summaryrefslogtreecommitdiff
path: root/src/server/api
diff options
context:
space:
mode:
Diffstat (limited to 'src/server/api')
-rw-r--r--src/server/api/endpoints/admin/ad/create.ts45
-rw-r--r--src/server/api/endpoints/admin/ad/delete.ts34
-rw-r--r--src/server/api/endpoints/admin/ad/list.ts36
-rw-r--r--src/server/api/endpoints/admin/ad/update.ts59
-rw-r--r--src/server/api/endpoints/meta.ts39
-rw-r--r--src/server/api/endpoints/request-reset-password.ts73
-rw-r--r--src/server/api/endpoints/reset-password.ts45
7 files changed, 330 insertions, 1 deletions
diff --git a/src/server/api/endpoints/admin/ad/create.ts b/src/server/api/endpoints/admin/ad/create.ts
new file mode 100644
index 0000000000..7777e95e6e
--- /dev/null
+++ b/src/server/api/endpoints/admin/ad/create.ts
@@ -0,0 +1,45 @@
+import $ from 'cafy';
+import define from '../../../define';
+import { Ads } from '../../../../../models';
+import { genId } from '@/misc/gen-id';
+
+export const meta = {
+ tags: ['admin'],
+
+ requireCredential: true as const,
+ requireModerator: true,
+
+ params: {
+ url: {
+ validator: $.str.min(1)
+ },
+ memo: {
+ validator: $.str
+ },
+ place: {
+ validator: $.str
+ },
+ priority: {
+ validator: $.str
+ },
+ expiresAt: {
+ validator: $.num.int()
+ },
+ imageUrl: {
+ validator: $.str.min(1)
+ }
+ },
+};
+
+export default define(meta, async (ps) => {
+ await Ads.insert({
+ id: genId(),
+ createdAt: new Date(),
+ expiresAt: new Date(ps.expiresAt),
+ url: ps.url,
+ imageUrl: ps.imageUrl,
+ priority: ps.priority,
+ place: ps.place,
+ memo: ps.memo,
+ });
+});
diff --git a/src/server/api/endpoints/admin/ad/delete.ts b/src/server/api/endpoints/admin/ad/delete.ts
new file mode 100644
index 0000000000..6a5f92193e
--- /dev/null
+++ b/src/server/api/endpoints/admin/ad/delete.ts
@@ -0,0 +1,34 @@
+import $ from 'cafy';
+import define from '../../../define';
+import { ID } from '@/misc/cafy-id';
+import { Ads } from '../../../../../models';
+import { ApiError } from '../../../error';
+
+export const meta = {
+ tags: ['admin'],
+
+ requireCredential: true as const,
+ requireModerator: true,
+
+ params: {
+ id: {
+ validator: $.type(ID)
+ }
+ },
+
+ errors: {
+ noSuchAd: {
+ message: 'No such ad.',
+ code: 'NO_SUCH_AD',
+ id: 'ccac9863-3a03-416e-b899-8a64041118b1'
+ }
+ }
+};
+
+export default define(meta, async (ps, me) => {
+ const ad = await Ads.findOne(ps.id);
+
+ if (ad == null) throw new ApiError(meta.errors.noSuchAd);
+
+ await Ads.delete(ad.id);
+});
diff --git a/src/server/api/endpoints/admin/ad/list.ts b/src/server/api/endpoints/admin/ad/list.ts
new file mode 100644
index 0000000000..a323f2a9ed
--- /dev/null
+++ b/src/server/api/endpoints/admin/ad/list.ts
@@ -0,0 +1,36 @@
+import $ from 'cafy';
+import { ID } from '@/misc/cafy-id';
+import define from '../../../define';
+import { Ads } from '../../../../../models';
+import { makePaginationQuery } from '../../../common/make-pagination-query';
+
+export const meta = {
+ tags: ['admin'],
+
+ requireCredential: true as const,
+ requireModerator: true,
+
+ params: {
+ limit: {
+ validator: $.optional.num.range(1, 100),
+ default: 10
+ },
+
+ sinceId: {
+ validator: $.optional.type(ID),
+ },
+
+ untilId: {
+ validator: $.optional.type(ID),
+ },
+ },
+};
+
+export default define(meta, async (ps) => {
+ const query = makePaginationQuery(Ads.createQueryBuilder('ad'), ps.sinceId, ps.untilId)
+ .andWhere('ad.expiresAt > :now', { now: new Date() });
+
+ const ads = await query.take(ps.limit!).getMany();
+
+ return ads;
+});
diff --git a/src/server/api/endpoints/admin/ad/update.ts b/src/server/api/endpoints/admin/ad/update.ts
new file mode 100644
index 0000000000..694af98394
--- /dev/null
+++ b/src/server/api/endpoints/admin/ad/update.ts
@@ -0,0 +1,59 @@
+import $ from 'cafy';
+import define from '../../../define';
+import { ID } from '@/misc/cafy-id';
+import { Ads } from '../../../../../models';
+import { ApiError } from '../../../error';
+
+export const meta = {
+ tags: ['admin'],
+
+ requireCredential: true as const,
+ requireModerator: true,
+
+ params: {
+ id: {
+ validator: $.type(ID)
+ },
+ memo: {
+ validator: $.str
+ },
+ url: {
+ validator: $.str.min(1)
+ },
+ imageUrl: {
+ validator: $.str.min(1)
+ },
+ place: {
+ validator: $.str
+ },
+ priority: {
+ validator: $.str
+ },
+ expiresAt: {
+ validator: $.num.int()
+ },
+ },
+
+ errors: {
+ noSuchAd: {
+ message: 'No such ad.',
+ code: 'NO_SUCH_AD',
+ id: 'b7aa1727-1354-47bc-a182-3a9c3973d300'
+ }
+ }
+};
+
+export default define(meta, async (ps, me) => {
+ const ad = await Ads.findOne(ps.id);
+
+ if (ad == null) throw new ApiError(meta.errors.noSuchAd);
+
+ await Ads.update(ad.id, {
+ url: ps.url,
+ place: ps.place,
+ priority: ps.priority,
+ memo: ps.memo,
+ imageUrl: ps.imageUrl,
+ expiresAt: new Date(ps.expiresAt),
+ });
+});
diff --git a/src/server/api/endpoints/meta.ts b/src/server/api/endpoints/meta.ts
index 3760c8b37b..5b7292ef16 100644
--- a/src/server/api/endpoints/meta.ts
+++ b/src/server/api/endpoints/meta.ts
@@ -2,8 +2,9 @@ import $ from 'cafy';
import config from '@/config';
import define from '../define';
import { fetchMeta } from '@/misc/fetch-meta';
-import { Emojis, Users } from '../../../models';
+import { Ads, Emojis, Users } from '../../../models';
import { DB_MAX_NOTE_TEXT_LENGTH } from '@/misc/hard-limits';
+import { MoreThan } from 'typeorm';
export const meta = {
desc: {
@@ -193,6 +194,30 @@ export const meta = {
}
}
},
+ ads: {
+ type: 'array' as const,
+ optional: false as const, nullable: false as const,
+ items: {
+ type: 'object' as const,
+ optional: false as const, nullable: false as const,
+ properties: {
+ place: {
+ type: 'string' as const,
+ optional: false as const, nullable: false as const
+ },
+ url: {
+ type: 'string' as const,
+ optional: false as const, nullable: false as const,
+ format: 'url'
+ },
+ imageUrl: {
+ type: 'string' as const,
+ optional: false as const, nullable: false as const,
+ format: 'url'
+ },
+ }
+ }
+ },
requireSetup: {
type: 'boolean' as const,
optional: false as const, nullable: false as const,
@@ -443,6 +468,12 @@ export default define(meta, async (ps, me) => {
}
});
+ const ads = await Ads.find({
+ where: {
+ expiresAt: MoreThan(new Date())
+ },
+ });
+
const response: any = {
maintainerName: instance.maintainerName,
maintainerEmail: instance.maintainerEmail,
@@ -477,6 +508,12 @@ export default define(meta, async (ps, me) => {
logoImageUrl: instance.logoImageUrl,
maxNoteTextLength: Math.min(instance.maxNoteTextLength, DB_MAX_NOTE_TEXT_LENGTH),
emojis: await Emojis.packMany(emojis),
+ ads: ads.map(ad => ({
+ url: ad.url,
+ place: ad.place,
+ priority: ad.priority,
+ imageUrl: ad.imageUrl,
+ })),
enableEmail: instance.enableEmail,
enableTwitterIntegration: instance.enableTwitterIntegration,
diff --git a/src/server/api/endpoints/request-reset-password.ts b/src/server/api/endpoints/request-reset-password.ts
new file mode 100644
index 0000000000..c880df7527
--- /dev/null
+++ b/src/server/api/endpoints/request-reset-password.ts
@@ -0,0 +1,73 @@
+import $ from 'cafy';
+import { publishMainStream } from '../../../services/stream';
+import define from '../define';
+import rndstr from 'rndstr';
+import config from '@/config';
+import * as ms from 'ms';
+import { Users, UserProfiles, PasswordResetRequests } from '../../../models';
+import { sendEmail } from '../../../services/send-email';
+import { ApiError } from '../error';
+import { genId } from '@/misc/gen-id';
+import { IsNull } from 'typeorm';
+
+export const meta = {
+ requireCredential: false as const,
+
+ limit: {
+ duration: ms('1hour'),
+ max: 3
+ },
+
+ params: {
+ username: {
+ validator: $.str
+ },
+
+ email: {
+ validator: $.str
+ },
+ },
+
+ errors: {
+
+ }
+};
+
+export default define(meta, async (ps) => {
+ const user = await Users.findOne({
+ usernameLower: ps.username.toLowerCase(),
+ host: IsNull()
+ });
+
+ // 合致するユーザーが登録されていなかったら無視
+ if (user == null) {
+ return;
+ }
+
+ const profile = await UserProfiles.findOneOrFail(user.id);
+
+ // 合致するメアドが登録されていなかったら無視
+ if (profile.email !== ps.email) {
+ return;
+ }
+
+ // メアドが認証されていなかったら無視
+ if (!profile.emailVerified) {
+ return;
+ }
+
+ const token = rndstr('a-z0-9', 64);
+
+ await PasswordResetRequests.insert({
+ id: genId(),
+ createdAt: new Date(),
+ userId: profile.userId,
+ token
+ });
+
+ const link = `${config.url}/reset-password/${token}`;
+
+ sendEmail(ps.email, 'Password reset requested',
+ `To reset password, please click this link:<br><a href="${link}">${link}</a>`,
+ `To reset password, please click this link: ${link}`);
+});
diff --git a/src/server/api/endpoints/reset-password.ts b/src/server/api/endpoints/reset-password.ts
new file mode 100644
index 0000000000..5f79bdbd00
--- /dev/null
+++ b/src/server/api/endpoints/reset-password.ts
@@ -0,0 +1,45 @@
+import $ from 'cafy';
+import * as bcrypt from 'bcryptjs';
+import { publishMainStream } from '../../../services/stream';
+import define from '../define';
+import { Users, UserProfiles, PasswordResetRequests } from '../../../models';
+import { ApiError } from '../error';
+
+export const meta = {
+ requireCredential: false as const,
+
+ params: {
+ token: {
+ validator: $.str
+ },
+
+ password: {
+ validator: $.str
+ }
+ },
+
+ errors: {
+
+ }
+};
+
+export default define(meta, async (ps, user) => {
+ const req = await PasswordResetRequests.findOneOrFail({
+ token: ps.token,
+ });
+
+ // 発行してから30分以上経過していたら無効
+ if (Date.now() - req.createdAt.getTime() > 1000 * 60 * 30) {
+ throw new Error(); // TODO
+ }
+
+ // Generate hash of password
+ const salt = await bcrypt.genSalt(8);
+ const hash = await bcrypt.hash(ps.password, salt);
+
+ await UserProfiles.update(req.userId, {
+ password: hash
+ });
+
+ PasswordResetRequests.delete(req.id);
+});
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-20 21:00:17 +0000