Blame - app.ts - jami-web

blob: 8ec27f3b3f7cd44f06e95ea32a2f511d8b662473 [file] [log] [blame]

simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	1	'use strict';
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	2
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	3	import dotenv from 'dotenv';
				4	const env = dotenv.config();
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	5
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	6	import { promises as fs } from 'fs';
				7	import http from 'http';
				8	import express, { NextFunction, Response, Request } from 'express';
				9	import session from 'express-session';
				10	import { Server, Socket } from 'socket.io';
				11	import path from 'path';
				12	import passport from 'passport';
				13	import { Strategy as LocalStrategy } from 'passport-local';
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	14	//import { createRequire } from 'module';
				15	//const require = createRequire(import.meta.url);
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	16
Adrien Béraud	947e879	2021-04-15 18:32:44 -0400	[diff] [blame]	17	//const redis = require('redis-url').connect()
				18	//const RedisStore = require('connect-redis')(session)
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	19	/const passportSocketIo = require('passport.socketio')/
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	20
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	21	import indexRouter from './routes/index.js';
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	22
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	23	import cors from 'cors';
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	24
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	25	import JamiRestApi from './routes/jami.js';
				26	import JamiDaemon from './JamiDaemon.js';
				27	import Account from './model/Account';
				28	import { ExtendedError } from 'socket.io/dist/namespace';
idillon	8e6c006	2022-09-16 13:34:43 -0400	[diff] [blame]	29	// import { sentrySetUp } from './sentry.js'
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	30
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	31	const configPath = 'jamiServerConfig.json';
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	32
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	33	//const sessionStore = new RedisStore({ client: redis })
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	34	const sessionStore = new session.MemoryStore();
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	35
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	36	interface UserConfig {
				37	accounts: string;
				38	password?: string;
				39	username?: string;
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	40	type?: string;
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	41	}
				42
				43	interface AppConfig {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	44	users: Record<string, UserConfig>;
				45	authMethods: any[];
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	46	}
				47
				48	const loadConfig = async (filePath: string): Promise<AppConfig> => {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	49	const config = { users: {}, authMethods: [] };
				50	try {
				51	return Object.assign(config, JSON.parse((await fs.readFile(filePath)).toString()));
				52	} catch (e) {
				53	console.log(e);
				54	return config;
				55	}
				56	};
Adrien Béraud	824a713	2021-04-17 17:25:27 -0400	[diff] [blame]	57
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	58	const saveConfig = (filePath: string, config: AppConfig) => {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	59	return fs.writeFile(filePath, JSON.stringify(config));
				60	};
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	61
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	62	/*
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	63	Share sessions between Passport.js and Socket.io
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	64	*/
				65
				66	function logSuccess() {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	67	console.log('passportSocketIo authorized user with Success 😁');
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	68	}
				69
				70	function logFail() {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	71	console.log('passportSocketIo failed to authorized user 👺');
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	72	}
				73
				74	/*
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	75
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	76	tempAccounts holds users accounts while tempting to authenticate them on Jams.
				77	connectedUsers holds users accounts after they got authenticated by Jams.
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	78
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	79	Users should be removed from connectedUsers when receiving a disconnect
				80	web socket call
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	81
				82	*/
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	83	const tempAccounts: Record<string, any> = {};
				84	const connectedUsers: Record<string, any> = {};
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	85
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	86	const createServer = async (appConfig: AppConfig) => {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	87	const node_env = process.env.NODE_ENV \|\| 'development';
				88	const app = express();
				89	console.log(`Loading server for ${node_env} with config:`);
				90	console.log(appConfig);
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	91
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	92	const corsOptions = {
				93	origin: 'http://127.0.0.1:3000',
				94	};
Adrien Béraud	4e287b9	2021-04-24 16:15:56 -0400	[diff] [blame]	95
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	96	if (node_env === 'development') {
				97	const webpack = await import('webpack');
				98	const webpackDev = await import('webpack-dev-middleware');
				99	const webpackHot = await import('webpack-hot-middleware');
				100	const { default: webpackConfig } = await import('jami-web-client/webpack.config.js');
simon	c7d5245	2022-09-23 02:09:42 -0400	[diff] [blame]	101
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	102	const compiler = webpack.default(webpackConfig);
				103	app.use(
				104	webpackDev.default(compiler, {
				105	publicPath: webpackConfig.output?.publicPath,
				106	})
				107	);
				108	app.use(webpackHot.default(compiler));
				109	}
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	110
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	111	/*
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	112	Configuation for Passeport Js
				113	*/
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	114	app.disable('x-powered-by');
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	115
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	116	const secret_key = process.env.SECRET_KEY_BASE;
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	117
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	118	if (!secret_key) {
				119	throw new Error('SECRET_KEY_BASE undefined');
				120	}
				121
				122	const sessionMiddleware = session({
				123	store: sessionStore,
				124	resave: false,
				125	saveUninitialized: true,
				126	cookie: {
				127	secure: false, //!development,
				128	maxAge: 2419200000,
				129	},
				130	secret: secret_key,
				131	});
				132
				133	app.use(sessionMiddleware);
				134	app.use(passport.initialize());
				135	app.use(passport.session());
				136	// app.use(app.router)
				137	app.use(cors(corsOptions));
				138
				139	const jami = new JamiDaemon((account: Account, conversation: any, message: any) => {
				140	console.log('JamiDaemon onMessage');
				141
				142	if (conversation.listeners) {
				143	Object.values(conversation.listeners).forEach((listener: any) => {
				144	listener.socket.emit('newMessage', message);
				145	});
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	146	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	147	});
				148	const apiRouter = new JamiRestApi(jami).getRouter();
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	149
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	150	/*
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	151	io.use(passportSocketIo.authorize({
				152	key: 'connect.sid',
				153	secret: process.env.SECRET_KEY_BASE,
				154	store: sessionStore,
				155	passport: passport,
				156	cookieParser: cookieParser,
				157	//success: logSuccess(),
				158	// fail: logFail(),
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	159	}))
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	160	*/
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	161
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	162	const isSetupComplete = () => {
				163	return 'admin' in appConfig.users;
				164	};
				165
				166	const accountFilter = (filter: string \| any[]) => {
				167	if (typeof filter === 'string') {
				168	if (filter === '*') return undefined;
				169	else return (account: Account) => account.getId() === filter;
				170	} else if (Array.isArray(filter)) {
				171	return (account: Account) => filter.includes(account.getId());
				172	} else {
				173	throw new Error('Invalid account filter string');
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	174	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	175	};
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	176
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	177	const user = (id: string, config: UserConfig) => {
				178	return {
				179	id,
				180	config,
				181	username: config.username \|\| id,
				182	accountFilter: accountFilter(config.accounts),
				183	};
				184	};
				185
				186	passport.serializeUser((user: any, done) => {
				187	connectedUsers[user.id] = user.config;
				188	console.log('=============================SerializeUser called ' + user.id);
				189	console.log(user);
				190	done(null, user.id);
				191	});
				192
				193	const deserializeUser = (id: string, done: (err: any, user?: Express.User \| false \| null) => void) => {
				194	console.log('=============================DeserializeUser called on: ' + id);
				195	const userConfig = connectedUsers[id];
				196	console.log(userConfig);
				197	if (userConfig) {
				198	done(null, user(id, userConfig));
				199	} else done(404, null);
				200	};
				201	passport.deserializeUser(deserializeUser);
				202
				203	const jamsStrategy = new LocalStrategy(async (username, password, done) => {
				204	const accountId = await jami.addAccount({
				205	managerUri: 'https://jams.savoirfairelinux.com',
				206	managerUsername: username,
				207	archivePassword: password,
				208	});
				209	const id = `jams_${username}`;
				210	const userConfig = { username, type: 'jams', accounts: accountId };
				211	const newUser = user(id, userConfig);
				212	console.log('AccountId: ' + accountId);
				213	tempAccounts[accountId] = { done, newUser };
				214	});
				215	jamsStrategy.name = 'jams';
				216
				217	const localStrategy = new LocalStrategy((username, password, done) => {
				218	console.log('localStrategy: ' + username + ' ' + password);
				219
				220	const id = username;
				221	const userConfig = appConfig.users[username];
				222	if (!userConfig) {
				223	return done(null, false, { message: 'Incorrect username.' });
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	224	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	225	if (userConfig.password !== password) {
				226	return done(null, false, { message: 'Incorrect password.' });
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	227	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	228	userConfig.type = 'local';
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	229
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	230	done(null, user(id, userConfig));
				231	});
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	232
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	233	passport.use(jamsStrategy);
				234	passport.use(localStrategy);
				235
				236	const secured = (req: Request, res: Response, next: NextFunction) => {
				237	if (req.user) {
				238	return next();
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	239	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	240	res.status(401).end();
				241	};
				242	const securedRedirect = (req: Request, res: Response, next: NextFunction) => {
				243	if (req.user && (req.user as any)?.accountId) {
				244	return next();
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	245	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	246	(req.session as any).returnTo = req.originalUrl;
				247	res.redirect('/login');
				248	};
				249
				250	app.use(express.json());
				251	app.post('/setup', (req, res) => {
				252	if (isSetupComplete()) {
				253	return res.status(404).end();
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	254	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	255	if (!req.body.password) {
				256	return res.status(400).end();
Adrien Béraud	e5cad98	2021-06-07 10:05:50 -0400	[diff] [blame]	257	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	258	console.log(req.body);
				259	appConfig.users.admin = {
				260	accounts: '*',
				261	password: req.body.password,
				262	};
				263	res.status(200).end();
				264	saveConfig(configPath, appConfig);
				265	});
				266	app.post('/auth/jams', passport.authenticate('jams'), (req, res) => {
				267	res.json({ loggedin: true });
				268	});
				269	app.post('/auth/local', passport.authenticate('local'), (req, res) => {
				270	res.json({ loggedin: true, user: (req.user as any)?.id });
				271	});
Adrien Béraud	e5cad98	2021-06-07 10:05:50 -0400	[diff] [blame]	272
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	273	const getState = (req: Request) => {
				274	if (req.user) {
				275	const user = (req.user \|\| {}) as UserConfig;
				276	return { loggedin: true, username: user.username, type: user.type };
				277	} else if (isSetupComplete()) {
				278	return {};
				279	} else {
				280	return { setupComplete: false };
				281	}
				282	};
idillon	452e210	2022-09-16 13:23:28 -0400	[diff] [blame]	283
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	284	// sentrySetUp(app);
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	285
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	286	app.get('/auth', (req, res) => {
				287	const state = getState(req);
				288	if (req.user) {
				289	res.json(state);
				290	} else {
				291	res.status(401).json(state);
				292	}
				293	});
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	294
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	295	app.use('/api', secured, apiRouter);
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	296
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	297	app.use('/', indexRouter);
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	298
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	299	/* GET React App */
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	300
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	301	const cwd = process.cwd();
				302	app.use(express.static(path.join(cwd, 'client/dist')));
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	303
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	304	app.use((req, res) => {
				305	res.render(path.join(cwd, 'client/dist/index.ejs'), {
				306	initdata: JSON.stringify(getState(req)),
				307	});
				308	});
idillon	452e210	2022-09-16 13:23:28 -0400	[diff] [blame]	309
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	310	// @ts-ignore TODO: Fix the typescript error
				311	const server = http.Server(app);
Adrien Béraud	4e287b9	2021-04-24 16:15:56 -0400	[diff] [blame]	312
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	313	const io = new Server(server, { cors: corsOptions });
				314	const wrap = (middleware: any) => (socket: Socket, next: (err?: ExtendedError) => void) =>
				315	middleware(socket.request, {}, next);
				316	io.use(wrap(sessionMiddleware));
				317	io.use(wrap(passport.initialize()));
				318	io.use(wrap(passport.session()));
				319	io.use((socket, next) => {
				320	if ((socket.request as any).user) {
				321	next();
				322	} else {
				323	next(new Error('unauthorized'));
				324	}
				325	});
				326	io.on('connect', (socket) => {
				327	console.log(`new connection ${socket.id}`);
				328	const session = (socket.request as any).session;
				329	console.log(`saving sid ${socket.id} in session ${session.id}`);
				330	session.socketId = socket.id;
				331	session.save();
Adrien Béraud	abba2e5	2021-04-24 21:39:56 -0400	[diff] [blame]	332
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	333	socket.on('conversation', (data) => {
				334	console.log('io conversation');
				335	console.log(data);
				336	if (session.conversation) {
				337	console.log(`disconnect from old conversation ${session.conversation.conversationId}`);
				338	const conversation = jami.getConversation(session.conversation.accountId, session.conversation.conversationId);
				339	delete conversation.listeners[socket.id];
				340	}
				341	session.conversation = { accountId: data.accountId, conversationId: data.conversationId };
				342	const conversation = jami.getConversation(data.accountId, data.conversationId);
				343	if (!conversation.listeners) conversation.listeners = {};
				344	conversation.listeners[socket.id] = {
				345	socket,
				346	session,
				347	};
				348	session.save();
				349	});
				350	});
Adrien Béraud	4e287b9	2021-04-24 16:15:56 -0400	[diff] [blame]	351
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	352	return server;
				353	};
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	354
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	355	loadConfig(configPath)
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	356	.then(createServer)
				357	.then((server) => {
				358	server.listen(3000);
				359	});