From 3368fe855249f45bdf1e4c1e509d325d44e80fbe Mon Sep 17 00:00:00 2001
From: syuilo <syuilotan@yahoo.co.jp>
Date: Fri, 13 Apr 2018 06:06:18 +0900
Subject: wip

---
 src/server/api/api-handler.ts         |  17 +--
 src/server/api/bot/interfaces/line.ts | 103 +++++++-------
 src/server/api/call.ts                |   7 +-
 src/server/api/common/signin.ts       |  15 ++-
 src/server/api/index.ts               |  60 ++++-----
 src/server/api/private/signin.ts      |  36 ++---
 src/server/api/private/signup.ts      |  20 +--
 src/server/api/service/github.ts      | 244 ++++++++++++++++++----------------
 src/server/api/service/twitter.ts     | 173 ++++++++++++------------
 9 files changed, 337 insertions(+), 338 deletions(-)

(limited to 'src/server/api')

diff --git a/src/server/api/api-handler.ts b/src/server/api/api-handler.ts
index 409069b6a0..2c50234317 100644
--- a/src/server/api/api-handler.ts
+++ b/src/server/api/api-handler.ts
@@ -1,4 +1,4 @@
-import * as express from 'express';
+import * as Koa from 'koa';
 
 import { Endpoint } from './endpoints';
 import authenticate from './authenticate';
@@ -6,16 +6,17 @@ import call from './call';
 import { IUser } from '../../models/user';
 import { IApp } from '../../models/app';
 
-export default async (endpoint: Endpoint, req: express.Request, res: express.Response) => {
+export default async (endpoint: Endpoint, ctx: Koa.Context) => {
 	const reply = (x?: any, y?: any) => {
 		if (x === undefined) {
-			res.sendStatus(204);
+			ctx.status = 204;
 		} else if (typeof x === 'number') {
-			res.status(x).send({
+			ctx.status = x;
+			ctx.body = {
 				error: x === 500 ? 'INTERNAL_ERROR' : y
-			});
+			};
 		} else {
-			res.send(x);
+			ctx.body = x;
 		}
 	};
 
@@ -24,11 +25,11 @@ export default async (endpoint: Endpoint, req: express.Request, res: express.Res
 
 	// Authentication
 	try {
-		[user, app] = await authenticate(req.body['i']);
+		[user, app] = await authenticate(ctx.body['i']);
 	} catch (e) {
 		return reply(403, 'AUTHENTICATION_FAILED');
 	}
 
 	// API invoking
-	call(endpoint, user, app, req.body, req).then(reply).catch(e => reply(400, e));
+	call(endpoint, user, app, ctx.body, ctx.req).then(reply).catch(e => reply(400, e));
 };
diff --git a/src/server/api/bot/interfaces/line.ts b/src/server/api/bot/interfaces/line.ts
index be3bfe33d3..454630161a 100644
--- a/src/server/api/bot/interfaces/line.ts
+++ b/src/server/api/bot/interfaces/line.ts
@@ -1,5 +1,5 @@
 import * as EventEmitter from 'events';
-import * as express from 'express';
+import * as Router from 'koa-router';
 import * as request from 'request';
 import * as crypto from 'crypto';
 import User from '../../../../models/user';
@@ -158,82 +158,81 @@ class LineBot extends BotCore {
 	}
 }
 
-module.exports = async (app: express.Application) => {
-	if (config.line_bot == null) return;
+const handler = new EventEmitter();
 
-	const handler = new EventEmitter();
+handler.on('event', async (ev) => {
 
-	handler.on('event', async (ev) => {
+	const sourceId = ev.source.userId;
+	const sessionId = `line-bot-sessions:${sourceId}`;
 
-		const sourceId = ev.source.userId;
-		const sessionId = `line-bot-sessions:${sourceId}`;
+	const session = await redis.get(sessionId);
+	let bot: LineBot;
 
-		const session = await redis.get(sessionId);
-		let bot: LineBot;
-
-		if (session == null) {
-			const user = await User.findOne({
-				host: null,
-				'line': {
-					userId: sourceId
-				}
-			});
+	if (session == null) {
+		const user = await User.findOne({
+			host: null,
+			'line': {
+				userId: sourceId
+			}
+		});
 
-			bot = new LineBot(user);
+		bot = new LineBot(user);
 
-			bot.on('signin', user => {
-				User.update(user._id, {
-					$set: {
-						'line': {
-							userId: sourceId
-						}
+		bot.on('signin', user => {
+			User.update(user._id, {
+				$set: {
+					'line': {
+						userId: sourceId
 					}
-				});
+				}
 			});
+		});
 
-			bot.on('signout', user => {
-				User.update(user._id, {
-					$set: {
-						'line': {
-							userId: null
-						}
+		bot.on('signout', user => {
+			User.update(user._id, {
+				$set: {
+					'line': {
+						userId: null
 					}
-				});
+				}
 			});
-
-			redis.set(sessionId, JSON.stringify(bot.export()));
-		} else {
-			bot = LineBot.import(JSON.parse(session));
-		}
-
-		bot.on('updated', () => {
-			redis.set(sessionId, JSON.stringify(bot.export()));
 		});
 
-		if (session != null) bot.refreshUser();
+		redis.set(sessionId, JSON.stringify(bot.export()));
+	} else {
+		bot = LineBot.import(JSON.parse(session));
+	}
 
-		bot.react(ev);
+	bot.on('updated', () => {
+		redis.set(sessionId, JSON.stringify(bot.export()));
 	});
 
-	app.post('/hooks/line', (req, res, next) => {
-		// req.headers['x-line-signature'] は常に string ですが、型定義の都合上
-		// string | string[] になっているので string を明示しています
-		const sig1 = req.headers['x-line-signature'] as string;
+	if (session != null) bot.refreshUser();
+
+	bot.react(ev);
+});
+
+// Init router
+const router = new Router();
+
+if (config.line_bot) {
+	router.post('/hooks/line', ctx => {
+		const sig1 = ctx.headers['x-line-signature'];
 
 		const hash = crypto.createHmac('SHA256', config.line_bot.channel_secret)
-			.update((req as any).rawBody);
+			.update(ctx.request.rawBody);
 
 		const sig2 = hash.digest('base64');
 
 		// シグネチャ比較
 		if (sig1 === sig2) {
-			req.body.events.forEach(ev => {
+			ctx.body.events.forEach(ev => {
 				handler.emit('event', ev);
 			});
-
-			res.sendStatus(200);
 		} else {
-			res.sendStatus(400);
+			ctx.status = 400;
 		}
 	});
-};
+}
+
+module.exports = router;
diff --git a/src/server/api/call.ts b/src/server/api/call.ts
index 1bfe94bb74..c25f55ed3f 100644
--- a/src/server/api/call.ts
+++ b/src/server/api/call.ts
@@ -1,11 +1,12 @@
-import * as express from 'express';
+import * as http from 'http';
+import * as multer from 'koa-multer';
 
 import endpoints, { Endpoint } from './endpoints';
 import limitter from './limitter';
 import { IUser } from '../../models/user';
 import { IApp } from '../../models/app';
 
-export default (endpoint: string | Endpoint, user: IUser, app: IApp, data: any, req?: express.Request) => new Promise(async (ok, rej) => {
+export default (endpoint: string | Endpoint, user: IUser, app: IApp, data: any, req?: http.IncomingMessage) => new Promise(async (ok, rej) => {
 	const isSecure = user != null && app == null;
 
 	//console.log(endpoint, user, app, data);
@@ -38,7 +39,7 @@ export default (endpoint: string | Endpoint, user: IUser, app: IApp, data: any,
 	let exec = require(`${__dirname}/endpoints/${ep.name}`);
 
 	if (ep.withFile && req) {
-		exec = exec.bind(null, req.file);
+		exec = exec.bind(null, (req as multer.MulterIncomingMessage).file);
 	}
 
 	let res;
diff --git a/src/server/api/common/signin.ts b/src/server/api/common/signin.ts
index 8bb327694d..f57c38414c 100644
--- a/src/server/api/common/signin.ts
+++ b/src/server/api/common/signin.ts
@@ -1,19 +1,20 @@
+import * as Koa from 'koa';
+
 import config from '../../../config';
+import { ILocalUser } from '../../../models/user';
 
-export default function(res, user, redirect: boolean) {
+export default function(ctx: Koa.Context, user: ILocalUser, redirect: boolean) {
 	const expires = 1000 * 60 * 60 * 24 * 365; // One Year
-	res.cookie('i', user.token, {
+	ctx.cookies.set('i', user.token, {
 		path: '/',
-		domain: `.${config.hostname}`,
-		secure: config.url.substr(0, 5) === 'https',
+		domain: config.hostname,
+		secure: config.url.startsWith('https'),
 		httpOnly: false,
 		expires: new Date(Date.now() + expires),
 		maxAge: expires
 	});
 
 	if (redirect) {
-		res.redirect(config.url);
-	} else {
-		res.sendStatus(204);
+		ctx.redirect(config.url);
 	}
 }
diff --git a/src/server/api/index.ts b/src/server/api/index.ts
index 5fbacd8a0e..d2427d30ae 100644
--- a/src/server/api/index.ts
+++ b/src/server/api/index.ts
@@ -2,53 +2,41 @@
  * API Server
  */
 
-import * as express from 'express';
-import * as bodyParser from 'body-parser';
-import * as cors from 'cors';
-import * as multer from 'multer';
+import * as Koa from 'koa';
+import * as Router from 'koa-router';
+import * as multer from 'koa-multer';
 
 import endpoints from './endpoints';
 
-/**
- * Init app
- */
-const app = express();
-
-app.disable('x-powered-by');
-app.set('etag', false);
-app.use(bodyParser.urlencoded({ extended: true }));
-app.use(bodyParser.json({
-	type: ['application/json', 'text/plain'],
-	verify: (req, res, buf, encoding) => {
-		if (buf && buf.length) {
-			(req as any).rawBody = buf.toString(encoding || 'utf8');
-		}
-	}
-}));
-app.use(cors());
-
-app.get('/', (req, res) => {
-	res.send('YEE HAW');
+const handler = require('./api-handler').default;
+
+// Init app
+const app = new Koa();
+
+// Init multer instance
+const upload = multer({
+	storage: multer.diskStorage({})
 });
 
+// Init router
+const router = new Router();
+
 /**
  * Register endpoint handlers
  */
-endpoints.forEach(endpoint =>
-	endpoint.withFile ?
-		app.post(`/${endpoint.name}`,
-			endpoint.withFile ? multer({ storage: multer.diskStorage({}) }).single('file') : null,
-			require('./api-handler').default.bind(null, endpoint)) :
-		app.post(`/${endpoint.name}`,
-			require('./api-handler').default.bind(null, endpoint))
+endpoints.forEach(endpoint => endpoint.withFile
+	? router.post(`/${endpoint.name}`, upload.single('file'), handler.bind(null, endpoint))
+	: router.post(`/${endpoint.name}`, handler.bind(null, endpoint))
 );
 
-app.post('/signup', require('./private/signup').default);
-app.post('/signin', require('./private/signin').default);
+router.post('/signup', require('./private/signup').default);
+router.post('/signin', require('./private/signin').default);
 
-require('./service/github')(app);
-require('./service/twitter')(app);
+router.use(require('./service/github').routes());
+router.use(require('./service/twitter').routes());
+router.use(require('./bot/interfaces/line').routes());
 
-require('./bot/interfaces/line')(app);
+// Register router
+app.use(router.routes());
 
 module.exports = app;
diff --git a/src/server/api/private/signin.ts b/src/server/api/private/signin.ts
index 665ee21ebd..55326deeaf 100644
--- a/src/server/api/private/signin.ts
+++ b/src/server/api/private/signin.ts
@@ -1,4 +1,4 @@
-import * as express from 'express';
+import * as Koa from 'koa';
 import * as bcrypt from 'bcryptjs';
 import * as speakeasy from 'speakeasy';
 import User, { ILocalUser } from '../../../models/user';
@@ -7,26 +7,26 @@ import event from '../../../publishers/stream';
 import signin from '../common/signin';
 import config from '../../../config';
 
-export default async (req: express.Request, res: express.Response) => {
-	res.header('Access-Control-Allow-Origin', config.url);
-	res.header('Access-Control-Allow-Credentials', 'true');
+export default async (ctx: Koa.Context) => {
+	ctx.set('Access-Control-Allow-Origin', config.url);
+	ctx.set('Access-Control-Allow-Credentials', 'true');
 
-	const username = req.body['username'];
-	const password = req.body['password'];
-	const token = req.body['token'];
+	const username = ctx.body['username'];
+	const password = ctx.body['password'];
+	const token = ctx.body['token'];
 
 	if (typeof username != 'string') {
-		res.sendStatus(400);
+		ctx.status = 400;
 		return;
 	}
 
 	if (typeof password != 'string') {
-		res.sendStatus(400);
+		ctx.status = 400;
 		return;
 	}
 
 	if (token != null && typeof token != 'string') {
-		res.sendStatus(400);
+		ctx.status = 400;
 		return;
 	}
 
@@ -37,12 +37,12 @@ export default async (req: express.Request, res: express.Response) => {
 	}, {
 		fields: {
 			data: false,
-			'profile': false
+			profile: false
 		}
 	}) as ILocalUser;
 
 	if (user === null) {
-		res.status(404).send({
+		ctx.throw(404, {
 			error: 'user not found'
 		});
 		return;
@@ -60,17 +60,17 @@ export default async (req: express.Request, res: express.Response) => {
 			});
 
 			if (verified) {
-				signin(res, user, false);
+				signin(ctx, user, false);
 			} else {
-				res.status(400).send({
+				ctx.throw(400, {
 					error: 'invalid token'
 				});
 			}
 		} else {
-			signin(res, user, false);
+			signin(ctx, user, false);
 		}
 	} else {
-		res.status(400).send({
+		ctx.throw(400, {
 			error: 'incorrect password'
 		});
 	}
@@ -79,8 +79,8 @@ export default async (req: express.Request, res: express.Response) => {
 	const record = await Signin.insert({
 		createdAt: new Date(),
 		userId: user._id,
-		ip: req.ip,
-		headers: req.headers,
+		ip: ctx.ip,
+		headers: ctx.headers,
 		success: same
 	});
 
diff --git a/src/server/api/private/signup.ts b/src/server/api/private/signup.ts
index f441e1b754..a4554be4ae 100644
--- a/src/server/api/private/signup.ts
+++ b/src/server/api/private/signup.ts
@@ -1,5 +1,5 @@
 import * as uuid from 'uuid';
-import * as express from 'express';
+import * as Koa from 'koa';
 import * as bcrypt from 'bcryptjs';
 import { generate as generateKeypair } from '../../../crypto_key';
 import recaptcha = require('recaptcha-promise');
@@ -33,30 +33,30 @@ const home = {
 	]
 };
 
-export default async (req: express.Request, res: express.Response) => {
+export default async (ctx: Koa.Context) => {
 	// Verify recaptcha
 	// ただしテスト時はこの機構は障害となるため無効にする
 	if (process.env.NODE_ENV !== 'test') {
-		const success = await recaptcha(req.body['g-recaptcha-response']);
+		const success = await recaptcha(ctx.body['g-recaptcha-response']);
 
 		if (!success) {
-			res.status(400).send('recaptcha-failed');
+			ctx.throw(400, 'recaptcha-failed');
 			return;
 		}
 	}
 
-	const username = req.body['username'];
-	const password = req.body['password'];
+	const username = ctx.body['username'];
+	const password = ctx.body['password'];
 
 	// Validate username
 	if (!validateUsername(username)) {
-		res.sendStatus(400);
+		ctx.status = 400;
 		return;
 	}
 
 	// Validate password
 	if (!validatePassword(password)) {
-		res.sendStatus(400);
+		ctx.status = 400;
 		return;
 	}
 
@@ -71,7 +71,7 @@ export default async (req: express.Request, res: express.Response) => {
 
 	// Check username already used
 	if (usernameExist !== 0) {
-		res.sendStatus(400);
+		ctx.status = 400;
 		return;
 	}
 
@@ -143,5 +143,5 @@ export default async (req: express.Request, res: express.Response) => {
 	});
 
 	// Response
-	res.send(await pack(account));
+	ctx.body = await pack(account);
 };
diff --git a/src/server/api/service/github.ts b/src/server/api/service/github.ts
index bc8d3c6a7d..ee226cc5cc 100644
--- a/src/server/api/service/github.ts
+++ b/src/server/api/service/github.ts
@@ -1,140 +1,152 @@
 import * as EventEmitter from 'events';
-import * as express from 'express';
+import * as Router from 'koa-router';
 import * as request from 'request';
 const crypto = require('crypto');
 
-import User from '../../../models/user';
+import User, { IUser } from '../../../models/user';
 import createNote from '../../../services/note/create';
 import config from '../../../config';
 
-module.exports = async (app: express.Application) => {
-	if (config.github_bot == null) return;
+const handler = new EventEmitter();
 
-	const bot = await User.findOne({
-		usernameLower: config.github_bot.username.toLowerCase()
-	});
+let bot: IUser;
 
+const post = async text => {
 	if (bot == null) {
-		console.warn(`GitHub hook bot specified, but not found: @${config.github_bot.username}`);
-		return;
+		const account = await User.findOne({
+			usernameLower: config.github_bot.username.toLowerCase()
+		});
+
+		if (account == null) {
+			console.warn(`GitHub hook bot specified, but not found: @${config.github_bot.username}`);
+			return;
+		} else {
+			bot = account;
+		}
 	}
 
-	const post = text => createNote(bot, { text });
+	createNote(bot, { text });
+};
+
+// Init router
+const router = new Router();
 
-	const handler = new EventEmitter();
+if (config.github_bot != null) {
+	const secret = config.github_bot.hook_secret;
 
-	app.post('/hooks/github', (req, res, next) => {
-		// req.headers['x-hub-signature'] および
-		// req.headers['x-github-event'] は常に string ですが、型定義の都合上
-		// string | string[] になっているので string を明示しています
-		if ((new Buffer(req.headers['x-hub-signature'] as string)).equals(new Buffer(`sha1=${crypto.createHmac('sha1', config.github_bot.hook_secret).update(JSON.stringify(req.body)).digest('hex')}`))) {
-			handler.emit(req.headers['x-github-event'] as string, req.body);
-			res.sendStatus(200);
+	router.post('/hooks/github', ctx => {
+		const sig1 = new Buffer(ctx.headers['x-hub-signature']);
+		const sig2 = new Buffer(`sha1=${crypto.createHmac('sha1', secret).update(JSON.stringify(ctx.body)).digest('hex')}`);
+		if (sig1.equals(sig2)) {
+			handler.emit(ctx.headers['x-github-event'], ctx.body);
+			ctx.status = 204;
 		} else {
-			res.sendStatus(400);
+			ctx.status = 400;
 		}
 	});
+}
 
-	handler.on('status', event => {
-		const state = event.state;
-		switch (state) {
-			case 'error':
-			case 'failure':
-				const commit = event.commit;
-				const parent = commit.parents[0];
-
-				// Fetch parent status
-				request({
-					url: `${parent.url}/statuses`,
-					headers: {
-						'User-Agent': 'misskey'
-					}
-				}, (err, res, body) => {
-					if (err) {
-						console.error(err);
-						return;
-					}
-					const parentStatuses = JSON.parse(body);
-					const parentState = parentStatuses[0].state;
-					const stillFailed = parentState == 'failure' || parentState == 'error';
-					if (stillFailed) {
-						post(`**⚠️BUILD STILL FAILED⚠️**: ?[${commit.commit.message}](${commit.html_url})`);
-					} else {
-						post(`**🚨BUILD FAILED🚨**: →→→?[${commit.commit.message}](${commit.html_url})←←←`);
-					}
-				});
-				break;
-		}
-	});
+module.exports = router;
 
-	handler.on('push', event => {
-		const ref = event.ref;
-		switch (ref) {
-			case 'refs/heads/master':
-				const pusher = event.pusher;
-				const compare = event.compare;
-				const commits = event.commits;
-				post([
-					`Pushed by **${pusher.name}** with ?[${commits.length} commit${commits.length > 1 ? 's' : ''}](${compare}):`,
-					commits.reverse().map(commit => `・[?[${commit.id.substr(0, 7)}](${commit.url})] ${commit.message.split('\n')[0]}`).join('\n'),
-				].join('\n'));
-				break;
-			case 'refs/heads/release':
-				const commit = event.commits[0];
-				post(`RELEASED: ${commit.message}`);
-				break;
-		}
-	});
+handler.on('status', event => {
+	const state = event.state;
+	switch (state) {
+		case 'error':
+		case 'failure':
+			const commit = event.commit;
+			const parent = commit.parents[0];
 
-	handler.on('issues', event => {
-		const issue = event.issue;
-		const action = event.action;
-		let title: string;
-		switch (action) {
-			case 'opened': title = 'Issue opened'; break;
-			case 'closed': title = 'Issue closed'; break;
-			case 'reopened': title = 'Issue reopened'; break;
-			default: return;
-		}
-		post(`${title}: <${issue.number}>「${issue.title}」\n${issue.html_url}`);
-	});
+			// Fetch parent status
+			request({
+				url: `${parent.url}/statuses`,
+				headers: {
+					'User-Agent': 'misskey'
+				}
+			}, (err, res, body) => {
+				if (err) {
+					console.error(err);
+					return;
+				}
+				const parentStatuses = JSON.parse(body);
+				const parentState = parentStatuses[0].state;
+				const stillFailed = parentState == 'failure' || parentState == 'error';
+				if (stillFailed) {
+					post(`**⚠️BUILD STILL FAILED⚠️**: ?[${commit.commit.message}](${commit.html_url})`);
+				} else {
+					post(`**🚨BUILD FAILED🚨**: →→→?[${commit.commit.message}](${commit.html_url})←←←`);
+				}
+			});
+			break;
+	}
+});
 
-	handler.on('issue_comment', event => {
-		const issue = event.issue;
-		const comment = event.comment;
-		const action = event.action;
-		let text: string;
-		switch (action) {
-			case 'created': text = `Commented to「${issue.title}」:${comment.user.login}「${comment.body}」\n${comment.html_url}`; break;
-			default: return;
-		}
-		post(text);
-	});
+handler.on('push', event => {
+	const ref = event.ref;
+	switch (ref) {
+		case 'refs/heads/master':
+			const pusher = event.pusher;
+			const compare = event.compare;
+			const commits = event.commits;
+			post([
+				`Pushed by **${pusher.name}** with ?[${commits.length} commit${commits.length > 1 ? 's' : ''}](${compare}):`,
+				commits.reverse().map(commit => `・[?[${commit.id.substr(0, 7)}](${commit.url})] ${commit.message.split('\n')[0]}`).join('\n'),
+			].join('\n'));
+			break;
+		case 'refs/heads/release':
+			const commit = event.commits[0];
+			post(`RELEASED: ${commit.message}`);
+			break;
+	}
+});
 
-	handler.on('watch', event => {
-		const sender = event.sender;
-		post(`⭐️ Starred by **${sender.login}** ⭐️`);
-	});
+handler.on('issues', event => {
+	const issue = event.issue;
+	const action = event.action;
+	let title: string;
+	switch (action) {
+		case 'opened': title = 'Issue opened'; break;
+		case 'closed': title = 'Issue closed'; break;
+		case 'reopened': title = 'Issue reopened'; break;
+		default: return;
+	}
+	post(`${title}: <${issue.number}>「${issue.title}」\n${issue.html_url}`);
+});
 
-	handler.on('fork', event => {
-		const repo = event.forkee;
-		post(`🍴 Forked:\n${repo.html_url} 🍴`);
-	});
+handler.on('issue_comment', event => {
+	const issue = event.issue;
+	const comment = event.comment;
+	const action = event.action;
+	let text: string;
+	switch (action) {
+		case 'created': text = `Commented to「${issue.title}」:${comment.user.login}「${comment.body}」\n${comment.html_url}`; break;
+		default: return;
+	}
+	post(text);
+});
 
-	handler.on('pull_request', event => {
-		const pr = event.pull_request;
-		const action = event.action;
-		let text: string;
-		switch (action) {
-			case 'opened': text = `New Pull Request:「${pr.title}」\n${pr.html_url}`; break;
-			case 'reopened': text = `Pull Request Reopened:「${pr.title}」\n${pr.html_url}`; break;
-			case 'closed':
-				text = pr.merged
-					? `Pull Request Merged!:「${pr.title}」\n${pr.html_url}`
-					: `Pull Request Closed:「${pr.title}」\n${pr.html_url}`;
-				break;
-			default: return;
-		}
-		post(text);
-	});
-};
+handler.on('watch', event => {
+	const sender = event.sender;
+	post(`⭐️ Starred by **${sender.login}** ⭐️`);
+});
+
+handler.on('fork', event => {
+	const repo = event.forkee;
+	post(`🍴 Forked:\n${repo.html_url} 🍴`);
+});
+
+handler.on('pull_request', event => {
+	const pr = event.pull_request;
+	const action = event.action;
+	let text: string;
+	switch (action) {
+		case 'opened': text = `New Pull Request:「${pr.title}」\n${pr.html_url}`; break;
+		case 'reopened': text = `Pull Request Reopened:「${pr.title}」\n${pr.html_url}`; break;
+		case 'closed':
+			text = pr.merged
+				? `Pull Request Merged!:「${pr.title}」\n${pr.html_url}`
+				: `Pull Request Closed:「${pr.title}」\n${pr.html_url}`;
+			break;
+		default: return;
+	}
+	post(text);
+});
diff --git a/src/server/api/service/twitter.ts b/src/server/api/service/twitter.ts
index e5239fa171..9fb01b44ef 100644
--- a/src/server/api/service/twitter.ts
+++ b/src/server/api/service/twitter.ts
@@ -1,160 +1,155 @@
-import * as express from 'express';
-import * as cookie from 'cookie';
+import * as Koa from 'koa';
+import * as Router from 'koa-router';
 import * as uuid from 'uuid';
-// import * as Twitter from 'twitter';
-// const Twitter = require('twitter');
 import autwh from 'autwh';
 import redis from '../../../db/redis';
-import User, { pack } from '../../../models/user';
+import User, { pack, ILocalUser } from '../../../models/user';
 import event from '../../../publishers/stream';
 import config from '../../../config';
 import signin from '../common/signin';
 
-module.exports = (app: express.Application) => {
-	function getUserToken(req: express.Request) {
-		// req.headers['cookie'] は常に string ですが、型定義の都合上
-		// string | string[] になっているので string を明示しています
-		return ((req.headers['cookie'] as string || '').match(/i=(!\w+)/) || [null, null])[1];
-	}
-
-	function compareOrigin(req: express.Request) {
-		function normalizeUrl(url: string) {
-			return url[url.length - 1] === '/' ? url.substr(0, url.length - 1) : url;
-		}
-
-		// req.headers['referer'] は常に string ですが、型定義の都合上
-		// string | string[] になっているので string を明示しています
-		const referer = req.headers['referer'] as string;
+function getUserToken(ctx: Koa.Context) {
+	return ((ctx.headers['cookie'] || '').match(/i=(!\w+)/) || [null, null])[1];
+}
 
-		return (normalizeUrl(referer) == normalizeUrl(config.url));
+function compareOrigin(ctx: Koa.Context) {
+	function normalizeUrl(url: string) {
+		return url[url.length - 1] === '/' ? url.substr(0, url.length - 1) : url;
 	}
 
-	app.get('/disconnect/twitter', async (req, res): Promise<any> => {
-		if (!compareOrigin(req)) {
-			res.status(400).send('invalid origin');
-			return;
-		}
+	const referer = ctx.headers['referer'];
 
-		const userToken = getUserToken(req);
-		if (userToken == null) return res.send('plz signin');
+	return (normalizeUrl(referer) == normalizeUrl(config.url));
+}
 
-		const user = await User.findOneAndUpdate({
-			host: null,
-			'token': userToken
-		}, {
-			$set: {
-				'twitter': null
-			}
-		});
+// Init router
+const router = new Router();
+
+router.get('/disconnect/twitter', async ctx => {
+	if (!compareOrigin(ctx)) {
+		ctx.throw(400, 'invalid origin');
+		return;
+	}
 
-		res.send(`Twitterの連携を解除しました :v:`);
+	const userToken = getUserToken(ctx);
+	if (userToken == null) {
+		ctx.throw(400, 'signin required');
+		return;
+	}
 
-		// Publish i updated event
-		event(user._id, 'i_updated', await pack(user, user, {
-			detail: true,
-			includeSecrets: true
-		}));
+	const user = await User.findOneAndUpdate({
+		host: null,
+		'token': userToken
+	}, {
+		$set: {
+			'twitter': null
+		}
 	});
 
-	if (config.twitter == null) {
-		app.get('/connect/twitter', (req, res) => {
-			res.send('現在Twitterへ接続できません (このインスタンスではTwitterはサポートされていません)');
-		});
+	ctx.body = `Twitterの連携を解除しました :v:`;
 
-		app.get('/signin/twitter', (req, res) => {
-			res.send('現在Twitterへ接続できません (このインスタンスではTwitterはサポートされていません)');
-		});
+	// Publish i updated event
+	event(user._id, 'i_updated', await pack(user, user, {
+		detail: true,
+		includeSecrets: true
+	}));
+});
 
-		return;
-	}
+if (config.twitter == null) {
+	router.get('/connect/twitter', ctx => {
+		ctx.body = '現在Twitterへ接続できません (このインスタンスではTwitterはサポートされていません)';
+	});
 
+	router.get('/signin/twitter', ctx => {
+		ctx.body = '現在Twitterへ接続できません (このインスタンスではTwitterはサポートされていません)';
+	});
+} else {
 	const twAuth = autwh({
 		consumerKey: config.twitter.consumer_key,
 		consumerSecret: config.twitter.consumer_secret,
 		callbackUrl: `${config.url}/api/tw/cb`
 	});
 
-	app.get('/connect/twitter', async (req, res): Promise<any> => {
-		if (!compareOrigin(req)) {
-			res.status(400).send('invalid origin');
+	router.get('/connect/twitter', async ctx => {
+		if (!compareOrigin(ctx)) {
+			ctx.throw(400, 'invalid origin');
 			return;
 		}
 
-		const userToken = getUserToken(req);
-		if (userToken == null) return res.send('plz signin');
+		const userToken = getUserToken(ctx);
+		if (userToken == null) {
+			ctx.throw(400, 'signin required');
+			return;
+		}
 
-		const ctx = await twAuth.begin();
-		redis.set(userToken, JSON.stringify(ctx));
-		res.redirect(ctx.url);
+		const twCtx = await twAuth.begin();
+		redis.set(userToken, JSON.stringify(twCtx));
+		ctx.redirect(twCtx.url);
 	});
 
-	app.get('/signin/twitter', async (req, res): Promise<any> => {
-		const ctx = await twAuth.begin();
+	router.get('/signin/twitter', async ctx => {
+		const twCtx = await twAuth.begin();
 
 		const sessid = uuid();
 
-		redis.set(sessid, JSON.stringify(ctx));
+		redis.set(sessid, JSON.stringify(twCtx));
 
 		const expires = 1000 * 60 * 60; // 1h
-		res.cookie('signin_with_twitter_session_id', sessid, {
+		ctx.cookies.set('signin_with_twitter_session_id', sessid, {
 			path: '/',
-			domain: `.${config.host}`,
-			secure: config.url.substr(0, 5) === 'https',
+			domain: config.host,
+			secure: config.url.startsWith('https'),
 			httpOnly: true,
 			expires: new Date(Date.now() + expires),
 			maxAge: expires
 		});
 
-		res.redirect(ctx.url);
+		ctx.redirect(twCtx.url);
 	});
 
-	app.get('/tw/cb', (req, res): any => {
-		const userToken = getUserToken(req);
+	router.get('/tw/cb', ctx => {
+		const userToken = getUserToken(ctx);
 
 		if (userToken == null) {
-			// req.headers['cookie'] は常に string ですが、型定義の都合上
-			// string | string[] になっているので string を明示しています
-			const cookies = cookie.parse((req.headers['cookie'] as string || ''));
+			const sessid = ctx.cookies.get('signin_with_twitter_session_id');
 
-			const sessid = cookies['signin_with_twitter_session_id'];
-
-			if (sessid == undefined) {
-				res.status(400).send('invalid session');
+			if (sessid == null) {
+				ctx.throw(400, 'invalid session');
 				return;
 			}
 
-			redis.get(sessid, async (_, ctx) => {
-				const result = await twAuth.done(JSON.parse(ctx), req.query.oauth_verifier);
+			redis.get(sessid, async (_, twCtx) => {
+				const result = await twAuth.done(JSON.parse(twCtx), ctx.query.oauth_verifier);
 
 				const user = await User.findOne({
 					host: null,
 					'twitter.userId': result.userId
-				});
+				}) as ILocalUser;
 
 				if (user == null) {
-					res.status(404).send(`@${result.screenName}と連携しているMisskeyアカウントはありませんでした...`);
+					ctx.throw(404, `@${result.screenName}と連携しているMisskeyアカウントはありませんでした...`);
 					return;
 				}
 
-				signin(res, user, true);
+				signin(ctx, user, true);
 			});
 		} else {
-			const verifier = req.query.oauth_verifier;
+			const verifier = ctx.query.oauth_verifier;
 
 			if (verifier == null) {
-				res.status(400).send('invalid session');
+				ctx.throw(400, 'invalid session');
 				return;
 			}
 
-			redis.get(userToken, async (_, ctx) => {
-				const result = await twAuth.done(JSON.parse(ctx), verifier);
+			redis.get(userToken, async (_, twCtx) => {
+				const result = await twAuth.done(JSON.parse(twCtx), verifier);
 
 				const user = await User.findOneAndUpdate({
 					host: null,
-					'token': userToken
+					token: userToken
 				}, {
 					$set: {
-						'twitter': {
+						twitter: {
 							accessToken: result.accessToken,
 							accessTokenSecret: result.accessTokenSecret,
 							userId: result.userId,
@@ -163,7 +158,7 @@ module.exports = (app: express.Application) => {
 					}
 				});
 
-				res.send(`Twitter: @${result.screenName} を、Misskey: @${user.username} に接続しました！`);
+				ctx.body = `Twitter: @${result.screenName} を、Misskey: @${user.username} に接続しました！`;
 
 				// Publish i updated event
 				event(user._id, 'i_updated', await pack(user, user, {
@@ -173,4 +168,6 @@ module.exports = (app: express.Application) => {
 			});
 		}
 	});
-};
+}
+
+module.exports = router;
-- 
cgit v1.2.3-freya


From 61f21594a9edbb3102d6a0f45c1e95ed82c3f606 Mon Sep 17 00:00:00 2001
From: syuilo <syuilotan@yahoo.co.jp>
Date: Fri, 13 Apr 2018 07:34:27 +0900
Subject: wip

---
 src/server/api/index.ts |  2 ++
 src/server/file/pour.ts |  5 +++--
 src/server/index.ts     | 16 +++++++---------
 src/server/web/index.ts | 17 ++++++++---------
 4 files changed, 20 insertions(+), 20 deletions(-)

(limited to 'src/server/api')

diff --git a/src/server/api/index.ts b/src/server/api/index.ts
index d2427d30ae..c383e1cf8d 100644
--- a/src/server/api/index.ts
+++ b/src/server/api/index.ts
@@ -5,6 +5,7 @@
 import * as Koa from 'koa';
 import * as Router from 'koa-router';
 import * as multer from 'koa-multer';
+import * as bodyParser from 'koa-bodyparser';
 
 import endpoints from './endpoints';
 
@@ -12,6 +13,7 @@ const handler = require('./api-handler').default;
 
 // Init app
 const app = new Koa();
+app.use(bodyParser);
 
 // Init multer instance
 const upload = multer({
diff --git a/src/server/file/pour.ts b/src/server/file/pour.ts
index 2a31cb5898..b38b969c2d 100644
--- a/src/server/file/pour.ts
+++ b/src/server/file/pour.ts
@@ -80,10 +80,11 @@ export default function(readable: stream.Readable, type: string, ctx: Koa.Contex
 	}
 
 	if (ctx.query.download !== undefined) {
-		ctx.header('Content-Disposition', 'attachment');
+		ctx.set('Content-Disposition', 'attachment');
 	}
 
-	ctx.header('Content-Type', data.contentType);
+	ctx.set('Cache-Control', 'max-age=31536000, immutable');
+	ctx.set('Content-Type', data.contentType);
 
 	data.stream.pipe(ctx.res);
 
diff --git a/src/server/index.ts b/src/server/index.ts
index 02362037ee..a637e8598b 100644
--- a/src/server/index.ts
+++ b/src/server/index.ts
@@ -4,10 +4,9 @@
 
 import * as fs from 'fs';
 import * as http from 'http';
-import * as https from 'https';
+import * as http2 from 'http2';
 import * as Koa from 'koa';
 import * as Router from 'koa-router';
-import * as bodyParser from 'koa-bodyparser';
 import * as mount from 'koa-mount';
 
 import activityPub from './activitypub';
@@ -17,14 +16,13 @@ import config from '../config';
 // Init app
 const app = new Koa();
 app.proxy = true;
-app.use(bodyParser);
 
 // HSTS
 // 6months (15552000sec)
 if (config.url.startsWith('https')) {
-	app.use((ctx, next) => {
+	app.use(async (ctx, next) => {
 		ctx.set('strict-transport-security', 'max-age=15552000; preload');
-		next();
+		await next();
 	});
 }
 
@@ -38,20 +36,20 @@ const router = new Router();
 router.use(activityPub.routes());
 router.use(webFinger.routes());
 
-app.use(mount(require('./web')));
-
 // Register router
 app.use(router.routes());
 
+app.use(mount(require('./web')));
+
 function createServer() {
 	if (config.https) {
 		const certs = {};
 		Object.keys(config.https).forEach(k => {
 			certs[k] = fs.readFileSync(config.https[k]);
 		});
-		return https.createServer(certs, app.callback);
+		return http2.createSecureServer(certs, app.callback());
 	} else {
-		return http.createServer(app.callback);
+		return http.createServer(app.callback());
 	}
 }
 
diff --git a/src/server/web/index.ts b/src/server/web/index.ts
index b28ad5592c..dd296f875d 100644
--- a/src/server/web/index.ts
+++ b/src/server/web/index.ts
@@ -2,15 +2,13 @@
  * Web Client Server
  */
 
-import * as path from 'path';
 import ms = require('ms');
-
 import * as Koa from 'koa';
 import * as Router from 'koa-router';
 import * as send from 'koa-send';
 import * as favicon from 'koa-favicon';
 
-const client = path.resolve(`${__dirname}/../../client/`);
+const client = `${__dirname}/../../client/`;
 
 // Init app
 const app = new Koa();
@@ -19,10 +17,10 @@ const app = new Koa();
 app.use(favicon(`${client}/assets/favicon.ico`));
 
 // Common request handler
-app.use((ctx, next) => {
+app.use(async (ctx, next) => {
 	// IFrameの中に入れられないようにする
 	ctx.set('X-Frame-Options', 'DENY');
-	next();
+	await next();
 });
 
 // Init router
@@ -30,9 +28,9 @@ const router = new Router();
 
 //#region static assets
 
-router.get('/assets', async ctx => {
+router.get('/assets/*', async ctx => {
 	await send(ctx, ctx.path, {
-		root: `${client}/assets`,
+		root: client,
 		maxage: ms('7 days'),
 		immutable: true
 	});
@@ -63,8 +61,9 @@ router.get('url', require('./url-preview'));
 
 // Render base html for all requests
 router.get('*', async ctx => {
-	await send(ctx, `${client}/app/base.html`, {
-		maxage: ms('7 days'),
+	await send(ctx, `app/base.html`, {
+		root: client,
+		maxage: ms('3 days'),
 		immutable: true
 	});
 });
-- 
cgit v1.2.3-freya


From 22d2f2051c4cbe3da5b9ece674f36a6555f8c953 Mon Sep 17 00:00:00 2001
From: syuilo <syuilotan@yahoo.co.jp>
Date: Fri, 13 Apr 2018 09:44:00 +0900
Subject: wip

---
 src/client/app/common/mios.ts         |  5 +++--
 src/server/api/api-handler.ts         | 16 +++++++++++++---
 src/server/api/bot/interfaces/line.ts |  2 +-
 src/server/api/call.ts                |  4 +---
 src/server/api/index.ts               |  4 +++-
 src/server/api/private/signin.ts      |  6 +++---
 src/server/api/private/signup.ts      |  6 +++---
 src/server/api/service/github.ts      |  8 ++++++--
 src/server/file/index.ts              |  7 ++++++-
 src/server/file/pour.ts               |  8 +-------
 10 files changed, 40 insertions(+), 26 deletions(-)

(limited to 'src/server/api')

diff --git a/src/client/app/common/mios.ts b/src/client/app/common/mios.ts
index a09af799be..ccc73eebc3 100644
--- a/src/client/app/common/mios.ts
+++ b/src/client/app/common/mios.ts
@@ -444,9 +444,10 @@ export default class MiOS extends EventEmitter {
 		// Append a credential
 		if (this.isSignedIn) (data as any).i = this.i.token;
 
-		const viaStream = localStorage.getItem('apiViaStream') ? localStorage.getItem('apiViaStream') == 'true' : true;
-
 		return new Promise((resolve, reject) => {
+			const viaStream = this.stream.hasConnection &&
+				(localStorage.getItem('apiViaStream') ? localStorage.getItem('apiViaStream') == 'true' : true);
+
 			if (viaStream) {
 				const stream = this.stream.borrow();
 				const id = Math.random().toString();
diff --git a/src/server/api/api-handler.ts b/src/server/api/api-handler.ts
index 2c50234317..947794a20e 100644
--- a/src/server/api/api-handler.ts
+++ b/src/server/api/api-handler.ts
@@ -25,11 +25,21 @@ export default async (endpoint: Endpoint, ctx: Koa.Context) => {
 
 	// Authentication
 	try {
-		[user, app] = await authenticate(ctx.body['i']);
+		[user, app] = await authenticate(ctx.request.body['i']);
 	} catch (e) {
-		return reply(403, 'AUTHENTICATION_FAILED');
+		reply(403, 'AUTHENTICATION_FAILED');
+		return;
 	}
 
+	let res;
+
 	// API invoking
-	call(endpoint, user, app, ctx.body, ctx.req).then(reply).catch(e => reply(400, e));
+	try {
+		res = await call(endpoint, user, app, ctx.request.body, ctx.req);
+	} catch (e) {
+		reply(400, e);
+		return;
+	}
+
+	reply(res);
 };
diff --git a/src/server/api/bot/interfaces/line.ts b/src/server/api/bot/interfaces/line.ts
index 454630161a..733315391d 100644
--- a/src/server/api/bot/interfaces/line.ts
+++ b/src/server/api/bot/interfaces/line.ts
@@ -226,7 +226,7 @@ if (config.line_bot) {
 
 		// シグネチャ比較
 		if (sig1 === sig2) {
-			ctx.body.events.forEach(ev => {
+			ctx.request.body.events.forEach(ev => {
 				handler.emit('event', ev);
 			});
 		} else {
diff --git a/src/server/api/call.ts b/src/server/api/call.ts
index c25f55ed3f..cc40294657 100644
--- a/src/server/api/call.ts
+++ b/src/server/api/call.ts
@@ -6,11 +6,9 @@ import limitter from './limitter';
 import { IUser } from '../../models/user';
 import { IApp } from '../../models/app';
 
-export default (endpoint: string | Endpoint, user: IUser, app: IApp, data: any, req?: http.IncomingMessage) => new Promise(async (ok, rej) => {
+export default (endpoint: string | Endpoint, user: IUser, app: IApp, data: any, req?: http.IncomingMessage) => new Promise<any>(async (ok, rej) => {
 	const isSecure = user != null && app == null;
 
-	//console.log(endpoint, user, app, data);
-
 	const ep = typeof endpoint == 'string' ? endpoints.find(e => e.name == endpoint) : endpoint;
 
 	if (ep.secure && !isSecure) {
diff --git a/src/server/api/index.ts b/src/server/api/index.ts
index c383e1cf8d..2ea5fccb5b 100644
--- a/src/server/api/index.ts
+++ b/src/server/api/index.ts
@@ -13,7 +13,9 @@ const handler = require('./api-handler').default;
 
 // Init app
 const app = new Koa();
-app.use(bodyParser);
+app.use(bodyParser({
+	detectJSON: () => true
+}));
 
 // Init multer instance
 const upload = multer({
diff --git a/src/server/api/private/signin.ts b/src/server/api/private/signin.ts
index 55326deeaf..1737007206 100644
--- a/src/server/api/private/signin.ts
+++ b/src/server/api/private/signin.ts
@@ -11,9 +11,9 @@ export default async (ctx: Koa.Context) => {
 	ctx.set('Access-Control-Allow-Origin', config.url);
 	ctx.set('Access-Control-Allow-Credentials', 'true');
 
-	const username = ctx.body['username'];
-	const password = ctx.body['password'];
-	const token = ctx.body['token'];
+	const username = ctx.request.body['username'];
+	const password = ctx.request.body['password'];
+	const token = ctx.request.body['token'];
 
 	if (typeof username != 'string') {
 		ctx.status = 400;
diff --git a/src/server/api/private/signup.ts b/src/server/api/private/signup.ts
index a4554be4ae..15257b869f 100644
--- a/src/server/api/private/signup.ts
+++ b/src/server/api/private/signup.ts
@@ -37,7 +37,7 @@ export default async (ctx: Koa.Context) => {
 	// Verify recaptcha
 	// ただしテスト時はこの機構は障害となるため無効にする
 	if (process.env.NODE_ENV !== 'test') {
-		const success = await recaptcha(ctx.body['g-recaptcha-response']);
+		const success = await recaptcha(ctx.request.body['g-recaptcha-response']);
 
 		if (!success) {
 			ctx.throw(400, 'recaptcha-failed');
@@ -45,8 +45,8 @@ export default async (ctx: Koa.Context) => {
 		}
 	}
 
-	const username = ctx.body['username'];
-	const password = ctx.body['password'];
+	const username = ctx.request.body['username'];
+	const password = ctx.request.body['password'];
 
 	// Validate username
 	if (!validateUsername(username)) {
diff --git a/src/server/api/service/github.ts b/src/server/api/service/github.ts
index ee226cc5cc..cd9760a36d 100644
--- a/src/server/api/service/github.ts
+++ b/src/server/api/service/github.ts
@@ -35,10 +35,14 @@ if (config.github_bot != null) {
 	const secret = config.github_bot.hook_secret;
 
 	router.post('/hooks/github', ctx => {
+		const body = JSON.stringify(ctx.request.body);
+		const hash = crypto.createHmac('sha1', secret).update(body).digest('hex');
 		const sig1 = new Buffer(ctx.headers['x-hub-signature']);
-		const sig2 = new Buffer(`sha1=${crypto.createHmac('sha1', secret).update(JSON.stringify(ctx.body)).digest('hex')}`);
+		const sig2 = new Buffer(`sha1=${hash}`);
+
+		// シグネチャ比較
 		if (sig1.equals(sig2)) {
-			handler.emit(ctx.headers['x-github-event'], ctx.body);
+			handler.emit(ctx.headers['x-github-event'], ctx.request.body);
 			ctx.status = 204;
 		} else {
 			ctx.status = 400;
diff --git a/src/server/file/index.ts b/src/server/file/index.ts
index d58939f1be..d305286d12 100644
--- a/src/server/file/index.ts
+++ b/src/server/file/index.ts
@@ -13,6 +13,11 @@ import sendDriveFile from './send-drive-file';
 const app = new Koa();
 app.use(cors());
 
+app.use(async (ctx, next) => {
+	ctx.set('Cache-Control', 'max-age=31536000, immutable');
+	await next();
+});
+
 // Init router
 const router = new Router();
 
@@ -27,7 +32,7 @@ router.get('/app-default.jpg', ctx => {
 });
 
 router.get('/:id', sendDriveFile);
-router.get('/:id/:name', sendDriveFile);
+router.get('/:id/*', sendDriveFile);
 
 // Register router
 app.use(router.routes());
diff --git a/src/server/file/pour.ts b/src/server/file/pour.ts
index b38b969c2d..0fd0ad0e60 100644
--- a/src/server/file/pour.ts
+++ b/src/server/file/pour.ts
@@ -83,12 +83,6 @@ export default function(readable: stream.Readable, type: string, ctx: Koa.Contex
 		ctx.set('Content-Disposition', 'attachment');
 	}
 
-	ctx.set('Cache-Control', 'max-age=31536000, immutable');
 	ctx.set('Content-Type', data.contentType);
-
-	data.stream.pipe(ctx.res);
-
-	data.stream.on('end', () => {
-		ctx.res.end();
-	});
+	ctx.body = data.stream;
 }
-- 
cgit v1.2.3-freya


From e2e7babee0de35385eb74830c82eaccdb28f013a Mon Sep 17 00:00:00 2001
From: syuilo <syuilotan@yahoo.co.jp>
Date: Fri, 13 Apr 2018 11:44:39 +0900
Subject: wip

---
 src/server/api/api-handler.ts    | 6 ++++--
 src/server/api/call.ts           | 7 +++----
 src/server/api/common/signin.ts  | 4 +++-
 src/server/api/index.ts          | 3 ++-
 src/server/api/private/signin.ts | 4 ++--
 5 files changed, 14 insertions(+), 10 deletions(-)

(limited to 'src/server/api')

diff --git a/src/server/api/api-handler.ts b/src/server/api/api-handler.ts
index 947794a20e..e716dcdc01 100644
--- a/src/server/api/api-handler.ts
+++ b/src/server/api/api-handler.ts
@@ -7,6 +7,8 @@ import { IUser } from '../../models/user';
 import { IApp } from '../../models/app';
 
 export default async (endpoint: Endpoint, ctx: Koa.Context) => {
+	const body = ctx.is('multipart/form-data') ? (ctx.req as any).body : ctx.request.body;
+
 	const reply = (x?: any, y?: any) => {
 		if (x === undefined) {
 			ctx.status = 204;
@@ -25,7 +27,7 @@ export default async (endpoint: Endpoint, ctx: Koa.Context) => {
 
 	// Authentication
 	try {
-		[user, app] = await authenticate(ctx.request.body['i']);
+		[user, app] = await authenticate(body['i']);
 	} catch (e) {
 		reply(403, 'AUTHENTICATION_FAILED');
 		return;
@@ -35,7 +37,7 @@ export default async (endpoint: Endpoint, ctx: Koa.Context) => {
 
 	// API invoking
 	try {
-		res = await call(endpoint, user, app, ctx.request.body, ctx.req);
+		res = await call(endpoint, user, app, body, (ctx.req as any).file);
 	} catch (e) {
 		reply(400, e);
 		return;
diff --git a/src/server/api/call.ts b/src/server/api/call.ts
index cc40294657..713add566a 100644
--- a/src/server/api/call.ts
+++ b/src/server/api/call.ts
@@ -1,4 +1,3 @@
-import * as http from 'http';
 import * as multer from 'koa-multer';
 
 import endpoints, { Endpoint } from './endpoints';
@@ -6,7 +5,7 @@ import limitter from './limitter';
 import { IUser } from '../../models/user';
 import { IApp } from '../../models/app';
 
-export default (endpoint: string | Endpoint, user: IUser, app: IApp, data: any, req?: http.IncomingMessage) => new Promise<any>(async (ok, rej) => {
+export default (endpoint: string | Endpoint, user: IUser, app: IApp, data: any, file?: any) => new Promise<any>(async (ok, rej) => {
 	const isSecure = user != null && app == null;
 
 	const ep = typeof endpoint == 'string' ? endpoints.find(e => e.name == endpoint) : endpoint;
@@ -36,8 +35,8 @@ export default (endpoint: string | Endpoint, user: IUser, app: IApp, data: any,
 
 	let exec = require(`${__dirname}/endpoints/${ep.name}`);
 
-	if (ep.withFile && req) {
-		exec = exec.bind(null, (req as multer.MulterIncomingMessage).file);
+	if (ep.withFile && file) {
+		exec = exec.bind(null, file);
 	}
 
 	let res;
diff --git a/src/server/api/common/signin.ts b/src/server/api/common/signin.ts
index f57c38414c..44e1336f27 100644
--- a/src/server/api/common/signin.ts
+++ b/src/server/api/common/signin.ts
@@ -3,7 +3,7 @@ import * as Koa from 'koa';
 import config from '../../../config';
 import { ILocalUser } from '../../../models/user';
 
-export default function(ctx: Koa.Context, user: ILocalUser, redirect: boolean) {
+export default function(ctx: Koa.Context, user: ILocalUser, redirect = false) {
 	const expires = 1000 * 60 * 60 * 24 * 365; // One Year
 	ctx.cookies.set('i', user.token, {
 		path: '/',
@@ -16,5 +16,7 @@ export default function(ctx: Koa.Context, user: ILocalUser, redirect: boolean) {
 
 	if (redirect) {
 		ctx.redirect(config.url);
+	} else {
+		ctx.status = 204;
 	}
 }
diff --git a/src/server/api/index.ts b/src/server/api/index.ts
index 2ea5fccb5b..009c99acae 100644
--- a/src/server/api/index.ts
+++ b/src/server/api/index.ts
@@ -14,7 +14,8 @@ const handler = require('./api-handler').default;
 // Init app
 const app = new Koa();
 app.use(bodyParser({
-	detectJSON: () => true
+	// リクエストが multipart/form-data でない限りはJSONだと見なす
+	detectJSON: ctx => !ctx.is('multipart/form-data')
 }));
 
 // Init multer instance
diff --git a/src/server/api/private/signin.ts b/src/server/api/private/signin.ts
index 1737007206..5450c7ad27 100644
--- a/src/server/api/private/signin.ts
+++ b/src/server/api/private/signin.ts
@@ -60,14 +60,14 @@ export default async (ctx: Koa.Context) => {
 			});
 
 			if (verified) {
-				signin(ctx, user, false);
+				signin(ctx, user);
 			} else {
 				ctx.throw(400, {
 					error: 'invalid token'
 				});
 			}
 		} else {
-			signin(ctx, user, false);
+			signin(ctx, user);
 		}
 	} else {
 		ctx.throw(400, {
-- 
cgit v1.2.3-freya


From 732e07a4b3800a7d5527a8be7331cd0ef44fdc85 Mon Sep 17 00:00:00 2001
From: syuilo <syuilotan@yahoo.co.jp>
Date: Fri, 13 Apr 2018 13:52:25 +0900
Subject: Clean up

---
 src/server/api/call.ts | 2 --
 1 file changed, 2 deletions(-)

(limited to 'src/server/api')

diff --git a/src/server/api/call.ts b/src/server/api/call.ts
index 713add566a..fd3cea7743 100644
--- a/src/server/api/call.ts
+++ b/src/server/api/call.ts
@@ -1,5 +1,3 @@
-import * as multer from 'koa-multer';
-
 import endpoints, { Endpoint } from './endpoints';
 import limitter from './limitter';
 import { IUser } from '../../models/user';
-- 
cgit v1.2.3-freya