diff options
Diffstat (limited to 'packages/backend/src/server/web/ClientServerService.ts')
| -rw-r--r-- | packages/backend/src/server/web/ClientServerService.ts | 656 |
1 files changed, 656 insertions, 0 deletions
diff --git a/packages/backend/src/server/web/ClientServerService.ts b/packages/backend/src/server/web/ClientServerService.ts new file mode 100644 index 0000000000..2a764a25b0 --- /dev/null +++ b/packages/backend/src/server/web/ClientServerService.ts @@ -0,0 +1,656 @@ +import { dirname } from 'node:path'; +import { fileURLToPath } from 'node:url'; +import { Inject, Injectable } from '@nestjs/common'; +import { createBullBoard } from '@bull-board/api'; +import { BullAdapter } from '@bull-board/api/bullAdapter.js'; +import { FastifyAdapter } from '@bull-board/fastify'; +import ms from 'ms'; +import sharp from 'sharp'; +import pug from 'pug'; +import { In, IsNull } from 'typeorm'; +import fastifyStatic from '@fastify/static'; +import fastifyView from '@fastify/view'; +import fastifyCookie from '@fastify/cookie'; +import fastifyProxy from '@fastify/http-proxy'; +import vary from 'vary'; +import type { Config } from '@/config.js'; +import { getNoteSummary } from '@/misc/get-note-summary.js'; +import { DI } from '@/di-symbols.js'; +import * as Acct from '@/misc/acct.js'; +import { MetaService } from '@/core/MetaService.js'; +import type { DbQueue, DeliverQueue, EndedPollNotificationQueue, InboxQueue, ObjectStorageQueue, SystemQueue, WebhookDeliverQueue } from '@/core/QueueModule.js'; +import { UserEntityService } from '@/core/entities/UserEntityService.js'; +import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; +import { PageEntityService } from '@/core/entities/PageEntityService.js'; +import { GalleryPostEntityService } from '@/core/entities/GalleryPostEntityService.js'; +import { ClipEntityService } from '@/core/entities/ClipEntityService.js'; +import { ChannelEntityService } from '@/core/entities/ChannelEntityService.js'; +import type { ChannelsRepository, ClipsRepository, EmojisRepository, FlashsRepository, GalleryPostsRepository, NotesRepository, PagesRepository, UserProfilesRepository, UsersRepository } from '@/models/index.js'; +import { deepClone } from '@/misc/clone.js'; +import { bindThis } from '@/decorators.js'; +import { FlashEntityService } from '@/core/entities/FlashEntityService.js'; +import { RoleService } from '@/core/RoleService.js'; +import manifest from './manifest.json' assert { type: 'json' }; +import { FeedService } from './FeedService.js'; +import { UrlPreviewService } from './UrlPreviewService.js'; +import type { FastifyInstance, FastifyPluginOptions, FastifyReply } from 'fastify'; + +const _filename = fileURLToPath(import.meta.url); +const _dirname = dirname(_filename); + +const staticAssets = `${_dirname}/../../../assets/`; +const clientAssets = `${_dirname}/../../../../frontend/assets/`; +const assets = `${_dirname}/../../../../../built/_frontend_dist_/`; +const swAssets = `${_dirname}/../../../../../built/_sw_dist_/`; +const viteOut = `${_dirname}/../../../../../built/_vite_/`; + +@Injectable() +export class ClientServerService { + constructor( + @Inject(DI.config) + private config: Config, + + @Inject(DI.usersRepository) + private usersRepository: UsersRepository, + + @Inject(DI.userProfilesRepository) + private userProfilesRepository: UserProfilesRepository, + + @Inject(DI.notesRepository) + private notesRepository: NotesRepository, + + @Inject(DI.galleryPostsRepository) + private galleryPostsRepository: GalleryPostsRepository, + + @Inject(DI.channelsRepository) + private channelsRepository: ChannelsRepository, + + @Inject(DI.clipsRepository) + private clipsRepository: ClipsRepository, + + @Inject(DI.pagesRepository) + private pagesRepository: PagesRepository, + + @Inject(DI.flashsRepository) + private flashsRepository: FlashsRepository, + + private flashEntityService: FlashEntityService, + private userEntityService: UserEntityService, + private noteEntityService: NoteEntityService, + private pageEntityService: PageEntityService, + private galleryPostEntityService: GalleryPostEntityService, + private clipEntityService: ClipEntityService, + private channelEntityService: ChannelEntityService, + private metaService: MetaService, + private urlPreviewService: UrlPreviewService, + private feedService: FeedService, + private roleService: RoleService, + + @Inject('queue:system') public systemQueue: SystemQueue, + @Inject('queue:endedPollNotification') public endedPollNotificationQueue: EndedPollNotificationQueue, + @Inject('queue:deliver') public deliverQueue: DeliverQueue, + @Inject('queue:inbox') public inboxQueue: InboxQueue, + @Inject('queue:db') public dbQueue: DbQueue, + @Inject('queue:objectStorage') public objectStorageQueue: ObjectStorageQueue, + @Inject('queue:webhookDeliver') public webhookDeliverQueue: WebhookDeliverQueue, + ) { + //this.createServer = this.createServer.bind(this); + } + + @bindThis + private async manifestHandler(reply: FastifyReply) { + const res = deepClone(manifest); + + const instance = await this.metaService.fetch(true); + + res.short_name = instance.name ?? 'Misskey'; + res.name = instance.name ?? 'Misskey'; + if (instance.themeColor) res.theme_color = instance.themeColor; + + reply.header('Cache-Control', 'max-age=300'); + return (res); + } + + @bindThis + public createServer(fastify: FastifyInstance, options: FastifyPluginOptions, done: (err?: Error) => void) { + fastify.register(fastifyCookie, {}); + + //#region Bull Dashboard + const bullBoardPath = '/queue'; + + // Authenticate + fastify.addHook('onRequest', async (request, reply) => { + if (request.url === bullBoardPath || request.url.startsWith(bullBoardPath + '/')) { + const token = request.cookies.token; + if (token == null) { + reply.code(401); + throw new Error('login required'); + } + const user = await this.usersRepository.findOneBy({ token }); + if (user == null) { + reply.code(403); + throw new Error('no such user'); + } + const isAdministrator = await this.roleService.isAdministrator(user); + if (!isAdministrator) { + reply.code(403); + throw new Error('access denied'); + } + } + }); + + const serverAdapter = new FastifyAdapter(); + + createBullBoard({ + queues: [ + this.systemQueue, + this.endedPollNotificationQueue, + this.deliverQueue, + this.inboxQueue, + this.dbQueue, + this.objectStorageQueue, + this.webhookDeliverQueue, + ].map(q => new BullAdapter(q)), + serverAdapter, + }); + + serverAdapter.setBasePath(bullBoardPath); + fastify.register(serverAdapter.registerPlugin(), { prefix: bullBoardPath }); + //#endregion + + fastify.register(fastifyView, { + root: _dirname + '/views', + engine: { + pug: pug, + }, + defaultContext: { + version: this.config.version, + config: this.config, + }, + }); + + fastify.addHook('onRequest', (request, reply, done) => { + // クリックジャッキング防止のためiFrameの中に入れられないようにする + reply.header('X-Frame-Options', 'DENY'); + done(); + }); + + //#region vite assets + if (this.config.clientManifestExists) { + fastify.register(fastifyStatic, { + root: viteOut, + prefix: '/vite/', + maxAge: ms('30 days'), + decorateReply: false, + }); + } else { + fastify.register(fastifyProxy, { + upstream: 'http://localhost:5173', // TODO: port configuration + prefix: '/vite', + rewritePrefix: '/vite', + }); + } + //#endregion + + //#region static assets + + fastify.register(fastifyStatic, { + root: _dirname, + serve: false, + }); + + fastify.register(fastifyStatic, { + root: staticAssets, + prefix: '/static-assets/', + maxAge: ms('7 days'), + decorateReply: false, + }); + + fastify.register(fastifyStatic, { + root: clientAssets, + prefix: '/client-assets/', + maxAge: ms('7 days'), + decorateReply: false, + }); + + fastify.register(fastifyStatic, { + root: assets, + prefix: '/assets/', + maxAge: ms('7 days'), + decorateReply: false, + }); + + fastify.get('/favicon.ico', async (request, reply) => { + return reply.sendFile('/favicon.ico', staticAssets); + }); + + fastify.get('/apple-touch-icon.png', async (request, reply) => { + return reply.sendFile('/apple-touch-icon.png', staticAssets); + }); + + fastify.get<{ Params: { path: string } }>('/fluent-emoji/:path(.*)', async (request, reply) => { + const path = request.params.path; + + if (!path.match(/^[0-9a-f-]+\.png$/)) { + reply.code(404); + return; + } + + reply.header('Content-Security-Policy', 'default-src \'none\'; style-src \'unsafe-inline\''); + + return await reply.sendFile(path, `${_dirname}/../../../../../fluent-emojis/dist/`, { + maxAge: ms('30 days'), + }); + }); + + fastify.get<{ Params: { path: string } }>('/twemoji/:path(.*)', async (request, reply) => { + const path = request.params.path; + + if (!path.match(/^[0-9a-f-]+\.svg$/)) { + reply.code(404); + return; + } + + reply.header('Content-Security-Policy', 'default-src \'none\'; style-src \'unsafe-inline\''); + + return await reply.sendFile(path, `${_dirname}/../../../node_modules/@discordapp/twemoji/dist/svg/`, { + maxAge: ms('30 days'), + }); + }); + + fastify.get<{ Params: { path: string } }>('/twemoji-badge/:path(.*)', async (request, reply) => { + const path = request.params.path; + + if (!path.match(/^[0-9a-f-]+\.png$/)) { + reply.code(404); + return; + } + + const mask = await sharp( + `${_dirname}/../../../node_modules/@discordapp/twemoji/dist/svg/${path.replace('.png', '')}.svg`, + { density: 1000 }, + ) + .resize(488, 488) + .greyscale() + .normalise() + .linear(1.75, -(128 * 1.75) + 128) // 1.75x contrast + .flatten({ background: '#000' }) + .extend({ + top: 12, + bottom: 12, + left: 12, + right: 12, + background: '#000', + }) + .toColorspace('b-w') + .png() + .toBuffer(); + + const buffer = await sharp({ + create: { width: 512, height: 512, channels: 4, background: { r: 0, g: 0, b: 0, alpha: 0 } }, + }) + .pipelineColorspace('b-w') + .boolean(mask, 'eor') + .resize(96, 96) + .png() + .toBuffer(); + + reply.header('Content-Security-Policy', 'default-src \'none\'; style-src \'unsafe-inline\''); + reply.header('Cache-Control', 'max-age=2592000'); + reply.header('Content-Type', 'image/png'); + return buffer; + }); + + // ServiceWorker + fastify.get('/sw.js', async (request, reply) => { + return await reply.sendFile('/sw.js', swAssets, { + maxAge: ms('10 minutes'), + }); + }); + + // Manifest + fastify.get('/manifest.json', async (request, reply) => await this.manifestHandler(reply)); + + fastify.get('/robots.txt', async (request, reply) => { + return await reply.sendFile('/robots.txt', staticAssets); + }); + + // OpenSearch XML + fastify.get('/opensearch.xml', async (request, reply) => { + const meta = await this.metaService.fetch(); + + const name = meta.name ?? 'Misskey'; + let content = ''; + content += '<OpenSearchDescription xmlns="http://a9.com/-/spec/opensearch/1.1/" xmlns:moz="http://www.mozilla.org/2006/browser/search/">'; + content += `<ShortName>${name}</ShortName>`; + content += `<Description>${name} Search</Description>`; + content += '<InputEncoding>UTF-8</InputEncoding>'; + content += `<Image width="16" height="16" type="image/x-icon">${this.config.url}/favicon.ico</Image>`; + content += `<Url type="text/html" template="${this.config.url}/search?q={searchTerms}"/>`; + content += '</OpenSearchDescription>'; + + reply.header('Content-Type', 'application/opensearchdescription+xml'); + return await reply.send(content); + }); + + //#endregion + + const renderBase = async (reply: FastifyReply) => { + const meta = await this.metaService.fetch(); + reply.header('Cache-Control', 'public, max-age=15'); + return await reply.view('base', { + img: meta.bannerUrl, + title: meta.name ?? 'Misskey', + instanceName: meta.name ?? 'Misskey', + url: this.config.url, + desc: meta.description, + icon: meta.iconUrl, + themeColor: meta.themeColor, + }); + }; + + // URL preview endpoint + fastify.get<{ Querystring: { url: string; lang: string; } }>('/url', (request, reply) => this.urlPreviewService.handle(request, reply)); + + const getFeed = async (acct: string) => { + const { username, host } = Acct.parse(acct); + const user = await this.usersRepository.findOneBy({ + usernameLower: username.toLowerCase(), + host: host ?? IsNull(), + isSuspended: false, + }); + + return user && await this.feedService.packFeed(user); + }; + + // Atom + fastify.get<{ Params: { user: string; } }>('/@:user.atom', async (request, reply) => { + const feed = await getFeed(request.params.user); + + if (feed) { + reply.header('Content-Type', 'application/atom+xml; charset=utf-8'); + return feed.atom1(); + } else { + reply.code(404); + } + }); + + // RSS + fastify.get<{ Params: { user: string; } }>('/@:user.rss', async (request, reply) => { + const feed = await getFeed(request.params.user); + + if (feed) { + reply.header('Content-Type', 'application/rss+xml; charset=utf-8'); + return feed.rss2(); + } else { + reply.code(404); + } + }); + + // JSON + fastify.get<{ Params: { user: string; } }>('/@:user.json', async (request, reply) => { + const feed = await getFeed(request.params.user); + + if (feed) { + reply.header('Content-Type', 'application/json; charset=utf-8'); + return feed.json1(); + } else { + reply.code(404); + } + }); + + //#region SSR (for crawlers) + // User + fastify.get<{ Params: { user: string; sub?: string; } }>('/@:user/:sub?', async (request, reply) => { + const { username, host } = Acct.parse(request.params.user); + const user = await this.usersRepository.findOneBy({ + usernameLower: username.toLowerCase(), + host: host ?? IsNull(), + isSuspended: false, + }); + + if (user != null) { + const profile = await this.userProfilesRepository.findOneByOrFail({ userId: user.id }); + const meta = await this.metaService.fetch(); + const me = profile.fields + ? profile.fields + .filter(filed => filed.value != null && filed.value.match(/^https?:/)) + .map(field => field.value) + : []; + + reply.header('Cache-Control', 'public, max-age=15'); + return await reply.view('user', { + user, profile, me, + avatarUrl: await this.userEntityService.getAvatarUrl(user), + sub: request.params.sub, + instanceName: meta.name ?? 'Misskey', + icon: meta.iconUrl, + themeColor: meta.themeColor, + }); + } else { + // リモートユーザーなので + // モデレータがAPI経由で参照可能にするために404にはしない + return await renderBase(reply); + } + }); + + fastify.get<{ Params: { user: string; } }>('/users/:user', async (request, reply) => { + const user = await this.usersRepository.findOneBy({ + id: request.params.user, + host: IsNull(), + isSuspended: false, + }); + + if (user == null) { + reply.code(404); + return; + } + + reply.redirect(`/@${user.username}${ user.host == null ? '' : '@' + user.host}`); + }); + + // Note + fastify.get<{ Params: { note: string; } }>('/notes/:note', async (request, reply) => { + vary(reply.raw, 'Accept'); + + const note = await this.notesRepository.findOneBy({ + id: request.params.note, + visibility: In(['public', 'home']), + }); + + if (note) { + const _note = await this.noteEntityService.pack(note); + const profile = await this.userProfilesRepository.findOneByOrFail({ userId: note.userId }); + const meta = await this.metaService.fetch(); + reply.header('Cache-Control', 'public, max-age=15'); + return await reply.view('note', { + note: _note, + profile, + avatarUrl: await this.userEntityService.getAvatarUrl(await this.usersRepository.findOneByOrFail({ id: note.userId })), + // TODO: Let locale changeable by instance setting + summary: getNoteSummary(_note), + instanceName: meta.name ?? 'Misskey', + icon: meta.iconUrl, + themeColor: meta.themeColor, + }); + } else { + return await renderBase(reply); + } + }); + + // Page + fastify.get<{ Params: { user: string; page: string; } }>('/@:user/pages/:page', async (request, reply) => { + const { username, host } = Acct.parse(request.params.user); + const user = await this.usersRepository.findOneBy({ + usernameLower: username.toLowerCase(), + host: host ?? IsNull(), + }); + + if (user == null) return; + + const page = await this.pagesRepository.findOneBy({ + name: request.params.page, + userId: user.id, + }); + + if (page) { + const _page = await this.pageEntityService.pack(page); + const profile = await this.userProfilesRepository.findOneByOrFail({ userId: page.userId }); + const meta = await this.metaService.fetch(); + if (['public'].includes(page.visibility)) { + reply.header('Cache-Control', 'public, max-age=15'); + } else { + reply.header('Cache-Control', 'private, max-age=0, must-revalidate'); + } + return await reply.view('page', { + page: _page, + profile, + avatarUrl: await this.userEntityService.getAvatarUrl(await this.usersRepository.findOneByOrFail({ id: page.userId })), + instanceName: meta.name ?? 'Misskey', + icon: meta.iconUrl, + themeColor: meta.themeColor, + }); + } else { + return await renderBase(reply); + } + }); + + // Flash + fastify.get<{ Params: { id: string; } }>('/play/:id', async (request, reply) => { + const flash = await this.flashsRepository.findOneBy({ + id: request.params.id, + }); + + if (flash) { + const _flash = await this.flashEntityService.pack(flash); + const profile = await this.userProfilesRepository.findOneByOrFail({ userId: flash.userId }); + const meta = await this.metaService.fetch(); + reply.header('Cache-Control', 'public, max-age=15'); + return await reply.view('flash', { + flash: _flash, + profile, + avatarUrl: await this.userEntityService.getAvatarUrl(await this.usersRepository.findOneByOrFail({ id: flash.userId })), + instanceName: meta.name ?? 'Misskey', + icon: meta.iconUrl, + themeColor: meta.themeColor, + }); + } else { + return await renderBase(reply); + } + }); + + // Clip + fastify.get<{ Params: { clip: string; } }>('/clips/:clip', async (request, reply) => { + const clip = await this.clipsRepository.findOneBy({ + id: request.params.clip, + }); + + if (clip && clip.isPublic) { + const _clip = await this.clipEntityService.pack(clip); + const profile = await this.userProfilesRepository.findOneByOrFail({ userId: clip.userId }); + const meta = await this.metaService.fetch(); + reply.header('Cache-Control', 'public, max-age=15'); + return await reply.view('clip', { + clip: _clip, + profile, + avatarUrl: await this.userEntityService.getAvatarUrl(await this.usersRepository.findOneByOrFail({ id: clip.userId })), + instanceName: meta.name ?? 'Misskey', + icon: meta.iconUrl, + themeColor: meta.themeColor, + }); + } else { + return await renderBase(reply); + } + }); + + // Gallery post + fastify.get<{ Params: { post: string; } }>('/gallery/:post', async (request, reply) => { + const post = await this.galleryPostsRepository.findOneBy({ id: request.params.post }); + + if (post) { + const _post = await this.galleryPostEntityService.pack(post); + const profile = await this.userProfilesRepository.findOneByOrFail({ userId: post.userId }); + const meta = await this.metaService.fetch(); + reply.header('Cache-Control', 'public, max-age=15'); + return await reply.view('gallery-post', { + post: _post, + profile, + avatarUrl: await this.userEntityService.getAvatarUrl(await this.usersRepository.findOneByOrFail({ id: post.userId })), + instanceName: meta.name ?? 'Misskey', + icon: meta.iconUrl, + themeColor: meta.themeColor, + }); + } else { + return await renderBase(reply); + } + }); + + // Channel + fastify.get<{ Params: { channel: string; } }>('/channels/:channel', async (request, reply) => { + const channel = await this.channelsRepository.findOneBy({ + id: request.params.channel, + }); + + if (channel) { + const _channel = await this.channelEntityService.pack(channel); + const meta = await this.metaService.fetch(); + reply.header('Cache-Control', 'public, max-age=15'); + return await reply.view('channel', { + channel: _channel, + instanceName: meta.name ?? 'Misskey', + icon: meta.iconUrl, + themeColor: meta.themeColor, + }); + } else { + return await renderBase(reply); + } + }); + //#endregion + + fastify.get('/_info_card_', async (request, reply) => { + const meta = await this.metaService.fetch(true); + + reply.removeHeader('X-Frame-Options'); + + return await reply.view('info-card', { + version: this.config.version, + host: this.config.host, + meta: meta, + originalUsersCount: await this.usersRepository.countBy({ host: IsNull() }), + originalNotesCount: await this.notesRepository.countBy({ userHost: IsNull() }), + }); + }); + + fastify.get('/bios', async (request, reply) => { + return await reply.view('bios', { + version: this.config.version, + }); + }); + + fastify.get('/cli', async (request, reply) => { + return await reply.view('cli', { + version: this.config.version, + }); + }); + + const override = (source: string, target: string, depth = 0) => + [, ...target.split('/').filter(x => x), ...source.split('/').filter(x => x).splice(depth)].join('/'); + + fastify.get('/flush', async (request, reply) => { + return await reply.view('flush'); + }); + + // streamingに非WebSocketリクエストが来た場合にbase htmlをキャシュ付きで返すと、Proxy等でそのパスがキャッシュされておかしくなる + fastify.get('/streaming', async (request, reply) => { + reply.code(503); + reply.header('Cache-Control', 'private, max-age=0'); + }); + + // Render base html for all requests + fastify.get('*', async (request, reply) => { + return await renderBase(reply); + }); + + done(); + } +} |