Blame - app.ts - jami-web

blob: bfa7c6dbfb8749fff3078ec9386a81b592f71673 [file] [log] [blame]

simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	1	'use strict';
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	2
simon	07b4eb0	2022-09-29 17:50:26 -0400	[diff] [blame]	3	import cors from 'cors';
				4	import express, { NextFunction, Request, Response } from 'express';
				5	import session from 'express-session';
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	6	import { promises as fs } from 'fs';
				7	import http from 'http';
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	8	import passport from 'passport';
				9	import { Strategy as LocalStrategy } from 'passport-local';
simon	07b4eb0	2022-09-29 17:50:26 -0400	[diff] [blame]	10	import path from 'path';
				11	import { Server, Socket } from 'socket.io';
				12	import { ExtendedError } from 'socket.io/dist/namespace';
				13
				14	import JamiDaemon from './JamiDaemon.js';
				15	import Account from './model/Account';
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	16	//import { createRequire } from 'module';
				17	//const require = createRequire(import.meta.url);
Adrien Béraud	947e879	2021-04-15 18:32:44 -0400	[diff] [blame]	18	//const redis = require('redis-url').connect()
				19	//const RedisStore = require('connect-redis')(session)
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	20	/const passportSocketIo = require('passport.socketio')/
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	21	import indexRouter from './routes/index.js';
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	22	import JamiRestApi from './routes/jami.js';
idillon	8e6c006	2022-09-16 13:34:43 -0400	[diff] [blame]	23	// import { sentrySetUp } from './sentry.js'
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	24
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	25	const configPath = 'jamiServerConfig.json';
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	26
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	27	//const sessionStore = new RedisStore({ client: redis })
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	28	const sessionStore = new session.MemoryStore();
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	29
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	30	interface UserConfig {
				31	accounts: string;
				32	password?: string;
				33	username?: string;
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	34	type?: string;
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	35	}
				36
				37	interface AppConfig {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	38	users: Record<string, UserConfig>;
				39	authMethods: any[];
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	40	}
				41
				42	const loadConfig = async (filePath: string): Promise<AppConfig> => {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	43	const config = { users: {}, authMethods: [] };
				44	try {
				45	return Object.assign(config, JSON.parse((await fs.readFile(filePath)).toString()));
				46	} catch (e) {
				47	console.log(e);
				48	return config;
				49	}
				50	};
Adrien Béraud	824a713	2021-04-17 17:25:27 -0400	[diff] [blame]	51
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	52	const saveConfig = (filePath: string, config: AppConfig) => {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	53	return fs.writeFile(filePath, JSON.stringify(config));
				54	};
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	55
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	56	/*
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	57	Share sessions between Passport.js and Socket.io
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	58	*/
				59
				60	function logSuccess() {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	61	console.log('passportSocketIo authorized user with Success 😁');
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	62	}
				63
				64	function logFail() {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	65	console.log('passportSocketIo failed to authorized user 👺');
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	66	}
				67
				68	/*
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	69
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	70	tempAccounts holds users accounts while tempting to authenticate them on Jams.
				71	connectedUsers holds users accounts after they got authenticated by Jams.
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	72
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	73	Users should be removed from connectedUsers when receiving a disconnect
				74	web socket call
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	75
				76	*/
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	77	const tempAccounts: Record<string, any> = {};
				78	const connectedUsers: Record<string, any> = {};
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	79
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	80	const createServer = async (appConfig: AppConfig) => {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	81	const node_env = process.env.NODE_ENV \|\| 'development';
				82	const app = express();
				83	console.log(`Loading server for ${node_env} with config:`);
				84	console.log(appConfig);
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	85
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	86	const corsOptions = {
				87	origin: 'http://127.0.0.1:3000',
				88	};
Adrien Béraud	4e287b9	2021-04-24 16:15:56 -0400	[diff] [blame]	89
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	90	if (node_env === 'development') {
				91	const webpack = await import('webpack');
				92	const webpackDev = await import('webpack-dev-middleware');
				93	const webpackHot = await import('webpack-hot-middleware');
				94	const { default: webpackConfig } = await import('jami-web-client/webpack.config.js');
simon	c7d5245	2022-09-23 02:09:42 -0400	[diff] [blame]	95
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	96	const compiler = webpack.default(webpackConfig);
				97	app.use(
				98	webpackDev.default(compiler, {
				99	publicPath: webpackConfig.output?.publicPath,
				100	})
				101	);
				102	app.use(webpackHot.default(compiler));
				103	}
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	104
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	105	/*
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	106	Configuation for Passeport Js
				107	*/
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	108	app.disable('x-powered-by');
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	109
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	110	const secret_key = process.env.SECRET_KEY_BASE;
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	111
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	112	if (!secret_key) {
				113	throw new Error('SECRET_KEY_BASE undefined');
				114	}
				115
				116	const sessionMiddleware = session({
				117	store: sessionStore,
				118	resave: false,
				119	saveUninitialized: true,
				120	cookie: {
				121	secure: false, //!development,
				122	maxAge: 2419200000,
				123	},
				124	secret: secret_key,
				125	});
				126
				127	app.use(sessionMiddleware);
				128	app.use(passport.initialize());
				129	app.use(passport.session());
				130	// app.use(app.router)
				131	app.use(cors(corsOptions));
				132
				133	const jami = new JamiDaemon((account: Account, conversation: any, message: any) => {
				134	console.log('JamiDaemon onMessage');
				135
				136	if (conversation.listeners) {
				137	Object.values(conversation.listeners).forEach((listener: any) => {
				138	listener.socket.emit('newMessage', message);
				139	});
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	140	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	141	});
				142	const apiRouter = new JamiRestApi(jami).getRouter();
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	143
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	144	/*
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	145	io.use(passportSocketIo.authorize({
				146	key: 'connect.sid',
				147	secret: process.env.SECRET_KEY_BASE,
				148	store: sessionStore,
				149	passport: passport,
				150	cookieParser: cookieParser,
				151	//success: logSuccess(),
				152	// fail: logFail(),
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	153	}))
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	154	*/
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	155
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	156	const isSetupComplete = () => {
				157	return 'admin' in appConfig.users;
				158	};
				159
				160	const accountFilter = (filter: string \| any[]) => {
				161	if (typeof filter === 'string') {
				162	if (filter === '*') return undefined;
				163	else return (account: Account) => account.getId() === filter;
				164	} else if (Array.isArray(filter)) {
				165	return (account: Account) => filter.includes(account.getId());
				166	} else {
				167	throw new Error('Invalid account filter string');
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	168	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	169	};
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	170
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	171	const user = (id: string, config: UserConfig) => {
				172	return {
				173	id,
				174	config,
				175	username: config.username \|\| id,
				176	accountFilter: accountFilter(config.accounts),
				177	};
				178	};
				179
				180	passport.serializeUser((user: any, done) => {
				181	connectedUsers[user.id] = user.config;
				182	console.log('=============================SerializeUser called ' + user.id);
				183	console.log(user);
				184	done(null, user.id);
				185	});
				186
				187	const deserializeUser = (id: string, done: (err: any, user?: Express.User \| false \| null) => void) => {
				188	console.log('=============================DeserializeUser called on: ' + id);
				189	const userConfig = connectedUsers[id];
				190	console.log(userConfig);
				191	if (userConfig) {
				192	done(null, user(id, userConfig));
				193	} else done(404, null);
				194	};
				195	passport.deserializeUser(deserializeUser);
				196
				197	const jamsStrategy = new LocalStrategy(async (username, password, done) => {
				198	const accountId = await jami.addAccount({
				199	managerUri: 'https://jams.savoirfairelinux.com',
				200	managerUsername: username,
				201	archivePassword: password,
				202	});
				203	const id = `jams_${username}`;
				204	const userConfig = { username, type: 'jams', accounts: accountId };
				205	const newUser = user(id, userConfig);
				206	console.log('AccountId: ' + accountId);
				207	tempAccounts[accountId] = { done, newUser };
				208	});
				209	jamsStrategy.name = 'jams';
				210
				211	const localStrategy = new LocalStrategy((username, password, done) => {
				212	console.log('localStrategy: ' + username + ' ' + password);
				213
				214	const id = username;
				215	const userConfig = appConfig.users[username];
				216	if (!userConfig) {
				217	return done(null, false, { message: 'Incorrect username.' });
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	218	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	219	if (userConfig.password !== password) {
				220	return done(null, false, { message: 'Incorrect password.' });
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	221	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	222	userConfig.type = 'local';
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	223
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	224	done(null, user(id, userConfig));
				225	});
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	226
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	227	passport.use(jamsStrategy);
				228	passport.use(localStrategy);
				229
				230	const secured = (req: Request, res: Response, next: NextFunction) => {
				231	if (req.user) {
				232	return next();
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	233	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	234	res.status(401).end();
				235	};
				236	const securedRedirect = (req: Request, res: Response, next: NextFunction) => {
				237	if (req.user && (req.user as any)?.accountId) {
				238	return next();
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	239	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	240	(req.session as any).returnTo = req.originalUrl;
				241	res.redirect('/login');
				242	};
				243
				244	app.use(express.json());
				245	app.post('/setup', (req, res) => {
				246	if (isSetupComplete()) {
				247	return res.status(404).end();
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	248	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	249	if (!req.body.password) {
				250	return res.status(400).end();
Adrien Béraud	e5cad98	2021-06-07 10:05:50 -0400	[diff] [blame]	251	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	252	console.log(req.body);
				253	appConfig.users.admin = {
				254	accounts: '*',
				255	password: req.body.password,
				256	};
				257	res.status(200).end();
				258	saveConfig(configPath, appConfig);
				259	});
				260	app.post('/auth/jams', passport.authenticate('jams'), (req, res) => {
				261	res.json({ loggedin: true });
				262	});
				263	app.post('/auth/local', passport.authenticate('local'), (req, res) => {
				264	res.json({ loggedin: true, user: (req.user as any)?.id });
				265	});
Adrien Béraud	e5cad98	2021-06-07 10:05:50 -0400	[diff] [blame]	266
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	267	const getState = (req: Request) => {
				268	if (req.user) {
				269	const user = (req.user \|\| {}) as UserConfig;
				270	return { loggedin: true, username: user.username, type: user.type };
				271	} else if (isSetupComplete()) {
				272	return {};
				273	} else {
				274	return { setupComplete: false };
				275	}
				276	};
idillon	452e210	2022-09-16 13:23:28 -0400	[diff] [blame]	277
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	278	// sentrySetUp(app);
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	279
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	280	app.get('/auth', (req, res) => {
				281	const state = getState(req);
				282	if (req.user) {
				283	res.json(state);
				284	} else {
				285	res.status(401).json(state);
				286	}
				287	});
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	288
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	289	app.use('/api', secured, apiRouter);
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	290
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	291	app.use('/', indexRouter);
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	292
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	293	/* GET React App */
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	294
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	295	const cwd = process.cwd();
				296	app.use(express.static(path.join(cwd, 'client/dist')));
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	297
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	298	app.use((req, res) => {
				299	res.render(path.join(cwd, 'client/dist/index.ejs'), {
				300	initdata: JSON.stringify(getState(req)),
				301	});
				302	});
idillon	452e210	2022-09-16 13:23:28 -0400	[diff] [blame]	303
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	304	// @ts-ignore TODO: Fix the typescript error
				305	const server = http.Server(app);
Adrien Béraud	4e287b9	2021-04-24 16:15:56 -0400	[diff] [blame]	306
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	307	const io = new Server(server, { cors: corsOptions });
				308	const wrap = (middleware: any) => (socket: Socket, next: (err?: ExtendedError) => void) =>
				309	middleware(socket.request, {}, next);
				310	io.use(wrap(sessionMiddleware));
				311	io.use(wrap(passport.initialize()));
				312	io.use(wrap(passport.session()));
				313	io.use((socket, next) => {
				314	if ((socket.request as any).user) {
				315	next();
				316	} else {
				317	next(new Error('unauthorized'));
				318	}
				319	});
				320	io.on('connect', (socket) => {
				321	console.log(`new connection ${socket.id}`);
				322	const session = (socket.request as any).session;
				323	console.log(`saving sid ${socket.id} in session ${session.id}`);
				324	session.socketId = socket.id;
				325	session.save();
Adrien Béraud	abba2e5	2021-04-24 21:39:56 -0400	[diff] [blame]	326
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	327	socket.on('conversation', (data) => {
				328	console.log('io conversation');
				329	console.log(data);
				330	if (session.conversation) {
				331	console.log(`disconnect from old conversation ${session.conversation.conversationId}`);
				332	const conversation = jami.getConversation(session.conversation.accountId, session.conversation.conversationId);
				333	delete conversation.listeners[socket.id];
				334	}
				335	session.conversation = { accountId: data.accountId, conversationId: data.conversationId };
				336	const conversation = jami.getConversation(data.accountId, data.conversationId);
				337	if (!conversation.listeners) conversation.listeners = {};
				338	conversation.listeners[socket.id] = {
				339	socket,
				340	session,
				341	};
				342	session.save();
				343	});
				344	});
Adrien Béraud	4e287b9	2021-04-24 16:15:56 -0400	[diff] [blame]	345
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	346	return server;
				347	};
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	348
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	349	loadConfig(configPath)
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	350	.then(createServer)
				351	.then((server) => {
				352	server.listen(3000);
				353	});