229 lines
7.6 KiB
TypeScript
Raw Normal View History

import type { RegisterServerOptions } from '@peertube/peertube-types'
2021-04-29 18:31:48 +02:00
import type { Router, Request, Response, NextFunction } from 'express'
import { videoHasWebchat } from '../../../shared/lib/video'
2021-05-03 20:06:36 +02:00
import { asyncMiddleware } from '../middlewares/async'
2021-05-05 17:06:19 +02:00
import { getCheckAPIKeyMiddleware } from '../middlewares/apikey'
import { prosodyCheckUserPassword, prosodyRegisterUser, prosodyUserRegistered } from '../prosody/auth'
import { getUserNickname } from '../helpers'
import { Affiliations, getVideoAffiliations, getChannelAffiliations } from '../prosody/config/affiliations'
import { getProsodyDomain } from '../prosody/config/domain'
import { fillVideoCustomFields } from '../custom-fields'
import { getChannelInfosById } from '../database/channel'
2021-04-29 18:31:48 +02:00
// See here for description: https://modules.prosody.im/mod_muc_http_defaults.html
interface RoomDefaults {
2021-05-01 10:22:06 +02:00
config: {
name: string
description: string
2021-05-02 14:35:58 +02:00
language?: string
persistent?: boolean
public?: boolean
members_only?: boolean
allow_member_invites?: boolean
public_jids?: boolean
2021-05-01 10:22:06 +02:00
subject: string
2021-05-02 14:35:58 +02:00
changesubject?: boolean
// historylength: number
moderated?: boolean
archiving?: boolean
2021-05-01 10:22:06 +02:00
}
affiliations?: Affiliations
2021-04-29 18:31:48 +02:00
}
async function initApiRouter (options: RegisterServerOptions): Promise<Router> {
const { peertubeHelpers, getRouter } = options
const router = getRouter()
const logger = peertubeHelpers.logger
router.get('/test', asyncMiddleware([
getCheckAPIKeyMiddleware(options),
async (req: Request, res: Response, _next: NextFunction) => {
logger.info('Test api call')
res.json({ ok: true })
}
]))
2021-05-05 17:06:19 +02:00
router.get('/room', asyncMiddleware([
getCheckAPIKeyMiddleware(options),
2021-05-03 20:06:36 +02:00
async (req: Request, res: Response, _next: NextFunction) => {
2021-04-30 18:03:12 +02:00
const jid: string = req.query.jid as string || ''
logger.info(`Requesting room information for room '${jid}'.`)
const settings = await options.settingsManager.getSettings([
'prosody-room-type'
])
// Now, we have two different room type: per video or per channel.
if (settings['prosody-room-type'] === 'channel') {
const matches = jid.match(/^channel\.(\d+)$/)
if (!matches || !matches[1]) {
logger.warn(`Invalid channel room jid '${jid}'.`)
res.sendStatus(403)
return
}
const channelId = parseInt(matches[1])
const channelInfos = await getChannelInfosById(options, channelId)
if (!channelInfos) {
logger.warn(`Channel ${channelId} not found`)
res.sendStatus(403)
return
}
2021-04-30 18:03:12 +02:00
let affiliations: Affiliations
try {
affiliations = await getChannelAffiliations(options, channelId)
} catch (error) {
logger.error(`Failed to get channel affiliations for ${channelId}:`, error)
// affiliations: should at least be {}, so that the first user will not be moderator/admin
affiliations = {}
}
const roomDefaults: RoomDefaults = {
config: {
name: channelInfos.displayName,
description: '',
subject: channelInfos.displayName
},
affiliations: affiliations
}
res.json(roomDefaults)
} else {
const video = await peertubeHelpers.videos.loadByIdOrUUID(jid)
if (!video) {
logger.warn(`Video ${jid} not found`)
res.sendStatus(403)
return
}
// Adding the custom fields:
await fillVideoCustomFields(options, video)
// check settings (chat enabled for this video?)
const settings = await options.settingsManager.getSettings([
'chat-per-live-video',
'chat-all-lives',
'chat-all-non-lives',
'chat-videos-list'
])
if (!videoHasWebchat({
'chat-per-live-video': !!settings['chat-per-live-video'],
'chat-all-lives': !!settings['chat-all-lives'],
'chat-all-non-lives': !!settings['chat-all-non-lives'],
'chat-videos-list': settings['chat-videos-list'] as string
}, video)) {
logger.warn(`Video ${jid} has not chat activated`)
res.sendStatus(403)
return
}
let affiliations: Affiliations
try {
affiliations = await getVideoAffiliations(options, video)
} catch (error) {
logger.error(`Failed to get video affiliations for ${video.uuid}:`, error)
// affiliations: should at least be {}, so that the first user will not be moderator/admin
affiliations = {}
}
const roomDefaults: RoomDefaults = {
config: {
name: video.name,
description: '',
language: video.language,
subject: video.name
},
affiliations: affiliations
}
res.json(roomDefaults)
2021-04-30 18:03:12 +02:00
}
2021-04-29 18:31:48 +02:00
}
2021-05-05 17:06:19 +02:00
]))
2021-04-29 18:31:48 +02:00
router.get('/auth', asyncMiddleware(
async (req: Request, res: Response, _next: NextFunction) => {
const user = await peertubeHelpers.user.getAuthUser(res)
if (!user) {
res.sendStatus(403)
return
}
if (user.blocked) {
res.sendStatus(403)
return
}
// NB 2021-08-05: Peertube usernames should be lowercase. But it seems that
// in some old installation, there can be uppercase letters in usernames.
// When Peertube checks username unicity, it does a lowercase search.
// So it feels safe to normalize usernames like so:
const normalizedUsername = user.username.toLowerCase()
const prosodyDomain = await getProsodyDomain(options)
const password: string = await prosodyRegisterUser(normalizedUsername)
const nickname: string | undefined = await getUserNickname(options, user)
res.status(200).json({
jid: normalizedUsername + '@' + prosodyDomain,
2021-05-04 16:33:32 +02:00
password: password,
nickname: nickname
})
}
))
2021-05-03 20:37:23 +02:00
router.post('/user/register', asyncMiddleware(
async (req: Request, res: Response, _next: NextFunction) => {
res.sendStatus(501)
}
))
router.get('/user/check_password', asyncMiddleware(
async (req: Request, res: Response, _next: NextFunction) => {
const prosodyDomain = await getProsodyDomain(options)
2021-05-03 20:37:23 +02:00
const user = req.query.user
const server = req.query.server
const pass = req.query.pass
if (server !== prosodyDomain) {
2021-05-03 20:37:23 +02:00
logger.warn(`Cannot call check_password on user on server ${server as string}.`)
res.status(200).send('false')
return
}
if (user && pass && await prosodyCheckUserPassword(user as string, pass as string)) {
2021-05-03 20:37:23 +02:00
res.status(200).send('true')
return
}
res.status(200).send('false')
}
))
router.get('/user/user_exists', asyncMiddleware(
async (req: Request, res: Response, _next: NextFunction) => {
const prosodyDomain = await getProsodyDomain(options)
2021-05-03 20:37:23 +02:00
const user = req.query.user
const server = req.query.server
if (server !== prosodyDomain) {
2021-05-03 20:37:23 +02:00
logger.warn(`Cannot call user_exists on user on server ${server as string}.`)
res.status(200).send('false')
return
}
if (user && await prosodyUserRegistered(user as string)) {
2021-05-03 20:37:23 +02:00
res.status(200).send('true')
return
2021-05-03 20:37:23 +02:00
}
res.status(200).send('false')
}
))
router.post('/user/set_password', asyncMiddleware(
async (req: Request, res: Response, _next: NextFunction) => {
res.sendStatus(501)
}
))
router.post('/user/remove_user', asyncMiddleware(
async (req: Request, res: Response, _next: NextFunction) => {
res.sendStatus(501)
}
))
2021-04-29 18:31:48 +02:00
return router
}
export {
initApiRouter
}