KICK', (data) => {
if(socket.nick === data.room){
//find client with data.nick
let id: string = store.get(data.nick);
if(id){
Add proper kicking and banning for users with multiple accounts.
2019-12-21 16:16:50 -06:00
if(Array.isArray(id)) {
Fix a bug with socket ids not being recorded or looped through properly
2019-12-21 16:58:40 -06:00
for(let i=0;i<id.length;i++){
io.sockets.connected[id[i]].leave(data.room);
}
io.in(data.room).emit('ALERT', data.nick+' has been kicked.');
Add proper kicking and banning for users with multiple accounts.
2019-12-21 16:16:50 -06:00
return;
}
Add working Socket.IO based chat Bump version I guess.
2019-10-20 16:09:28 -05:00
let target = io.sockets.connected[id];
io.in(data.room).emit('ALERT', data.nick+' has been kicked.');
Fix a bug with socket ids not being recorded or looped through properly
2019-12-21 16:58:40 -06:00
target.leave(data.room);
Add working Socket.IO based chat Bump version I guess.
2019-10-20 16:09:28 -05:00
}
else socket.emit('ALERT', 'No such user found.');
}
else socket.emit('ALERT', 'Not authorized to do that.');
});
Minor improvements to socket.io chat, including banning and unbanning per room, and spam detection and server bans
2019-12-07 21:23:50 -06:00
socket.on('BAN', (data: Object) => {
if(socket.nick === data['room']){
let id: string = store.get(data['nick']);
if(id){
Add proper kicking and banning for users with multiple accounts.
2019-12-21 16:16:50 -06:00
if(Array.isArray(id)) {
Fix a bug with socket ids not being recorded or looped through properly
2019-12-21 16:58:40 -06:00
for(let i=0;i<id.length;i++){
Add proper kicking and banning for users with multiple accounts.
2019-12-21 16:16:50 -06:00
let target = io.sockets.connected[id[i]];
if(typeof(data['time']) === 'number' && (data['time'] !== 0 && data['time'] !== NaN)) banlist.set(data['room'], Object.assign({}, banlist.get(data['room']), {[target.ip]: {time: Math.floor(Date.now() / 1000), length: data['time']}}));
else banlist.set(data['room'], Object.assign({}, banlist.get(data['room']), {[target.ip]: {time: Math.floor(Date.now() / 1000), length: 30}}));
target.leave(data['room']);
}
io.to(data['room']).emit('ALERT', data['nick']+' was banned.');
return;
}
Minor improvements to socket.io chat, including banning and unbanning per room, and spam detection and server bans
2019-12-07 21:23:50 -06:00
let target = io.sockets.connected[id];
Add proper kicking and banning for users with multiple accounts.
2019-12-21 16:16:50 -06:00
if(typeof(data['time']) === 'number' && (data['time'] !== 0 && data['time'] !== NaN)) banlist.set(data['room'], Object.assign({}, banlist.get(data['room']), {[target.ip]: {time: Math.floor(Date.now() / 1000), length: data['time']}}));
Bugfix for room bans
2019-12-08 17:18:31 -06:00
else banlist.set(data['room'], Object.assign({}, banlist.get(data['room']), {[target.ip]: {time: Math.floor(Date.now() / 1000), length: 30}}));
Add proper kicking and banning for users with multiple accounts.
2019-12-21 16:16:50 -06:00
target.leave(data['room']);
Minor improvements to socket.io chat, including banning and unbanning per room, and spam detection and server bans
2019-12-07 21:23:50 -06:00
io.to(data['room']).emit('ALERT', target.nick+' was banned.');
}
else socket.emit('ALERT', 'No such user found.');
}
else socket.emit('ALERT', 'Not authorized to do that.');
});
socket.on('UNBAN', (data: Object) => {
if(socket.nick === data['room']){
if(banlist.get(data['room']) && banlist.get(data['room'])[data['ip']]){
Bugfix for room bans
2019-12-08 17:18:31 -06:00
banlist.set(data['room'], Object.assign({}, banlist.get(data['room']), {[data['ip']]: null}));
Minor improvements to socket.io chat, including banning and unbanning per room, and spam detection and server bans
2019-12-07 21:23:50 -06:00
socket.emit('ALERT', data['ip']+' was unbanned.');
}
else
socket.emit('ALERT', 'That IP is not banned.');
}
else socket.emit('ALERT', 'Not authorized to do that.');
});
socket.on('LISTBAN', (data: Object) => {
if(socket.nick === data['room']){
if(banlist.get(data['room'])) {
let bans = Object.keys(banlist.get(data['room']));
let str = '';
for(let i=0;i<bans.length;i++){
str += bans[i]+', ';
}
socket.emit('ALERT', 'Banned IP adresses: '+str.substring(0, str.length - 2));
return;
}
socket.emit('ALERT', 'No one is banned from this room');
}
else socket.emit('ALERT', 'Not authorized to do that.');
});
});
//socketio spam
const socketAS = new socketSpam({
banTime: 20,
kickThreshold: 10,
kickTimesBeforeBan: 3,
banning: true,
io: io
});
socketAS.event.on('ban', (socket) => {
let rooms = Object.keys(socket.rooms);
for(let i=1;i<rooms.length;i++){
io.to(rooms[i]).emit('ALERT', socket.nick+' was banned.');
}
store.rm(socket.nick);
Removed old IRC implementation User accounts are now only for streamers, update CLI, API, and config to reflect that. Fixed a bug with registration in api.ts Made http port configurable Added beginnings of socket.io chat server Possibly more, I took a break in the middle of this commit.
2019-10-17 16:01:35 -05:00
});
Add working Socket.IO based chat Bump version I guess.
2019-10-20 16:09:28 -05:00
}
Working discord chat integration
2020-06-27 02:36:45 -05:00
export { init, io };