Blame - app.ts - jami-web

blob: 6f6cf6b74888ab32e56fa902728ea7b49a27bd00 [file] [log] [blame]

simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	1	'use strict';
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	2
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	3	import dotenv from 'dotenv';
				4	const env = dotenv.config();
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	5
simon	07b4eb0	2022-09-29 17:50:26 -0400	[diff] [blame^]	6	import cors from 'cors';
				7	import express, { NextFunction, Request, Response } from 'express';
				8	import session from 'express-session';
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	9	import { promises as fs } from 'fs';
				10	import http from 'http';
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	11	import passport from 'passport';
				12	import { Strategy as LocalStrategy } from 'passport-local';
simon	07b4eb0	2022-09-29 17:50:26 -0400	[diff] [blame^]	13	import path from 'path';
				14	import { Server, Socket } from 'socket.io';
				15	import { ExtendedError } from 'socket.io/dist/namespace';
				16
				17	import JamiDaemon from './JamiDaemon.js';
				18	import Account from './model/Account';
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	19	//import { createRequire } from 'module';
				20	//const require = createRequire(import.meta.url);
Adrien Béraud	947e879	2021-04-15 18:32:44 -0400	[diff] [blame]	21	//const redis = require('redis-url').connect()
				22	//const RedisStore = require('connect-redis')(session)
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	23	/const passportSocketIo = require('passport.socketio')/
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	24	import indexRouter from './routes/index.js';
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	25	import JamiRestApi from './routes/jami.js';
idillon	8e6c006	2022-09-16 13:34:43 -0400	[diff] [blame]	26	// import { sentrySetUp } from './sentry.js'
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	27
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	28	const configPath = 'jamiServerConfig.json';
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	29
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	30	//const sessionStore = new RedisStore({ client: redis })
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	31	const sessionStore = new session.MemoryStore();
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	32
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	33	interface UserConfig {
				34	accounts: string;
				35	password?: string;
				36	username?: string;
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	37	type?: string;
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	38	}
				39
				40	interface AppConfig {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	41	users: Record<string, UserConfig>;
				42	authMethods: any[];
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	43	}
				44
				45	const loadConfig = async (filePath: string): Promise<AppConfig> => {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	46	const config = { users: {}, authMethods: [] };
				47	try {
				48	return Object.assign(config, JSON.parse((await fs.readFile(filePath)).toString()));
				49	} catch (e) {
				50	console.log(e);
				51	return config;
				52	}
				53	};
Adrien Béraud	824a713	2021-04-17 17:25:27 -0400	[diff] [blame]	54
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	55	const saveConfig = (filePath: string, config: AppConfig) => {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	56	return fs.writeFile(filePath, JSON.stringify(config));
				57	};
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	58
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	59	/*
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	60	Share sessions between Passport.js and Socket.io
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	61	*/
				62
				63	function logSuccess() {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	64	console.log('passportSocketIo authorized user with Success 😁');
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	65	}
				66
				67	function logFail() {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	68	console.log('passportSocketIo failed to authorized user 👺');
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	69	}
				70
				71	/*
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	72
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	73	tempAccounts holds users accounts while tempting to authenticate them on Jams.
				74	connectedUsers holds users accounts after they got authenticated by Jams.
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	75
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	76	Users should be removed from connectedUsers when receiving a disconnect
				77	web socket call
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	78
				79	*/
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	80	const tempAccounts: Record<string, any> = {};
				81	const connectedUsers: Record<string, any> = {};
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	82
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	83	const createServer = async (appConfig: AppConfig) => {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	84	const node_env = process.env.NODE_ENV \|\| 'development';
				85	const app = express();
				86	console.log(`Loading server for ${node_env} with config:`);
				87	console.log(appConfig);
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	88
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	89	const corsOptions = {
				90	origin: 'http://127.0.0.1:3000',
				91	};
Adrien Béraud	4e287b9	2021-04-24 16:15:56 -0400	[diff] [blame]	92
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	93	if (node_env === 'development') {
				94	const webpack = await import('webpack');
				95	const webpackDev = await import('webpack-dev-middleware');
				96	const webpackHot = await import('webpack-hot-middleware');
				97	const { default: webpackConfig } = await import('jami-web-client/webpack.config.js');
simon	c7d5245	2022-09-23 02:09:42 -0400	[diff] [blame]	98
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	99	const compiler = webpack.default(webpackConfig);
				100	app.use(
				101	webpackDev.default(compiler, {
				102	publicPath: webpackConfig.output?.publicPath,
				103	})
				104	);
				105	app.use(webpackHot.default(compiler));
				106	}
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	107
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	108	/*
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	109	Configuation for Passeport Js
				110	*/
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	111	app.disable('x-powered-by');
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	112
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	113	const secret_key = process.env.SECRET_KEY_BASE;
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	114
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	115	if (!secret_key) {
				116	throw new Error('SECRET_KEY_BASE undefined');
				117	}
				118
				119	const sessionMiddleware = session({
				120	store: sessionStore,
				121	resave: false,
				122	saveUninitialized: true,
				123	cookie: {
				124	secure: false, //!development,
				125	maxAge: 2419200000,
				126	},
				127	secret: secret_key,
				128	});
				129
				130	app.use(sessionMiddleware);
				131	app.use(passport.initialize());
				132	app.use(passport.session());
				133	// app.use(app.router)
				134	app.use(cors(corsOptions));
				135
				136	const jami = new JamiDaemon((account: Account, conversation: any, message: any) => {
				137	console.log('JamiDaemon onMessage');
				138
				139	if (conversation.listeners) {
				140	Object.values(conversation.listeners).forEach((listener: any) => {
				141	listener.socket.emit('newMessage', message);
				142	});
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	143	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	144	});
				145	const apiRouter = new JamiRestApi(jami).getRouter();
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	146
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	147	/*
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	148	io.use(passportSocketIo.authorize({
				149	key: 'connect.sid',
				150	secret: process.env.SECRET_KEY_BASE,
				151	store: sessionStore,
				152	passport: passport,
				153	cookieParser: cookieParser,
				154	//success: logSuccess(),
				155	// fail: logFail(),
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	156	}))
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	157	*/
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	158
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	159	const isSetupComplete = () => {
				160	return 'admin' in appConfig.users;
				161	};
				162
				163	const accountFilter = (filter: string \| any[]) => {
				164	if (typeof filter === 'string') {
				165	if (filter === '*') return undefined;
				166	else return (account: Account) => account.getId() === filter;
				167	} else if (Array.isArray(filter)) {
				168	return (account: Account) => filter.includes(account.getId());
				169	} else {
				170	throw new Error('Invalid account filter string');
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	171	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	172	};
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	173
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	174	const user = (id: string, config: UserConfig) => {
				175	return {
				176	id,
				177	config,
				178	username: config.username \|\| id,
				179	accountFilter: accountFilter(config.accounts),
				180	};
				181	};
				182
				183	passport.serializeUser((user: any, done) => {
				184	connectedUsers[user.id] = user.config;
				185	console.log('=============================SerializeUser called ' + user.id);
				186	console.log(user);
				187	done(null, user.id);
				188	});
				189
				190	const deserializeUser = (id: string, done: (err: any, user?: Express.User \| false \| null) => void) => {
				191	console.log('=============================DeserializeUser called on: ' + id);
				192	const userConfig = connectedUsers[id];
				193	console.log(userConfig);
				194	if (userConfig) {
				195	done(null, user(id, userConfig));
				196	} else done(404, null);
				197	};
				198	passport.deserializeUser(deserializeUser);
				199
				200	const jamsStrategy = new LocalStrategy(async (username, password, done) => {
				201	const accountId = await jami.addAccount({
				202	managerUri: 'https://jams.savoirfairelinux.com',
				203	managerUsername: username,
				204	archivePassword: password,
				205	});
				206	const id = `jams_${username}`;
				207	const userConfig = { username, type: 'jams', accounts: accountId };
				208	const newUser = user(id, userConfig);
				209	console.log('AccountId: ' + accountId);
				210	tempAccounts[accountId] = { done, newUser };
				211	});
				212	jamsStrategy.name = 'jams';
				213
				214	const localStrategy = new LocalStrategy((username, password, done) => {
				215	console.log('localStrategy: ' + username + ' ' + password);
				216
				217	const id = username;
				218	const userConfig = appConfig.users[username];
				219	if (!userConfig) {
				220	return done(null, false, { message: 'Incorrect username.' });
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	221	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	222	if (userConfig.password !== password) {
				223	return done(null, false, { message: 'Incorrect password.' });
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	224	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	225	userConfig.type = 'local';
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	226
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	227	done(null, user(id, userConfig));
				228	});
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	229
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	230	passport.use(jamsStrategy);
				231	passport.use(localStrategy);
				232
				233	const secured = (req: Request, res: Response, next: NextFunction) => {
				234	if (req.user) {
				235	return next();
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	236	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	237	res.status(401).end();
				238	};
				239	const securedRedirect = (req: Request, res: Response, next: NextFunction) => {
				240	if (req.user && (req.user as any)?.accountId) {
				241	return next();
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	242	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	243	(req.session as any).returnTo = req.originalUrl;
				244	res.redirect('/login');
				245	};
				246
				247	app.use(express.json());
				248	app.post('/setup', (req, res) => {
				249	if (isSetupComplete()) {
				250	return res.status(404).end();
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	251	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	252	if (!req.body.password) {
				253	return res.status(400).end();
Adrien Béraud	e5cad98	2021-06-07 10:05:50 -0400	[diff] [blame]	254	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	255	console.log(req.body);
				256	appConfig.users.admin = {
				257	accounts: '*',
				258	password: req.body.password,
				259	};
				260	res.status(200).end();
				261	saveConfig(configPath, appConfig);
				262	});
				263	app.post('/auth/jams', passport.authenticate('jams'), (req, res) => {
				264	res.json({ loggedin: true });
				265	});
				266	app.post('/auth/local', passport.authenticate('local'), (req, res) => {
				267	res.json({ loggedin: true, user: (req.user as any)?.id });
				268	});
Adrien Béraud	e5cad98	2021-06-07 10:05:50 -0400	[diff] [blame]	269
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	270	const getState = (req: Request) => {
				271	if (req.user) {
				272	const user = (req.user \|\| {}) as UserConfig;
				273	return { loggedin: true, username: user.username, type: user.type };
				274	} else if (isSetupComplete()) {
				275	return {};
				276	} else {
				277	return { setupComplete: false };
				278	}
				279	};
idillon	452e210	2022-09-16 13:23:28 -0400	[diff] [blame]	280
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	281	// sentrySetUp(app);
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	282
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	283	app.get('/auth', (req, res) => {
				284	const state = getState(req);
				285	if (req.user) {
				286	res.json(state);
				287	} else {
				288	res.status(401).json(state);
				289	}
				290	});
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	291
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	292	app.use('/api', secured, apiRouter);
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	293
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	294	app.use('/', indexRouter);
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	295
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	296	/* GET React App */
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	297
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	298	const cwd = process.cwd();
				299	app.use(express.static(path.join(cwd, 'client/dist')));
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	300
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	301	app.use((req, res) => {
				302	res.render(path.join(cwd, 'client/dist/index.ejs'), {
				303	initdata: JSON.stringify(getState(req)),
				304	});
				305	});
idillon	452e210	2022-09-16 13:23:28 -0400	[diff] [blame]	306
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	307	// @ts-ignore TODO: Fix the typescript error
				308	const server = http.Server(app);
Adrien Béraud	4e287b9	2021-04-24 16:15:56 -0400	[diff] [blame]	309
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	310	const io = new Server(server, { cors: corsOptions });
				311	const wrap = (middleware: any) => (socket: Socket, next: (err?: ExtendedError) => void) =>
				312	middleware(socket.request, {}, next);
				313	io.use(wrap(sessionMiddleware));
				314	io.use(wrap(passport.initialize()));
				315	io.use(wrap(passport.session()));
				316	io.use((socket, next) => {
				317	if ((socket.request as any).user) {
				318	next();
				319	} else {
				320	next(new Error('unauthorized'));
				321	}
				322	});
				323	io.on('connect', (socket) => {
				324	console.log(`new connection ${socket.id}`);
				325	const session = (socket.request as any).session;
				326	console.log(`saving sid ${socket.id} in session ${session.id}`);
				327	session.socketId = socket.id;
				328	session.save();
Adrien Béraud	abba2e5	2021-04-24 21:39:56 -0400	[diff] [blame]	329
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	330	socket.on('conversation', (data) => {
				331	console.log('io conversation');
				332	console.log(data);
				333	if (session.conversation) {
				334	console.log(`disconnect from old conversation ${session.conversation.conversationId}`);
				335	const conversation = jami.getConversation(session.conversation.accountId, session.conversation.conversationId);
				336	delete conversation.listeners[socket.id];
				337	}
				338	session.conversation = { accountId: data.accountId, conversationId: data.conversationId };
				339	const conversation = jami.getConversation(data.accountId, data.conversationId);
				340	if (!conversation.listeners) conversation.listeners = {};
				341	conversation.listeners[socket.id] = {
				342	socket,
				343	session,
				344	};
				345	session.save();
				346	});
				347	});
Adrien Béraud	4e287b9	2021-04-24 16:15:56 -0400	[diff] [blame]	348
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	349	return server;
				350	};
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	351
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	352	loadConfig(configPath)
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	353	.then(createServer)
				354	.then((server) => {
				355	server.listen(3000);
				356	});