[refactor] remove username field and let instance_name be the only AP Actor
This commit is contained in:
les
@@ -5,6 +5,22 @@ const path = require('path')
|
||||
const fs = require('fs')
|
||||
const pkg = require('../../../package.json')
|
||||
const debug = require('debug')('settings')
|
||||
const crypto = require('crypto')
|
||||
const util = require('util')
|
||||
const generateKeyPair = util.promisify(crypto.generateKeyPair)
|
||||
|
||||
const defaultSettings = {
|
||||
instance_timezone: 'Europe/Rome',
|
||||
instance_name: config.title.toLowerCase().replace(/ /g, ''),
|
||||
allow_registration: true,
|
||||
allow_anon_event: true,
|
||||
allow_recurrent_event: false,
|
||||
recurrent_event_visible: false,
|
||||
enable_federation: true,
|
||||
enable_resources: false,
|
||||
hide_boosts: true
|
||||
}
|
||||
|
||||
/**
|
||||
* Settings controller: store instance settings
|
||||
* Current supported settings:
|
||||
@@ -20,13 +36,14 @@ const settingsController = {
|
||||
user_locale: {},
|
||||
secretSettings: {},
|
||||
|
||||
async initialize () {
|
||||
async load () {
|
||||
if (!settingsController.settings.initialized) {
|
||||
// initialize instance settings from db
|
||||
// note that this is done only once when the server starts
|
||||
// and not for each request (it's a kind of cache)!
|
||||
const settings = await Setting.findAll()
|
||||
settingsController.settings.initialized = true
|
||||
settingsController.settings = defaultSettings
|
||||
settings.forEach(s => {
|
||||
if (s.is_secret) {
|
||||
settingsController.secretSettings[s.key] = s.value
|
||||
@@ -35,16 +52,26 @@ const settingsController = {
|
||||
}
|
||||
})
|
||||
|
||||
// set fediverse admin actor
|
||||
const fedi_admin = await User.findOne({ where: { email: config.admin_email } })
|
||||
if (fedi_admin) {
|
||||
settingsController.settings.fedi_admin = fedi_admin.username
|
||||
} else {
|
||||
debug('Federation disabled! An admin with %s as email cannot be found', config.admin_email)
|
||||
settingsController.settings.enable_federation = false
|
||||
// add pub/priv instance key if needed
|
||||
if (!settingsController.settings.publicKey) {
|
||||
debug('Instance priv/pub key not found')
|
||||
const { publicKey, privateKey } = await generateKeyPair('rsa', {
|
||||
modulusLength: 4096,
|
||||
publicKeyEncoding: {
|
||||
type: 'spki',
|
||||
format: 'pem'
|
||||
},
|
||||
privateKeyEncoding: {
|
||||
type: 'pkcs8',
|
||||
format: 'pem'
|
||||
}
|
||||
})
|
||||
|
||||
await settingsController.set('publicKey', publicKey)
|
||||
await settingsController.set('privateKey', privateKey, true)
|
||||
}
|
||||
|
||||
// // initialize user_locale
|
||||
// initialize user_locale
|
||||
if (config.user_locale && fs.existsSync(path.resolve(config.user_locale))) {
|
||||
const user_locale = fs.readdirSync(path.resolve(config.user_locale))
|
||||
user_locale.forEach(async f => {
|
||||
@@ -97,5 +124,5 @@ const settingsController = {
|
||||
}
|
||||
}
|
||||
|
||||
settingsController.initialize()
|
||||
// settingsController.initialize()
|
||||
module.exports = settingsController
|
||||
|
||||
@@ -6,19 +6,14 @@ const { Op } = require('sequelize')
|
||||
const jsonwebtoken = require('jsonwebtoken')
|
||||
const config = require('config')
|
||||
const mail = require('../mail')
|
||||
const { user: User, event: Event, tag: Tag, place: Place, fed_users: FedUsers } = require('../models')
|
||||
const { user: User, event: Event, tag: Tag, place: Place } = require('../models')
|
||||
const settingsController = require('./settings')
|
||||
const debug = require('debug')('user:controller')
|
||||
|
||||
const userController = {
|
||||
async login (req, res) {
|
||||
// find the user
|
||||
const user = await User.findOne({ where: {
|
||||
[Op.or]: [
|
||||
{ email: req.body.email },
|
||||
{ username: req.body.email }
|
||||
]
|
||||
} })
|
||||
const user = await User.findOne({ where: { email: req.body.email } })
|
||||
if (!user) {
|
||||
res.status(403).json({ success: false, message: 'auth.fail' })
|
||||
} else if (user) {
|
||||
@@ -206,7 +201,7 @@ const userController = {
|
||||
|
||||
async current (req, res) {
|
||||
if (!req.user) { return res.status(400).send('Not logged') }
|
||||
const user = await User.scope('withoutPassword').findByPk(req.user.id, { include: { model: FedUsers, as: 'followers' } })
|
||||
const user = await User.scope('withoutPassword').findByPk(req.user.id)
|
||||
res.json(user)
|
||||
},
|
||||
|
||||
@@ -227,9 +222,6 @@ const userController = {
|
||||
return res.status(400).json({ succes: false, message: 'Not allowed' })
|
||||
}
|
||||
|
||||
// ensure username to not change if not empty
|
||||
req.body.username = user.username ? user.username : req.body.username
|
||||
|
||||
if (!req.body.password) { delete req.body.password }
|
||||
|
||||
if (!user.is_active && req.body.is_active && user.recover_code) {
|
||||
|
||||
@@ -1,20 +1,8 @@
|
||||
'use strict'
|
||||
const bcrypt = require('bcryptjs')
|
||||
const crypto = require('crypto')
|
||||
const util = require('util')
|
||||
const debug = require('debug')('model:user')
|
||||
|
||||
const generateKeyPair = util.promisify(crypto.generateKeyPair)
|
||||
|
||||
module.exports = (sequelize, DataTypes) => {
|
||||
const user = sequelize.define('user', {
|
||||
username: {
|
||||
type: DataTypes.STRING,
|
||||
unique: { msg: 'error.nick_taken' },
|
||||
index: true,
|
||||
allowNull: false
|
||||
},
|
||||
display_name: DataTypes.STRING,
|
||||
const User = sequelize.define('user', {
|
||||
settings: {
|
||||
type: DataTypes.JSON,
|
||||
defaultValue: '{}'
|
||||
@@ -29,53 +17,33 @@ module.exports = (sequelize, DataTypes) => {
|
||||
password: DataTypes.STRING,
|
||||
recover_code: DataTypes.STRING,
|
||||
is_admin: DataTypes.BOOLEAN,
|
||||
is_active: DataTypes.BOOLEAN,
|
||||
rsa: DataTypes.JSON
|
||||
is_active: DataTypes.BOOLEAN
|
||||
}, {
|
||||
scopes: {
|
||||
withoutPassword: {
|
||||
attributes: { exclude: ['password', 'recover_code', 'rsa'] }
|
||||
attributes: { exclude: ['password', 'recover_code'] }
|
||||
}
|
||||
}
|
||||
})
|
||||
|
||||
user.associate = function (models) {
|
||||
// associations can be defined here
|
||||
user.hasMany(models.event)
|
||||
user.belongsToMany(models.fed_users, { through: 'user_followers', as: 'followers' })
|
||||
User.associate = function (models) {
|
||||
User.hasMany(models.event)
|
||||
}
|
||||
|
||||
user.prototype.comparePassword = async function (pwd) {
|
||||
User.prototype.comparePassword = async function (pwd) {
|
||||
if (!this.password) { return false }
|
||||
const ret = await bcrypt.compare(pwd, this.password)
|
||||
return ret
|
||||
}
|
||||
|
||||
user.beforeSave(async (user, options) => {
|
||||
User.beforeSave(async (user, options) => {
|
||||
if (user.changed('password')) {
|
||||
debug('Password for %s modified', user.username)
|
||||
debug('Password for %s modified', user.email)
|
||||
const salt = await bcrypt.genSalt(10)
|
||||
const hash = await bcrypt.hash(user.password, salt)
|
||||
user.password = hash
|
||||
}
|
||||
})
|
||||
|
||||
user.beforeCreate(async (user, options) => {
|
||||
debug('Create a new user => %s', user.username)
|
||||
// generate rsa keys
|
||||
const rsa = await generateKeyPair('rsa', {
|
||||
modulusLength: 4096,
|
||||
publicKeyEncoding: {
|
||||
type: 'spki',
|
||||
format: 'pem'
|
||||
},
|
||||
privateKeyEncoding: {
|
||||
type: 'pkcs8',
|
||||
format: 'pem'
|
||||
}
|
||||
})
|
||||
user.rsa = rsa
|
||||
})
|
||||
|
||||
return user
|
||||
return User
|
||||
}
|
||||
|
||||
@@ -10,26 +10,23 @@ module.exports = {
|
||||
const body = req.body
|
||||
if (typeof body.object !== 'string') { return }
|
||||
const username = body.object.replace(`${config.baseurl}/federation/u/`, '')
|
||||
const user = await User.findOne({ where: { username }, include: { model: FedUsers, as: 'followers' } })
|
||||
if (!user) { return res.status(404).send('User not found') }
|
||||
if (username !== req.settings.instance_name) { return res.status(404).send('User not found') }
|
||||
|
||||
// check for duplicate
|
||||
if (!user.followers.includes(body.actor)) {
|
||||
await user.addFollowers([req.fedi_user.ap_id])
|
||||
// await user.update({ followers: [...user.followers, body.actor] })
|
||||
debug('%s followed by %s (%d)', username, body.actor, user.followers.length + 1)
|
||||
} else {
|
||||
debug('duplicate %s followed by %s', username, body.actor)
|
||||
}
|
||||
// if (!user.followers.includes(body.actor)) {
|
||||
// await user.addFollowers([req.fedi_user.id])
|
||||
// await user.update({ followers: [...user.followers, body.actor] })
|
||||
await req.fedi_user.update({ follower: true })
|
||||
debug('Followed by %s', body.actor)
|
||||
const guid = crypto.randomBytes(16).toString('hex')
|
||||
const message = {
|
||||
'@context': 'https://www.w3.org/ns/activitystreams',
|
||||
'id': `${config.baseurl}/federation/${guid}`,
|
||||
'type': 'Accept',
|
||||
'actor': `${config.baseurl}/federation/u/${user.username}`,
|
||||
'actor': `${config.baseurl}/federation/u/${username}`,
|
||||
'object': body
|
||||
}
|
||||
Helpers.signAndSend(message, user, req.fedi_user.object.inbox)
|
||||
Helpers.signAndSend(message, req.fedi_user.object.inbox)
|
||||
res.sendStatus(200)
|
||||
},
|
||||
|
||||
@@ -37,16 +34,14 @@ module.exports = {
|
||||
async unfollow (req, res) {
|
||||
const body = req.body
|
||||
const username = body.object.object.replace(`${config.baseurl}/federation/u/`, '')
|
||||
const user = await User.findOne({ where: { username }, include: { model: FedUsers, as: 'followers' } })
|
||||
if (!user) { return res.status(404).send('User not found') }
|
||||
if (username !== req.settings.instance_name) { return res.status(404).send('User not found') }
|
||||
|
||||
if (body.actor !== body.object.actor || body.actor !== req.fedi_user.ap_id) {
|
||||
debug('Unfollow an user created by a different actor !?!?')
|
||||
return res.status(400).send('Bad things')
|
||||
}
|
||||
|
||||
if (req.fedi_user) { await user.removeFollowers(req.fedi_user.ap_id) }
|
||||
debug('%s unfollowed by %s', username, body.actor)
|
||||
await req.fedi_user.update({ follower: false })
|
||||
debug('Unfollowed by %s', body.actor)
|
||||
res.sendStatus(200)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4,7 +4,7 @@ const crypto = require('crypto')
|
||||
const config = require('config')
|
||||
const httpSignature = require('http-signature')
|
||||
const debug = require('debug')('federation:helpers')
|
||||
const { user: User, fed_users: FedUsers, instances: Instances } = require('../api/models')
|
||||
const { APUser, Instance } = require('../api/models')
|
||||
const url = require('url')
|
||||
const settingsController = require('../api/controller/settings')
|
||||
|
||||
@@ -24,10 +24,10 @@ const Helpers = {
|
||||
next()
|
||||
},
|
||||
|
||||
async signAndSend (message, user, inbox) {
|
||||
async signAndSend (message, inbox) {
|
||||
// get the URI of the actor object and append 'inbox' to it
|
||||
const inboxUrl = new url.URL(inbox)
|
||||
const privkey = user.rsa.privateKey
|
||||
const privkey = settingsController.secretSettings.privateKey
|
||||
const signer = crypto.createSign('sha256')
|
||||
const d = new Date()
|
||||
const stringToSign = `(request-target): post ${inboxUrl.pathname}\nhost: ${inboxUrl.hostname}\ndate: ${d.toUTCString()}`
|
||||
@@ -35,7 +35,7 @@ const Helpers = {
|
||||
signer.end()
|
||||
const signature = signer.sign(privkey)
|
||||
const signature_b64 = signature.toString('base64')
|
||||
const header = `keyId="${config.baseurl}/federation/u/${user.username}",headers="(request-target) host date",signature="${signature_b64}"`
|
||||
const header = `keyId="${config.baseurl}/federation/u/${settingsController.settings.instance_name}",headers="(request-target) host date",signature="${signature_b64}"`
|
||||
const ret = await fetch(inbox, {
|
||||
headers: {
|
||||
'Host': inboxUrl.hostname,
|
||||
@@ -49,82 +49,38 @@ const Helpers = {
|
||||
debug('sign %s => %s', ret.status, await ret.text())
|
||||
},
|
||||
|
||||
async sendEvent (event, user, type = 'Create') {
|
||||
async sendEvent (event, type = 'Create') {
|
||||
if (!settingsController.settings.enable_federation) {
|
||||
debug('event not send, federation disabled')
|
||||
return
|
||||
}
|
||||
|
||||
// event is sent by user that published it and by the admin instance
|
||||
// collect followers from admin and user
|
||||
const instanceAdmin = await User.findOne({ where: { email: config.admin_email }, include: { model: FedUsers, as: 'followers' } })
|
||||
if (!instanceAdmin || !instanceAdmin.username) {
|
||||
debug('Instance admin not found (there is no user with email => %s)', config.admin_email)
|
||||
return
|
||||
}
|
||||
|
||||
const followers = await APUser.findAll({ where: { follow: true } })
|
||||
const recipients = {}
|
||||
instanceAdmin.followers.forEach(follower => {
|
||||
followers.forEach(follower => {
|
||||
const sharedInbox = follower.object.endpoints.sharedInbox
|
||||
if (!recipients[sharedInbox]) { recipients[sharedInbox] = [] }
|
||||
recipients[sharedInbox].push(follower.ap_id)
|
||||
})
|
||||
|
||||
for (const sharedInbox in recipients) {
|
||||
debug('Notify %s with event %s (from admin %s) cc => %d', sharedInbox, event.title, instanceAdmin.username, recipients[sharedInbox].length)
|
||||
debug('Notify %s with event %s cc => %d', sharedInbox, event.title , recipients[sharedInbox].length)
|
||||
const body = {
|
||||
id: `${config.baseurl}/federation/m/${event.id}#create`,
|
||||
type,
|
||||
to: ['https://www.w3.org/ns/activitystreams#Public'],
|
||||
cc: [`${config.baseurl}/federation/u/${instanceAdmin.username}/followers`, ...recipients[sharedInbox]],
|
||||
cc: [`${config.baseurl}/federation/u/${settingsController.settings.instance_name}/followers`, ...recipients[sharedInbox]],
|
||||
// cc: recipients[sharedInbox],
|
||||
actor: `${config.baseurl}/federation/u/${instanceAdmin.username}`,
|
||||
// object: event.toAP(instanceAdmin.username, [`${config.baseurl}/federation/u/${instanceAdmin.username}/followers`, ...recipients[sharedInbox]])
|
||||
object: event.toAP(instanceAdmin.username, recipients[sharedInbox])
|
||||
actor: `${config.baseurl}/federation/u/${settingsController.settings.instance_name}`,
|
||||
// object: event.toNoteAP(instanceAdmin.username, [`${config.baseurl}/federation/u/${instanceAdmin.username}/followers`, ...recipients[sharedInbox]])
|
||||
object: event.toNoteAP(settingsController.settings.instance_name, recipients[sharedInbox])
|
||||
}
|
||||
body['@context'] = [
|
||||
'https://www.w3.org/ns/activitystreams',
|
||||
'https://w3id.org/security/v1',
|
||||
{ Hashtag: 'as:Hashtag' } ]
|
||||
Helpers.signAndSend(body, instanceAdmin, sharedInbox)
|
||||
Helpers.signAndSend(body, sharedInbox)
|
||||
}
|
||||
|
||||
// TODO
|
||||
// in case the event is published by the Admin itself do not add user
|
||||
// if (instanceAdmin.id === user.id) {
|
||||
// debug('Event published by instance Admin')
|
||||
// return
|
||||
// }
|
||||
// if (!user.settings.enable_federation || !user.username) {
|
||||
// debug('Federation disabled for user %d (%s)', user.id, user.username)
|
||||
// return
|
||||
// }
|
||||
|
||||
// debug('Sending to user followers => ', user.username)
|
||||
// user = await User.findByPk(user.id, { include: { model: FedUsers, as: 'followers' } })
|
||||
// debug('Sending to user followers => ', user.followers.length)
|
||||
// recipients = {}
|
||||
// user.followers.forEach(follower => {
|
||||
// const sharedInbox = follower.object.endpoints.sharedInbox
|
||||
// if (!recipients[sharedInbox]) { recipients[sharedInbox] = [] }
|
||||
// recipients[sharedInbox].push(follower.ap_id)
|
||||
// })
|
||||
|
||||
// for (const sharedInbox in recipients) {
|
||||
// debug('Notify %s with event %s (from user %s) cc => %d', sharedInbox, event.title, user.username, recipients[sharedInbox].length)
|
||||
// const body = {
|
||||
// id: `${config.baseurl}/federation/m/${event.id}#create`,
|
||||
// type: 'Create',
|
||||
// to: ['https://www.w3.org/ns/activitystreams#Public'],
|
||||
// cc: [`${config.baseurl}/federation/u/${user.username}/followers`, ...recipients[sharedInbox]],
|
||||
// // cc: recipients[sharedInbox],
|
||||
// actor: `${config.baseurl}/federation/u/${user.username}`,
|
||||
// // object: event.toAP(user.username, [`${config.baseurl}/federation/u/${user.username}/followers`, ...recipients[sharedInbox]])
|
||||
// object: event.toAP(user.username, recipients[sharedInbox])
|
||||
// }
|
||||
// body['@context'] = 'https://www.w3.org/ns/activitystreams'
|
||||
// Helpers.signAndSend(body, user, sharedInbox)
|
||||
// }
|
||||
},
|
||||
|
||||
async getActor (URL, instance, force = false) {
|
||||
@@ -132,7 +88,7 @@ const Helpers = {
|
||||
|
||||
// try with cache first
|
||||
if (!force) {
|
||||
fedi_user = await FedUsers.findByPk(URL, { include: Instances })
|
||||
fedi_user = await APUser.findByPk(URL, { include: Instance })
|
||||
if (fedi_user) {
|
||||
if (!fedi_user.instances) {
|
||||
fedi_user.setInstance(instance)
|
||||
@@ -151,7 +107,7 @@ const Helpers = {
|
||||
})
|
||||
|
||||
if (fedi_user) {
|
||||
fedi_user = await FedUsers.create({ ap_id: URL, object: fedi_user })
|
||||
fedi_user = await APUser.create({ ap_id: URL, object: fedi_user })
|
||||
}
|
||||
return fedi_user
|
||||
},
|
||||
@@ -163,7 +119,7 @@ const Helpers = {
|
||||
debug('getInstance %s', domain)
|
||||
let instance
|
||||
if (!force) {
|
||||
instance = await Instances.findByPk(domain)
|
||||
instance = await Instance.findByPk(domain)
|
||||
if (instance) { return instance }
|
||||
}
|
||||
|
||||
@@ -174,7 +130,7 @@ const Helpers = {
|
||||
stats: instance.stats,
|
||||
thumbnail: instance.thumbnail
|
||||
}
|
||||
return Instances.create({ name: instance.title, domain, data, blocked: false })
|
||||
return Instance.create({ name: instance.title, domain, data, blocked: false })
|
||||
})
|
||||
.catch(e => {
|
||||
debug(e)
|
||||
|
||||
@@ -33,7 +33,7 @@ router.get('/m/:event_id', async (req, res) => {
|
||||
|
||||
const event = await Event.findByPk(req.params.event_id, { include: [ User, Tag, Place ] })
|
||||
if (!event) { return res.status(404).send('Not found') }
|
||||
return res.json(event.toAP(event.user.username))
|
||||
return res.json(event.toNoteAP(event.user.username))
|
||||
})
|
||||
|
||||
// get any message coming from federation
|
||||
|
||||
@@ -23,8 +23,8 @@ module.exports = {
|
||||
id: `${config.baseurl}/federation/u/${name}`,
|
||||
type: 'Person',
|
||||
summary: config.description,
|
||||
name: user.display_name || user.username,
|
||||
preferredUsername: user.username,
|
||||
name,
|
||||
preferredUsername: name,
|
||||
inbox: `${config.baseurl}/federation/u/${name}/inbox`,
|
||||
// outbox: `${config.baseurl}/federation/u/${name}/outbox`,
|
||||
// followers: `${config.baseurl}/federation/u/${name}/followers`,
|
||||
@@ -42,19 +42,23 @@ module.exports = {
|
||||
publicKey: {
|
||||
id: `${config.baseurl}/federation/u/${name}#main-key`,
|
||||
owner: `${config.baseurl}/federation/u/${name}`,
|
||||
publicKeyPem: get(user, 'rsa.publicKey', '')
|
||||
publicKeyPem: req.settings.publicKey
|
||||
}
|
||||
}
|
||||
res.type('application/activity+json; charset=utf-8')
|
||||
res.json(ret)
|
||||
},
|
||||
async followers (req, res) {
|
||||
|
||||
async followers(req, res) {
|
||||
// TODO
|
||||
const name = req.params.name
|
||||
const page = req.query.page
|
||||
debug('Retrieve %s followers', name)
|
||||
if (!name) { return res.status(400).send('Bad request.') }
|
||||
const user = await User.findOne({ where: { username: name }, include: [{ model: FedUsers, as: 'followers' }] })
|
||||
if (!user) { return res.status(404).send(`No record found for ${name}`) }
|
||||
if (name !== req.settings.instance_name) {
|
||||
return res.status(404).send(`No record found for ${name}`)
|
||||
}
|
||||
const followers = await APUser.findAll({ where: { follower: true } })
|
||||
|
||||
res.type('application/activity+json; charset=utf-8')
|
||||
|
||||
@@ -64,19 +68,19 @@ module.exports = {
|
||||
'@context': 'https://www.w3.org/ns/activitystreams',
|
||||
id: `${config.baseurl}/federation/u/${name}/followers`,
|
||||
type: 'OrderedCollection',
|
||||
totalItems: user.followers.length,
|
||||
totalItems: followers.length,
|
||||
first: `${config.baseurl}/federation/u/${name}/followers?page=true`,
|
||||
last: `${config.baseurl}/federation/u/${name}/followers?page=true`,
|
||||
orderedItems: user.followers.map(f => f.ap_id)
|
||||
orderedItems: followers.map(f => f.ap_id)
|
||||
})
|
||||
}
|
||||
return res.json({
|
||||
'@context': 'https://www.w3.org/ns/activitystreams',
|
||||
id: `${config.baseurl}/federation/u/${name}/followers?page=${page}`,
|
||||
type: 'OrderedCollectionPage',
|
||||
totalItems: user.followers.length,
|
||||
totalItems: followers.length,
|
||||
partOf: `${config.baseurl}/federation/u/${name}/followers`,
|
||||
orderedItems: user.followers.map(f => f.ap_id)
|
||||
orderedItems: followers.map(f => f.ap_id)
|
||||
})
|
||||
},
|
||||
|
||||
@@ -115,7 +119,7 @@ module.exports = {
|
||||
totalItems: user.events.length,
|
||||
partOf: `${config.baseurl}/federation/u/${name}/outbox`,
|
||||
orderedItems: user.events.map(e => ({
|
||||
...e.toAP(user.username), actor: `${config.baseurl}/federation/u/${user.username}`}))
|
||||
...e.toNoteAP(user.username), actor: `${config.baseurl}/federation/u/${user.username}` }))
|
||||
// user.events.map(e => ({
|
||||
// id: `${config.baseurl}/federation/m/${e.id}#create`,
|
||||
// type: 'Create',
|
||||
@@ -123,7 +127,7 @@ module.exports = {
|
||||
// cc: [`${config.baseurl}/federation/u/${user.username}/followers`],
|
||||
// published: e.createdAt,
|
||||
// actor: `${config.baseurl}/federation/u/${user.username}`,
|
||||
// object: e.toAP(user.username)
|
||||
// object: e.toNoteAP(user.username)
|
||||
// }))
|
||||
})
|
||||
}
|
||||
|
||||
@@ -15,23 +15,20 @@ router.use((req, res, next) => {
|
||||
res.status(404).send('Federation disabled')
|
||||
})
|
||||
|
||||
router.get('/webfinger', async (req, res) => {
|
||||
router.get('/webfinger', (req, res) => {
|
||||
if (!req.query || !req.query.resource || !req.query.resource.includes('acct:')) {
|
||||
debug('Bad webfinger request => %s', req.query && req.query.resource)
|
||||
return res.status(400).send('Bad request. Please make sure "acct:USER@DOMAIN" is what you are sending as the "resource" query parameter.')
|
||||
}
|
||||
|
||||
const resource = req.query.resource
|
||||
const domain = url.parse(req.settings.baseurl).host
|
||||
const domain = (new url.URL(req.settings.baseurl)).host
|
||||
const [, name, req_domain] = resource.match(/acct:(.*)@(.*)/)
|
||||
|
||||
if (domain !== req_domain) {
|
||||
debug('Bad webfinger request, requested domain "%s" instead of "%s"', req_domain, domain)
|
||||
return res.status(400).send('Bad request. Please make sure "acct:USER@DOMAIN" is what you are sending as the "resource" query parameter.')
|
||||
}
|
||||
|
||||
const user = await User.findOne({ where: { username: name } })
|
||||
if (!user) {
|
||||
if (name !== req.settings.instance_name) {
|
||||
debug('User not found: %s', name)
|
||||
return res.status(404).send(`No record found for ${name}`)
|
||||
}
|
||||
|
||||
@@ -39,24 +39,10 @@ module.exports = {
|
||||
await db.user.create({
|
||||
email: admin.email,
|
||||
password: admin.password,
|
||||
username: config.title.toLowerCase().replace(/ /g, ''),
|
||||
display_name: config.title,
|
||||
is_admin: true,
|
||||
is_active: true
|
||||
})
|
||||
|
||||
// set default settings
|
||||
consola.info('Set default settings')
|
||||
const settings = require('./api/controller/settings')
|
||||
await settings.set('allow_registration', true)
|
||||
await settings.set('allow_anon_event', true)
|
||||
await settings.set('allow_recurrent_event', false)
|
||||
await settings.set('recurrent_event_visible', true)
|
||||
await settings.set('enable_federation', false)
|
||||
await settings.set('enable_comments', false)
|
||||
await settings.set('disable_gamification', true)
|
||||
await settings.set('instance_timezone', 'Europe/Rome')
|
||||
|
||||
// add default notification
|
||||
consola.info('Add default notification')
|
||||
|
||||
|
||||
@@ -1,6 +1,5 @@
|
||||
const settingsController = require('./api/controller/settings')
|
||||
const { user: User } = require('./api/models')
|
||||
const { Op } = require('sequelize')
|
||||
const acceptLanguage = require('accept-language')
|
||||
const expressJwt = require('express-jwt')
|
||||
const moment = require('moment-timezone')
|
||||
@@ -22,7 +21,8 @@ const jwt = expressJwt({
|
||||
})
|
||||
|
||||
module.exports = {
|
||||
initMiddleware (req, res, next) {
|
||||
async initMiddleware (req, res, next) {
|
||||
await settingsController.load()
|
||||
// initialize settings
|
||||
req.settings = settingsController.settings
|
||||
req.secretSettings = settingsController.secretSettings
|
||||
@@ -44,7 +44,7 @@ module.exports = {
|
||||
jwt(req, res, async () => {
|
||||
if (!req.user) { return next() }
|
||||
req.user = await User.findOne({
|
||||
where: { id: { [Op.eq]: req.user.id }, is_active: true } })
|
||||
where: { id: req.user.id, is_active: true } })
|
||||
next()
|
||||
})
|
||||
}
|
||||
|
||||
@@ -5,7 +5,7 @@ const debug = require('debug')('notifier')
|
||||
const fediverseHelpers = require('./federation/helpers')
|
||||
|
||||
const { event: Event, notification: Notification, event_notification: EventNotification,
|
||||
user: User, place: Place, tag: Tag, fed_users: FedUsers } = require('./api/models')
|
||||
user: User, place: Place, tag: Tag, ap_user: APUser } = require('./api/models')
|
||||
const eventController = require('./api/controller/event')
|
||||
|
||||
const notifier = {
|
||||
@@ -21,14 +21,14 @@ const notifier = {
|
||||
promises.push(p)
|
||||
break
|
||||
case 'ap':
|
||||
p = fediverseHelpers.sendEvent(event, event.user, notification.action)
|
||||
p = fediverseHelpers.sendEvent(event, notification.action)
|
||||
promises.push(p)
|
||||
}
|
||||
return Promise.all(promises)
|
||||
},
|
||||
async notifyEvent (action, eventId) {
|
||||
const event = await Event.findByPk(eventId, {
|
||||
include: [ Tag, Place, Notification, { model: User, include: { model: FedUsers, as: 'followers' } } ]
|
||||
include: [ Tag, Place, Notification, { model: User, include: { model: APUser, as: 'followers' } } ]
|
||||
})
|
||||
|
||||
debug('%s -> %s', action, event.title)
|
||||
|
||||
Reference in New Issue
Block a user