Blame - app.ts - jami-web

blob: 42e81a8708ee91f7c50675f5f6b59216ca4f543c [file] [log] [blame]

simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	1	'use strict';
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	2
simon	7e00d61	2022-10-01 20:06:53 -0400	[diff] [blame]	3	import dotenv from 'dotenv';
				4	const node_env = process.env.NODE_ENV \|\| 'development';
				5	dotenv.config({ path: `.env.${node_env}` });
				6
simon	07b4eb0	2022-09-29 17:50:26 -0400	[diff] [blame]	7	import cors from 'cors';
				8	import express, { NextFunction, Request, Response } from 'express';
				9	import session from 'express-session';
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	10	import { promises as fs } from 'fs';
				11	import http from 'http';
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	12	import passport from 'passport';
simon	06527b0	2022-10-01 15:01:47 -0400	[diff] [blame]	13	import { IVerifyOptions, Strategy as LocalStrategy } from 'passport-local';
simon	07b4eb0	2022-09-29 17:50:26 -0400	[diff] [blame]	14	import path from 'path';
				15	import { Server, Socket } from 'socket.io';
				16	import { ExtendedError } from 'socket.io/dist/namespace';
				17
simon	06527b0	2022-10-01 15:01:47 -0400	[diff] [blame]	18	import JamiDaemon from './JamiDaemon';
simon	07b4eb0	2022-09-29 17:50:26 -0400	[diff] [blame]	19	import Account from './model/Account';
simon	06527b0	2022-10-01 15:01:47 -0400	[diff] [blame]	20	import { Session } from './model/util';
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	21	//import { createRequire } from 'module';
				22	//const require = createRequire(import.meta.url);
Adrien Béraud	947e879	2021-04-15 18:32:44 -0400	[diff] [blame]	23	//const redis = require('redis-url').connect()
				24	//const RedisStore = require('connect-redis')(session)
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	25	/const passportSocketIo = require('passport.socketio')/
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	26	import indexRouter from './routes/index.js';
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	27	import JamiRestApi from './routes/jami.js';
idillon	8e6c006	2022-09-16 13:34:43 -0400	[diff] [blame]	28	// import { sentrySetUp } from './sentry.js'
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	29
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	30	const configPath = 'jamiServerConfig.json';
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	31
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	32	//const sessionStore = new RedisStore({ client: redis })
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	33	const sessionStore = new session.MemoryStore();
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	34
simon	06527b0	2022-10-01 15:01:47 -0400	[diff] [blame]	35	interface User {
				36	id: string;
				37	config: UserConfig;
				38	username: string;
				39	accountFilter?: (account: any) => boolean;
				40	}
				41
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	42	interface UserConfig {
simon	06527b0	2022-10-01 15:01:47 -0400	[diff] [blame]	43	accountId?: string;
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	44	accounts: string;
				45	password?: string;
				46	username?: string;
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	47	type?: string;
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	48	}
				49
				50	interface AppConfig {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	51	users: Record<string, UserConfig>;
simon	06527b0	2022-10-01 15:01:47 -0400	[diff] [blame]	52	authMethods: unknown[];
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	53	}
				54
				55	const loadConfig = async (filePath: string): Promise<AppConfig> => {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	56	const config = { users: {}, authMethods: [] };
				57	try {
				58	return Object.assign(config, JSON.parse((await fs.readFile(filePath)).toString()));
				59	} catch (e) {
				60	console.log(e);
				61	return config;
				62	}
				63	};
Adrien Béraud	824a713	2021-04-17 17:25:27 -0400	[diff] [blame]	64
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	65	const saveConfig = (filePath: string, config: AppConfig) => {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	66	return fs.writeFile(filePath, JSON.stringify(config));
				67	};
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	68
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	69	/*
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	70	Share sessions between Passport.js and Socket.io
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	71	*/
				72
				73	function logSuccess() {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	74	console.log('passportSocketIo authorized user with Success 😁');
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	75	}
				76
				77	function logFail() {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	78	console.log('passportSocketIo failed to authorized user 👺');
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	79	}
				80
				81	/*
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	82
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	83	tempAccounts holds users accounts while tempting to authenticate them on Jams.
				84	connectedUsers holds users accounts after they got authenticated by Jams.
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	85
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	86	Users should be removed from connectedUsers when receiving a disconnect
				87	web socket call
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	88
				89	*/
simon	06527b0	2022-10-01 15:01:47 -0400	[diff] [blame]	90	const tempAccounts: Record<
				91	string,
				92	{
				93	newUser: Express.User;
				94	done: (error: any, user?: any, options?: IVerifyOptions) => void;
				95	}
				96	> = {};
				97	const connectedUsers: Record<string, UserConfig> = {};
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	98
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	99	const createServer = async (appConfig: AppConfig) => {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	100	const app = express();
				101	console.log(`Loading server for ${node_env} with config:`);
				102	console.log(appConfig);
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	103
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	104	const corsOptions = {
				105	origin: 'http://127.0.0.1:3000',
				106	};
Adrien Béraud	4e287b9	2021-04-24 16:15:56 -0400	[diff] [blame]	107
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	108	if (node_env === 'development') {
				109	const webpack = await import('webpack');
				110	const webpackDev = await import('webpack-dev-middleware');
				111	const webpackHot = await import('webpack-hot-middleware');
				112	const { default: webpackConfig } = await import('jami-web-client/webpack.config.js');
simon	c7d5245	2022-09-23 02:09:42 -0400	[diff] [blame]	113
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	114	const compiler = webpack.default(webpackConfig);
				115	app.use(
				116	webpackDev.default(compiler, {
				117	publicPath: webpackConfig.output?.publicPath,
				118	})
				119	);
				120	app.use(webpackHot.default(compiler));
				121	}
Larbi Gharib	e9af973	2021-03-31 15:08:01 +0100	[diff] [blame]	122
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	123	/*
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	124	Configuation for Passeport Js
				125	*/
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	126	app.disable('x-powered-by');
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	127
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	128	const secret_key = process.env.SECRET_KEY_BASE;
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	129
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	130	if (!secret_key) {
				131	throw new Error('SECRET_KEY_BASE undefined');
				132	}
				133
				134	const sessionMiddleware = session({
				135	store: sessionStore,
				136	resave: false,
				137	saveUninitialized: true,
				138	cookie: {
				139	secure: false, //!development,
				140	maxAge: 2419200000,
				141	},
				142	secret: secret_key,
				143	});
				144
				145	app.use(sessionMiddleware);
				146	app.use(passport.initialize());
				147	app.use(passport.session());
				148	// app.use(app.router)
				149	app.use(cors(corsOptions));
				150
				151	const jami = new JamiDaemon((account: Account, conversation: any, message: any) => {
				152	console.log('JamiDaemon onMessage');
				153
				154	if (conversation.listeners) {
				155	Object.values(conversation.listeners).forEach((listener: any) => {
				156	listener.socket.emit('newMessage', message);
				157	});
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	158	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	159	});
				160	const apiRouter = new JamiRestApi(jami).getRouter();
simon	7a7b4d5	2022-09-23 02:09:42 -0400	[diff] [blame]	161
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	162	/*
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	163	io.use(passportSocketIo.authorize({
				164	key: 'connect.sid',
				165	secret: process.env.SECRET_KEY_BASE,
				166	store: sessionStore,
				167	passport: passport,
				168	cookieParser: cookieParser,
				169	//success: logSuccess(),
				170	// fail: logFail(),
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	171	}))
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	172	*/
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	173
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	174	const isSetupComplete = () => {
				175	return 'admin' in appConfig.users;
				176	};
				177
simon	06527b0	2022-10-01 15:01:47 -0400	[diff] [blame]	178	const accountFilter = (filter: string \| string[]) => {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	179	if (typeof filter === 'string') {
				180	if (filter === '*') return undefined;
				181	else return (account: Account) => account.getId() === filter;
				182	} else if (Array.isArray(filter)) {
				183	return (account: Account) => filter.includes(account.getId());
				184	} else {
				185	throw new Error('Invalid account filter string');
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	186	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	187	};
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	188
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	189	const user = (id: string, config: UserConfig) => {
				190	return {
				191	id,
				192	config,
				193	username: config.username \|\| id,
				194	accountFilter: accountFilter(config.accounts),
				195	};
				196	};
				197
				198	passport.serializeUser((user: any, done) => {
simon	06527b0	2022-10-01 15:01:47 -0400	[diff] [blame]	199	user = user as User;
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	200	connectedUsers[user.id] = user.config;
				201	console.log('=============================SerializeUser called ' + user.id);
				202	console.log(user);
				203	done(null, user.id);
				204	});
				205
				206	const deserializeUser = (id: string, done: (err: any, user?: Express.User \| false \| null) => void) => {
				207	console.log('=============================DeserializeUser called on: ' + id);
				208	const userConfig = connectedUsers[id];
				209	console.log(userConfig);
				210	if (userConfig) {
				211	done(null, user(id, userConfig));
				212	} else done(404, null);
				213	};
				214	passport.deserializeUser(deserializeUser);
				215
				216	const jamsStrategy = new LocalStrategy(async (username, password, done) => {
				217	const accountId = await jami.addAccount({
				218	managerUri: 'https://jams.savoirfairelinux.com',
				219	managerUsername: username,
				220	archivePassword: password,
				221	});
				222	const id = `jams_${username}`;
				223	const userConfig = { username, type: 'jams', accounts: accountId };
				224	const newUser = user(id, userConfig);
				225	console.log('AccountId: ' + accountId);
				226	tempAccounts[accountId] = { done, newUser };
				227	});
				228	jamsStrategy.name = 'jams';
				229
				230	const localStrategy = new LocalStrategy((username, password, done) => {
				231	console.log('localStrategy: ' + username + ' ' + password);
				232
				233	const id = username;
				234	const userConfig = appConfig.users[username];
				235	if (!userConfig) {
				236	return done(null, false, { message: 'Incorrect username.' });
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	237	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	238	if (userConfig.password !== password) {
				239	return done(null, false, { message: 'Incorrect password.' });
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	240	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	241	userConfig.type = 'local';
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	242
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	243	done(null, user(id, userConfig));
				244	});
Adrien Béraud	6ecaa40	2021-04-06 17:37:25 -0400	[diff] [blame]	245
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	246	passport.use(jamsStrategy);
				247	passport.use(localStrategy);
				248
				249	const secured = (req: Request, res: Response, next: NextFunction) => {
				250	if (req.user) {
				251	return next();
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	252	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	253	res.status(401).end();
				254	};
				255	const securedRedirect = (req: Request, res: Response, next: NextFunction) => {
simon	06527b0	2022-10-01 15:01:47 -0400	[diff] [blame]	256	const user = req.user as UserConfig \| undefined;
				257	if (user?.accountId) {
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	258	return next();
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	259	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	260	(req.session as any).returnTo = req.originalUrl;
				261	res.redirect('/login');
				262	};
				263
				264	app.use(express.json());
				265	app.post('/setup', (req, res) => {
				266	if (isSetupComplete()) {
				267	return res.status(404).end();
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	268	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	269	if (!req.body.password) {
				270	return res.status(400).end();
Adrien Béraud	e5cad98	2021-06-07 10:05:50 -0400	[diff] [blame]	271	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	272	console.log(req.body);
				273	appConfig.users.admin = {
				274	accounts: '*',
				275	password: req.body.password,
				276	};
				277	res.status(200).end();
				278	saveConfig(configPath, appConfig);
				279	});
				280	app.post('/auth/jams', passport.authenticate('jams'), (req, res) => {
				281	res.json({ loggedin: true });
				282	});
				283	app.post('/auth/local', passport.authenticate('local'), (req, res) => {
simon	06527b0	2022-10-01 15:01:47 -0400	[diff] [blame]	284	res.json({ loggedin: true, user: (req.user as User \| undefined)?.id });
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	285	});
Adrien Béraud	e5cad98	2021-06-07 10:05:50 -0400	[diff] [blame]	286
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	287	const getState = (req: Request) => {
				288	if (req.user) {
simon	06527b0	2022-10-01 15:01:47 -0400	[diff] [blame]	289	const user = req.user as UserConfig;
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	290	return { loggedin: true, username: user.username, type: user.type };
				291	} else if (isSetupComplete()) {
				292	return {};
				293	} else {
				294	return { setupComplete: false };
				295	}
				296	};
idillon	452e210	2022-09-16 13:23:28 -0400	[diff] [blame]	297
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	298	// sentrySetUp(app);
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	299
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	300	app.get('/auth', (req, res) => {
				301	const state = getState(req);
				302	if (req.user) {
				303	res.json(state);
				304	} else {
				305	res.status(401).json(state);
				306	}
				307	});
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	308
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	309	app.use('/api', secured, apiRouter);
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	310
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	311	app.use('/', indexRouter);
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	312
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	313	/* GET React App */
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	314
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	315	const cwd = process.cwd();
				316	app.use(express.static(path.join(cwd, 'client/dist')));
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	317
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	318	app.use((req, res) => {
				319	res.render(path.join(cwd, 'client/dist/index.ejs'), {
				320	initdata: JSON.stringify(getState(req)),
				321	});
				322	});
idillon	452e210	2022-09-16 13:23:28 -0400	[diff] [blame]	323
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	324	// @ts-ignore TODO: Fix the typescript error
				325	const server = http.Server(app);
Adrien Béraud	4e287b9	2021-04-24 16:15:56 -0400	[diff] [blame]	326
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	327	const io = new Server(server, { cors: corsOptions });
				328	const wrap = (middleware: any) => (socket: Socket, next: (err?: ExtendedError) => void) =>
				329	middleware(socket.request, {}, next);
				330	io.use(wrap(sessionMiddleware));
				331	io.use(wrap(passport.initialize()));
				332	io.use(wrap(passport.session()));
				333	io.use((socket, next) => {
				334	if ((socket.request as any).user) {
				335	next();
				336	} else {
				337	next(new Error('unauthorized'));
				338	}
				339	});
				340	io.on('connect', (socket) => {
				341	console.log(`new connection ${socket.id}`);
simon	06527b0	2022-10-01 15:01:47 -0400	[diff] [blame]	342	const session: Session = (socket.request as any).session;
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	343	console.log(`saving sid ${socket.id} in session ${session.id}`);
				344	session.socketId = socket.id;
				345	session.save();
Adrien Béraud	abba2e5	2021-04-24 21:39:56 -0400	[diff] [blame]	346
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	347	socket.on('conversation', (data) => {
				348	console.log('io conversation');
				349	console.log(data);
				350	if (session.conversation) {
				351	console.log(`disconnect from old conversation ${session.conversation.conversationId}`);
				352	const conversation = jami.getConversation(session.conversation.accountId, session.conversation.conversationId);
simon	06527b0	2022-10-01 15:01:47 -0400	[diff] [blame]	353	if (conversation) {
				354	delete conversation.listeners[socket.id];
				355	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	356	}
				357	session.conversation = { accountId: data.accountId, conversationId: data.conversationId };
				358	const conversation = jami.getConversation(data.accountId, data.conversationId);
simon	06527b0	2022-10-01 15:01:47 -0400	[diff] [blame]	359	if (conversation) {
				360	if (!conversation.listeners) {
				361	conversation.listeners = {};
				362	}
				363	conversation.listeners[socket.id] = {
				364	socket,
				365	session,
				366	};
				367	}
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	368	session.save();
				369	});
				370	});
Adrien Béraud	4e287b9	2021-04-24 16:15:56 -0400	[diff] [blame]	371
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	372	return server;
				373	};
Adrien Béraud	3b5d9a6	2021-04-17 18:40:27 -0400	[diff] [blame]	374
Adrien Béraud	e74741b	2021-04-19 13:22:54 -0400	[diff] [blame]	375	loadConfig(configPath)
simon	d47ef9e	2022-09-28 22:24:28 -0400	[diff] [blame]	376	.then(createServer)
				377	.then((server) => {
				378	server.listen(3000);
				379	});