max/memorium
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

feat: add authentication

Browse Source
This commit is contained in:
max_richter
2023-08-04 22:35:25 +02:00
parent f9638c35fc
commit 469db6525d
33 changed files with 492 additions and 100 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
routes/_middleware.ts
View File

@ -1,6 +1,10 @@
//routes/middleware-error-handler/_middleware.ts
import { MiddlewareHandlerContext } from "$fresh/server.ts";
import { DomainError } from "@lib/errors.ts";
import { getCookies } from "https://deno.land/std@0.197.0/http/cookie.ts";
import { decode, verify } from "https://deno.land/x/djwt@v2.2/mod.ts";
import { sessionDB, userDB } from "@lib/db.ts";
import { JWT_SECRET } from "@lib/env.ts";
export async function handler(
_req: Request,
@ -8,6 +12,18 @@ export async function handler(
) {
try {
ctx.state.flag = true;
const allCookies = getCookies(_req.headers);
const sessionCookie = allCookies["session_cookie"];
if (!ctx.state.session && sessionCookie && JWT_SECRET) {
try {
const payload = await verify(sessionCookie, JWT_SECRET, "HS512");
if (payload) {
ctx.state.session = payload;
}
} catch (_err) {
//
}
}
return await ctx.next();
} catch (error) {
console.error(error);

77
routes/api/articles/create/index.ts
View File

@ -1,15 +1,14 @@
import { Handlers } from "$fresh/server.ts";
import { Readability } from "https://cdn.skypack.dev/@mozilla/readability";
import { DOMParser } from "https://deno.land/x/deno_dom@v0.1.38/deno-dom-wasm.ts";
import { BadRequestError } from "@lib/errors.ts";
import { createStreamResponse, isValidUrl, json } from "@lib/helpers.ts";
import { AccessDeniedError, BadRequestError } from "@lib/errors.ts";
import { createStreamResponse, isValidUrl } from "@lib/helpers.ts";
import * as openai from "@lib/openai.ts";
import tds from "https://cdn.skypack.dev/turndown@7.1.1";
//import { gfm } from "https://cdn.skypack.dev/@guyplusplus/turndown-plugin-gfm@1.0.7";
import { Article, createArticle } from "@lib/resource/articles.ts";
import { getYoutubeVideoDetails } from "@lib/youtube.ts";
import { extractYoutubeId, formatDate, isYoutubeLink } from "@lib/string.ts";
import { extractYoutubeId, isYoutubeLink } from "@lib/string.ts";
const parser = new DOMParser();
@ -34,6 +33,11 @@ async function processCreateArticle(
const title = document?.querySelector("title")?.innerText;
const images: HTMLImageElement[] = [];
document?.querySelectorAll("img").forEach((img) => {
images.push(img as unknown as HTMLImageElement);
});
const metaAuthor =
document?.querySelector('meta[name="twitter:creator"]')?.getAttribute(
"content",
@ -62,6 +66,19 @@ async function processCreateArticle(
});
const url = new URL(fetchUrl);
function makeUrlAbsolute(src: string) {
if (src.startsWith("/")) {
return `${url.origin}${src.replace(/$\//, "")}`;
}
if (!src.startsWith("https://") && !src.startsWith("http://")) {
return `${url.origin.replace(/\/$/, "")}/${src.replace(/^\//, "")})`;
}
return src;
}
service.addRule("fix image links", {
filter: ["img"],
replacement: function (_: string, node: HTMLImageElement) {
@ -69,17 +86,7 @@ async function processCreateArticle(
const alt = node.getAttribute("alt") || "";
if (!src || src.startsWith("data:image")) return "";
if (src.startsWith("/")) {
return `![${alt}](${url.origin}${src.replace(/$\//, "")})`;
}
if (!src.startsWith("https://") && !src.startsWith("http://")) {
return `![${alt}](${url.origin.replace(/\/$/, "")}/${
src.replace(/^\//, "")
})`;
}
return `![${alt}](${src})`;
return `![${alt}](${makeUrlAbsolute(src)})`;
},
});
service.addRule("fix normal links", {
@ -119,19 +126,40 @@ async function processCreateArticle(
const id = shortTitle || title || "";
const meta: Article["meta"] = {
author: (author || "").replace("@", "twitter:"),
link: fetchUrl,
status: "not-finished",
date: new Date(),
};
const largestImage = images.filter((img) => {
const src = img.getAttribute("src");
return !!src && !src.startsWith("data:");
}).sort((a, b) => {
const aSize = +(a.getAttribute("width") || 0) +
+(a.getAttribute("height") || 0);
const bSize = +(b.getAttribute("width") || 0) +
+(b.getAttribute("height") || 0);
return aSize > bSize ? -1 : 1;
})[0];
const newArticle = {
type: "article",
id,
name: title || "",
content: markdown,
tags: tags || [],
meta: {
author: (author || "").replace("@", "twitter:"),
link: fetchUrl,
status: "not-finished",
date: new Date(),
},
meta,
} as const;
if (largestImage) {
const src = makeUrlAbsolute(largestImage.getAttribute("src") || "");
if (src) {
meta.image = src;
}
}
streamResponse.enqueue("finished processing");
await createArticle(newArticle);
@ -181,7 +209,12 @@ async function processCreateYoutubeVideo(
}
export const handler: Handlers = {
GET(req) {
GET(req, ctx) {
const session = ctx.state.session;
if (!session) {
throw new AccessDeniedError();
}
const url = new URL(req.url);
const fetchUrl = url.searchParams.get("url");

75
routes/api/auth/callback.ts Normal file
View File

@ -0,0 +1,75 @@
import { Handlers } from "$fresh/server.ts";
import { create, getNumericDate } from "https://deno.land/x/djwt@v2.2/mod.ts";
import { oauth2Client } from "@lib/auth.ts";
import {
getCookies,
setCookie,
} from "https://deno.land/std@0.197.0/http/cookie.ts";
import { codeChallengeMap } from "./login.ts";
import { GITEA_SERVER, JWT_SECRET, SESSION_DURATION } from "@lib/env.ts";
import { userDB } from "@lib/db.ts";
import { GiteaOauthUser } from "@lib/types.ts";
import { BadRequestError } from "@lib/errors.ts";
export const handler: Handlers = {
async GET(request, ctx) {
if (!JWT_SECRET) {
throw new BadRequestError();
}
// Exchange the authorization code for an access token
const cookies = getCookies(request.headers);
const codeVerifier = codeChallengeMap.get(cookies["code_challenge"]);
const tokens = await oauth2Client.code.getToken(request.url, {
codeVerifier,
});
// Use the access token to make an authenticated API request
const userInfo = `${GITEA_SERVER}/login/oauth/userinfo`;
const userResponse = await fetch(userInfo, {
headers: {
Authorization: `token ${tokens.accessToken}`,
},
});
const oauthUser = await userResponse.json() as GiteaOauthUser;
const allUsers = await userDB.findAll();
let user = allUsers.find((u) => u.name === oauthUser.name);
if (!user) {
user = await userDB.create({
createdAt: new Date(),
email: oauthUser.email,
name: oauthUser.name,
});
}
const jwt = await create({ alg: "HS512", type: "JWT" }, {
id: user.id,
name: user.name,
exp: getNumericDate(SESSION_DURATION),
}, JWT_SECRET);
const headers = new Headers({
location: "/",
});
setCookie(headers, {
name: "session_cookie",
value: jwt,
path: "/",
maxAge: SESSION_DURATION,
httpOnly: false,
secure: true,
sameSite: "Lax",
});
return new Response(null, {
headers,
status: 302,
});
},
};

29
routes/api/auth/login.ts Normal file
View File

@ -0,0 +1,29 @@
import { Handlers } from "$fresh/server.ts";
import { oauth2Client } from "@lib/auth.ts";
import { sha256 } from "@lib/string.ts";
import { setCookie } from "https://deno.land/std@0.197.0/http/cookie.ts";
export const codeChallengeMap = new Map();
export const handler: Handlers = {
async GET() {
const { codeVerifier, uri } = await oauth2Client.code.getAuthorizationUri();
const codeChallenge = uri.searchParams.get("code_challenge");
if (!codeChallenge) return new Response();
codeChallengeMap.set(codeChallenge, codeVerifier);
const headers = new Headers();
setCookie(headers, {
name: "code_challenge",
value: codeChallenge,
});
headers.append("location", uri.href);
return new Response(null, {
headers,
status: 302,
});
},
};

17
routes/api/auth/logout.ts Normal file
View File

@ -0,0 +1,17 @@
import { deleteCookie } from "https://deno.land/std@0.197.0/http/cookie.ts";
import { Handlers } from "$fresh/server.ts";
export const handler: Handlers = {
GET() {
const headers = new Headers();
headers.append("location", "/");
deleteCookie(headers, "session_cookie", {
path: "/",
});
return new Response(null, {
headers,
status: 302,
});
},
};

6
routes/api/movies/[name].ts
View File

@ -5,6 +5,7 @@ import * as tmdb from "@lib/tmdb.ts";
import { fileExtension } from "https://deno.land/x/file_extension@v2.1.0/mod.ts";
import { safeFileName } from "@lib/string.ts";
import { createDocument } from "@lib/documents.ts";
import { AccessDeniedError } from "@lib/errors.ts";
export const handler: Handlers = {
async GET(_, ctx) {
@ -12,6 +13,11 @@ export const handler: Handlers = {
return json(movie);
},
async POST(_, ctx) {
const session = ctx.state.session;
if (!session) {
throw new AccessDeniedError();
}
const tmdbId = parseInt(ctx.params.name);
const movieDetails = await tmdb.getMovie(tmdbId);

17
routes/api/movies/enhance/[name].ts
View File

@ -10,7 +10,7 @@ import * as tmdb from "@lib/tmdb.ts";
import { parse, stringify } from "https://deno.land/std@0.194.0/yaml/mod.ts";
import { formatDate, safeFileName } from "@lib/string.ts";
import { json } from "@lib/helpers.ts";
import { BadRequestError } from "@lib/errors.ts";
import { AccessDeniedError, BadRequestError } from "@lib/errors.ts";
async function updateMovieMetadata(
name: string,
@ -49,13 +49,18 @@ async function updateMovieMetadata(
}
const POST = async (
_req: Request,
_ctx: HandlerContext,
req: Request,
ctx: HandlerContext,
): Promise<Response> => {
const movie = await getMovie(_ctx.params.name);
const movie = await getMovie(ctx.params.name);
const body = await _req.json();
const name = _ctx.params.name;
const session = ctx.state.session;
if (!session) {
throw new AccessDeniedError();
}
const body = await req.json();
const name = ctx.params.name;
const { tmdbId } = body;
if (!name || !tmdbId) {
throw new BadRequestError();

8
routes/api/query/index.ts
View File

@ -3,6 +3,7 @@ import { json } from "@lib/helpers.ts";
import { getAllMovies, Movie } from "@lib/resource/movies.ts";
import { Article, getAllArticles } from "@lib/resource/articles.ts";
import { getAllRecipes, Recipe } from "@lib/resource/recipes.ts";
import { AccessDeniedError } from "@lib/errors.ts";
const isResource = (
item: Movie | Article | Recipe | boolean,
@ -11,7 +12,12 @@ const isResource = (
};
export const handler: Handlers = {
async GET(req) {
async GET(req, ctx) {
const session = ctx.state.session;
if (!session) {
throw new AccessDeniedError();
}
const url = new URL(req.url);
const types = url.searchParams.get("type")?.split(", ");

13
routes/api/tmdb/query.ts
View File

@ -1,7 +1,7 @@
import { HandlerContext, Handlers } from "$fresh/server.ts";
import { searchMovie } from "@lib/tmdb.ts";
import * as cache from "@lib/cache/cache.ts";
import { BadRequestError } from "@lib/errors.ts";
import { AccessDeniedError, BadRequestError } from "@lib/errors.ts";
import { json } from "@lib/helpers.ts";
type CachedMovieQuery = {
@ -12,10 +12,15 @@ type CachedMovieQuery = {
const CACHE_INTERVAL = 1000 * 60 * 24 * 30;
const GET = async (
_req: Request,
_ctx: HandlerContext,
req: Request,
ctx: HandlerContext,
) => {
const u = new URL(_req.url);
const session = ctx.state.session;
if (!session) {
throw new AccessDeniedError();
}
const u = new URL(req.url);
const query = u.searchParams.get("q");

2
routes/index.tsx
View File

@ -3,6 +3,7 @@ import { MainLayout } from "@components/layouts/main.tsx";
import { Card } from "@components/Card.tsx";
import { PageProps } from "$fresh/server.ts";
import { menu } from "@lib/menus.ts";
import { KMenu } from "@islands/KMenu.tsx";
export default function Home(props: PageProps) {
return (
@ -10,6 +11,7 @@ export default function Home(props: PageProps) {
<Head>
<title>app</title>
</Head>
<KMenu type="main" context={null} />
<MainLayout url={props.url}>
<div class="flex flex-wrap items-center gap-4 px-4">
{menu.map((m) => {