diff options
Diffstat (limited to 'src/api')
30 files changed, 121 insertions, 117 deletions
diff --git a/src/api/authenticate.ts b/src/api/authenticate.ts index b289959ac1..537c3d1e1f 100644 --- a/src/api/authenticate.ts +++ b/src/api/authenticate.ts @@ -34,7 +34,7 @@ export default (req: express.Request) => new Promise<IAuthContext>(async (resolv if (isNativeToken(token)) { const user: IUser = await User - .findOne({ token: token }); + .findOne({ 'account.token': token }); if (user === null) { return reject('user not found'); diff --git a/src/api/bot/core.ts b/src/api/bot/core.ts index 1f07d4eee9..ad29f1003e 100644 --- a/src/api/bot/core.ts +++ b/src/api/bot/core.ts @@ -225,7 +225,7 @@ class SigninContext extends Context { } } else { // Compare password - const same = await bcrypt.compare(query, this.temporaryUser.password); + const same = await bcrypt.compare(query, this.temporaryUser.account.password); if (same) { this.bot.signin(this.temporaryUser); diff --git a/src/api/bot/interfaces/line.ts b/src/api/bot/interfaces/line.ts index 43c25f8032..bf08821594 100644 --- a/src/api/bot/interfaces/line.ts +++ b/src/api/bot/interfaces/line.ts @@ -110,11 +110,11 @@ class LineBot extends BotCore { data: `showtl|${user.id}` }); - if (user.twitter) { + if (user.account.twitter) { actions.push({ type: 'uri', label: 'Twitterアカウントを見る', - uri: `https://twitter.com/${user.twitter.screen_name}` + uri: `https://twitter.com/${user.account.twitter.screen_name}` }); } @@ -171,7 +171,7 @@ module.exports = async (app: express.Application) => { if (session == null) { const user = await User.findOne({ - line: { + 'account.line': { user_id: sourceId } }); @@ -181,7 +181,7 @@ module.exports = async (app: express.Application) => { bot.on('signin', user => { User.update(user._id, { $set: { - line: { + 'account.line': { user_id: sourceId } } @@ -191,7 +191,7 @@ module.exports = async (app: express.Application) => { bot.on('signout', user => { User.update(user._id, { $set: { - line: { + 'account.line': { user_id: null } } diff --git a/src/api/common/signin.ts b/src/api/common/signin.ts index ec3dd80309..04c2cdac81 100644 --- a/src/api/common/signin.ts +++ b/src/api/common/signin.ts @@ -2,7 +2,7 @@ import config from '../../conf'; export default function(res, user, redirect: boolean) { const expires = 1000 * 60 * 60 * 24 * 365; // One Year - res.cookie('i', user.token, { + res.cookie('i', user.account.token, { path: '/', domain: `.${config.hostname}`, secure: config.url.substr(0, 5) === 'https', diff --git a/src/api/endpoints/auth/accept.ts b/src/api/endpoints/auth/accept.ts index 4ee20a6d25..8955738ebf 100644 --- a/src/api/endpoints/auth/accept.ts +++ b/src/api/endpoints/auth/accept.ts @@ -45,7 +45,7 @@ module.exports = (params, user) => new Promise(async (res, rej) => { // Fetch token const session = await AuthSess - .findOne({ token: token }); + .findOne({ 'account.token': token }); if (session === null) { return rej('session not found'); diff --git a/src/api/endpoints/following/create.ts b/src/api/endpoints/following/create.ts index 8e1aa34713..767b837b35 100644 --- a/src/api/endpoints/following/create.ts +++ b/src/api/endpoints/following/create.ts @@ -32,7 +32,7 @@ module.exports = (params, user) => new Promise(async (res, rej) => { }, { fields: { data: false, - profile: false + 'account.profile': false } }); diff --git a/src/api/endpoints/following/delete.ts b/src/api/endpoints/following/delete.ts index b68cec09dd..64b9a8cecb 100644 --- a/src/api/endpoints/following/delete.ts +++ b/src/api/endpoints/following/delete.ts @@ -31,7 +31,7 @@ module.exports = (params, user) => new Promise(async (res, rej) => { }, { fields: { data: false, - profile: false + 'account.profile': false } }); diff --git a/src/api/endpoints/i.ts b/src/api/endpoints/i.ts index 7efdbcd7c9..32b0382faf 100644 --- a/src/api/endpoints/i.ts +++ b/src/api/endpoints/i.ts @@ -22,7 +22,7 @@ module.exports = (params, user, _, isSecure) => new Promise(async (res, rej) => // Update lastUsedAt User.update({ _id: user._id }, { $set: { - last_used_at: new Date() + 'account.last_used_at': new Date() } }); }); diff --git a/src/api/endpoints/i/2fa/done.ts b/src/api/endpoints/i/2fa/done.ts index 0b36033bb6..0f1db73829 100644 --- a/src/api/endpoints/i/2fa/done.ts +++ b/src/api/endpoints/i/2fa/done.ts @@ -28,8 +28,8 @@ module.exports = async (params, user) => new Promise(async (res, rej) => { await User.update(user._id, { $set: { - two_factor_secret: user.two_factor_temp_secret, - two_factor_enabled: true + 'account.two_factor_secret': user.two_factor_temp_secret, + 'account.two_factor_enabled': true } }); diff --git a/src/api/endpoints/i/2fa/register.ts b/src/api/endpoints/i/2fa/register.ts index c2b5037a29..24abfcdfc5 100644 --- a/src/api/endpoints/i/2fa/register.ts +++ b/src/api/endpoints/i/2fa/register.ts @@ -14,7 +14,7 @@ module.exports = async (params, user) => new Promise(async (res, rej) => { if (passwordErr) return rej('invalid password param'); // Compare password - const same = await bcrypt.compare(password, user.password); + const same = await bcrypt.compare(password, user.account.password); if (!same) { return rej('incorrect password'); diff --git a/src/api/endpoints/i/2fa/unregister.ts b/src/api/endpoints/i/2fa/unregister.ts index 6bee6a26f2..c43f9ccc44 100644 --- a/src/api/endpoints/i/2fa/unregister.ts +++ b/src/api/endpoints/i/2fa/unregister.ts @@ -11,7 +11,7 @@ module.exports = async (params, user) => new Promise(async (res, rej) => { if (passwordErr) return rej('invalid password param'); // Compare password - const same = await bcrypt.compare(password, user.password); + const same = await bcrypt.compare(password, user.account.password); if (!same) { return rej('incorrect password'); @@ -19,8 +19,8 @@ module.exports = async (params, user) => new Promise(async (res, rej) => { await User.update(user._id, { $set: { - two_factor_secret: null, - two_factor_enabled: false + 'account.two_factor_secret': null, + 'account.two_factor_enabled': false } }); diff --git a/src/api/endpoints/i/change_password.ts b/src/api/endpoints/i/change_password.ts index 16f1a2e4ec..88fb36b1fb 100644 --- a/src/api/endpoints/i/change_password.ts +++ b/src/api/endpoints/i/change_password.ts @@ -22,7 +22,7 @@ module.exports = async (params, user) => new Promise(async (res, rej) => { if (newPasswordErr) return rej('invalid new_password param'); // Compare password - const same = await bcrypt.compare(currentPassword, user.password); + const same = await bcrypt.compare(currentPassword, user.account.password); if (!same) { return rej('incorrect password'); @@ -34,7 +34,7 @@ module.exports = async (params, user) => new Promise(async (res, rej) => { await User.update(user._id, { $set: { - password: hash + 'account.password': hash } }); diff --git a/src/api/endpoints/i/regenerate_token.ts b/src/api/endpoints/i/regenerate_token.ts index 653468330f..9ac7b55071 100644 --- a/src/api/endpoints/i/regenerate_token.ts +++ b/src/api/endpoints/i/regenerate_token.ts @@ -20,7 +20,7 @@ module.exports = async (params, user) => new Promise(async (res, rej) => { if (passwordErr) return rej('invalid password param'); // Compare password - const same = await bcrypt.compare(password, user.password); + const same = await bcrypt.compare(password, user.account.password); if (!same) { return rej('incorrect password'); @@ -31,7 +31,7 @@ module.exports = async (params, user) => new Promise(async (res, rej) => { await User.update(user._id, { $set: { - token: secret + 'account.token': secret } }); diff --git a/src/api/endpoints/i/update.ts b/src/api/endpoints/i/update.ts index 76bad2d156..db8a3f25bd 100644 --- a/src/api/endpoints/i/update.ts +++ b/src/api/endpoints/i/update.ts @@ -29,12 +29,12 @@ module.exports = async (params, user, _, isSecure) => new Promise(async (res, re // Get 'location' parameter const [location, locationErr] = $(params.location).optional.nullable.string().pipe(isValidLocation).$; if (locationErr) return rej('invalid location param'); - if (location !== undefined) user.profile.location = location; + if (location !== undefined) user.account.profile.location = location; // Get 'birthday' parameter const [birthday, birthdayErr] = $(params.birthday).optional.nullable.string().pipe(isValidBirthday).$; if (birthdayErr) return rej('invalid birthday param'); - if (birthday !== undefined) user.profile.birthday = birthday; + if (birthday !== undefined) user.account.profile.birthday = birthday; // Get 'avatar_id' parameter const [avatarId, avatarIdErr] = $(params.avatar_id).optional.id().$; @@ -49,12 +49,12 @@ module.exports = async (params, user, _, isSecure) => new Promise(async (res, re // Get 'is_bot' parameter const [isBot, isBotErr] = $(params.is_bot).optional.boolean().$; if (isBotErr) return rej('invalid is_bot param'); - if (isBot != null) user.is_bot = isBot; + if (isBot != null) user.account.is_bot = isBot; // Get 'auto_watch' parameter const [autoWatch, autoWatchErr] = $(params.auto_watch).optional.boolean().$; if (autoWatchErr) return rej('invalid auto_watch param'); - if (autoWatch != null) user.settings.auto_watch = autoWatch; + if (autoWatch != null) user.account.settings.auto_watch = autoWatch; await User.update(user._id, { $set: { @@ -62,9 +62,9 @@ module.exports = async (params, user, _, isSecure) => new Promise(async (res, re description: user.description, avatar_id: user.avatar_id, banner_id: user.banner_id, - profile: user.profile, - is_bot: user.is_bot, - settings: user.settings + 'account.profile': user.account.profile, + 'account.is_bot': user.account.is_bot, + 'account.settings': user.account.settings } }); diff --git a/src/api/endpoints/i/update_client_setting.ts b/src/api/endpoints/i/update_client_setting.ts index b817ff354c..c772ed5dc3 100644 --- a/src/api/endpoints/i/update_client_setting.ts +++ b/src/api/endpoints/i/update_client_setting.ts @@ -22,14 +22,14 @@ module.exports = async (params, user) => new Promise(async (res, rej) => { if (valueErr) return rej('invalid value param'); const x = {}; - x[`client_settings.${name}`] = value; + x[`account.client_settings.${name}`] = value; await User.update(user._id, { $set: x }); // Serialize - user.client_settings[name] = value; + user.account.client_settings[name] = value; const iObj = await pack(user, user, { detail: true, includeSecrets: true diff --git a/src/api/endpoints/i/update_home.ts b/src/api/endpoints/i/update_home.ts index 394686cbd1..9ce44e25ee 100644 --- a/src/api/endpoints/i/update_home.ts +++ b/src/api/endpoints/i/update_home.ts @@ -26,7 +26,7 @@ module.exports = async (params, user) => new Promise(async (res, rej) => { if (home) { await User.update(user._id, { $set: { - 'client_settings.home': home + 'account.client_settings.home': home } }); @@ -38,7 +38,7 @@ module.exports = async (params, user) => new Promise(async (res, rej) => { } else { if (id == null && data == null) return rej('you need to set id and data params if home param unset'); - const _home = user.client_settings.home; + const _home = user.account.client_settings.home; const widget = _home.find(w => w.id == id); if (widget == null) return rej('widget not found'); @@ -47,7 +47,7 @@ module.exports = async (params, user) => new Promise(async (res, rej) => { await User.update(user._id, { $set: { - 'client_settings.home': _home + 'account.client_settings.home': _home } }); diff --git a/src/api/endpoints/i/update_mobile_home.ts b/src/api/endpoints/i/update_mobile_home.ts index 70181431a2..1daddf42b9 100644 --- a/src/api/endpoints/i/update_mobile_home.ts +++ b/src/api/endpoints/i/update_mobile_home.ts @@ -25,7 +25,7 @@ module.exports = async (params, user) => new Promise(async (res, rej) => { if (home) { await User.update(user._id, { $set: { - 'client_settings.mobile_home': home + 'account.client_settings.mobile_home': home } }); @@ -37,7 +37,7 @@ module.exports = async (params, user) => new Promise(async (res, rej) => { } else { if (id == null && data == null) return rej('you need to set id and data params if home param unset'); - const _home = user.client_settings.mobile_home || []; + const _home = user.account.client_settings.mobile_home || []; const widget = _home.find(w => w.id == id); if (widget == null) return rej('widget not found'); @@ -46,7 +46,7 @@ module.exports = async (params, user) => new Promise(async (res, rej) => { await User.update(user._id, { $set: { - 'client_settings.mobile_home': _home + 'account.client_settings.mobile_home': _home } }); diff --git a/src/api/endpoints/mute/create.ts b/src/api/endpoints/mute/create.ts index f44854ab52..f99b40d32e 100644 --- a/src/api/endpoints/mute/create.ts +++ b/src/api/endpoints/mute/create.ts @@ -30,7 +30,7 @@ module.exports = (params, user) => new Promise(async (res, rej) => { }, { fields: { data: false, - profile: false + 'account.profile': false } }); diff --git a/src/api/endpoints/mute/delete.ts b/src/api/endpoints/mute/delete.ts index d6bff3353a..36e2fd101a 100644 --- a/src/api/endpoints/mute/delete.ts +++ b/src/api/endpoints/mute/delete.ts @@ -30,7 +30,7 @@ module.exports = (params, user) => new Promise(async (res, rej) => { }, { fields: { data: false, - profile: false + 'account.profile': false } }); diff --git a/src/api/endpoints/posts/categorize.ts b/src/api/endpoints/posts/categorize.ts index 3530ba6bc4..0c85c2b4e0 100644 --- a/src/api/endpoints/posts/categorize.ts +++ b/src/api/endpoints/posts/categorize.ts @@ -12,7 +12,7 @@ import Post from '../../models/post'; * @return {Promise<any>} */ module.exports = (params, user) => new Promise(async (res, rej) => { - if (!user.is_pro) { + if (!user.account.is_pro) { return rej('This endpoint is available only from a Pro account'); } diff --git a/src/api/endpoints/posts/create.ts b/src/api/endpoints/posts/create.ts index 1c3ab53457..f46a84e1f1 100644 --- a/src/api/endpoints/posts/create.ts +++ b/src/api/endpoints/posts/create.ts @@ -390,7 +390,7 @@ module.exports = (params, user: IUser, app) => new Promise(async (res, rej) => { }); // この投稿をWatchする - if (user.settings.auto_watch !== false) { + if (user.account.settings.auto_watch !== false) { watch(user._id, reply); } diff --git a/src/api/endpoints/posts/polls/vote.ts b/src/api/endpoints/posts/polls/vote.ts index 8222fe5326..16ce76a6fa 100644 --- a/src/api/endpoints/posts/polls/vote.ts +++ b/src/api/endpoints/posts/polls/vote.ts @@ -100,7 +100,7 @@ module.exports = (params, user) => new Promise(async (res, rej) => { }); // この投稿をWatchする - if (user.settings.auto_watch !== false) { + if (user.account.settings.auto_watch !== false) { watch(user._id, post); } }); diff --git a/src/api/endpoints/posts/reactions/create.ts b/src/api/endpoints/posts/reactions/create.ts index 93d9756d02..f77afed40c 100644 --- a/src/api/endpoints/posts/reactions/create.ts +++ b/src/api/endpoints/posts/reactions/create.ts @@ -116,7 +116,7 @@ module.exports = (params, user) => new Promise(async (res, rej) => { }); // この投稿をWatchする - if (user.settings.auto_watch !== false) { + if (user.account.settings.auto_watch !== false) { watch(user._id, post); } }); diff --git a/src/api/endpoints/users/recommendation.ts b/src/api/endpoints/users/recommendation.ts index 736233b340..f1f5bcd0ac 100644 --- a/src/api/endpoints/users/recommendation.ts +++ b/src/api/endpoints/users/recommendation.ts @@ -30,7 +30,7 @@ module.exports = (params, me) => new Promise(async (res, rej) => { _id: { $nin: followingIds }, - last_used_at: { + 'account.last_used_at': { $gte: new Date(Date.now() - ms('7days')) } }, { diff --git a/src/api/models/user.ts b/src/api/models/user.ts index ba2765c793..372e2c5dac 100644 --- a/src/api/models/user.ts +++ b/src/api/models/user.ts @@ -11,7 +11,7 @@ import config from '../../conf'; const User = db.get<IUser>('users'); User.createIndex('username'); -User.createIndex('token'); +User.createIndex('account.token'); export default User; @@ -43,46 +43,48 @@ export type IUser = { _id: mongo.ObjectID; created_at: Date; deleted_at: Date; - email: string; followers_count: number; following_count: number; - links: string[]; name: string; - password: string; posts_count: number; drive_capacity: number; username: string; username_lower: string; - token: string; avatar_id: mongo.ObjectID; banner_id: mongo.ObjectID; data: any; - twitter: { - access_token: string; - access_token_secret: string; - user_id: string; - screen_name: string; - }; - line: { - user_id: string; - }; description: string; - profile: { - location: string; - birthday: string; // 'YYYY-MM-DD' - tags: string[]; - }; - last_used_at: Date; latest_post: IPost; pinned_post_id: mongo.ObjectID; - is_bot: boolean; - is_pro: boolean; is_suspended: boolean; keywords: string[]; - two_factor_secret: string; - two_factor_enabled: boolean; - client_settings: any; - settings: any; + account: { + email: string; + links: string[]; + password: string; + token: string; + twitter: { + access_token: string; + access_token_secret: string; + user_id: string; + screen_name: string; + }; + line: { + user_id: string; + }; + profile: { + location: string; + birthday: string; // 'YYYY-MM-DD' + tags: string[]; + }; + last_used_at: Date; + is_bot: boolean; + is_pro: boolean; + two_factor_secret: string; + two_factor_enabled: boolean; + client_settings: any; + settings: any; + }; }; export function init(user): IUser { @@ -119,11 +121,11 @@ export const pack = ( const fields = opts.detail ? { } : { - settings: false, - client_settings: false, - profile: false, - keywords: false, - domains: false + 'account.settings': false, + 'account.client_settings': false, + 'account.profile': false, + 'account.keywords': false, + 'account.domains': false }; // Populate the user if 'user' is ID @@ -158,26 +160,26 @@ export const pack = ( delete _user.latest_post; // Remove private properties - delete _user.password; - delete _user.token; - delete _user.two_factor_temp_secret; - delete _user.two_factor_secret; + delete _user.account.password; + delete _user.account.token; + delete _user.account.two_factor_temp_secret; + delete _user.account.two_factor_secret; delete _user.username_lower; - if (_user.twitter) { - delete _user.twitter.access_token; - delete _user.twitter.access_token_secret; + if (_user.account.twitter) { + delete _user.account.twitter.access_token; + delete _user.account.twitter.access_token_secret; } - delete _user.line; + delete _user.account.line; // Visible via only the official client if (!opts.includeSecrets) { - delete _user.email; - delete _user.settings; - delete _user.client_settings; + delete _user.account.email; + delete _user.account.settings; + delete _user.account.client_settings; } if (!opts.detail) { - delete _user.two_factor_enabled; + delete _user.account.two_factor_enabled; } _user.avatar_url = _user.avatar_id != null diff --git a/src/api/private/signin.ts b/src/api/private/signin.ts index b49d25d99a..ae0be03c73 100644 --- a/src/api/private/signin.ts +++ b/src/api/private/signin.ts @@ -36,7 +36,7 @@ export default async (req: express.Request, res: express.Response) => { }, { fields: { data: false, - profile: false + 'account.profile': false } }); @@ -48,12 +48,12 @@ export default async (req: express.Request, res: express.Response) => { } // Compare password - const same = await bcrypt.compare(password, user.password); + const same = await bcrypt.compare(password, user.account.password); if (same) { - if (user.two_factor_enabled) { + if (user.account.two_factor_enabled) { const verified = (speakeasy as any).totp.verify({ - secret: user.two_factor_secret, + secret: user.account.two_factor_secret, encoding: 'base32', token: token }); diff --git a/src/api/private/signup.ts b/src/api/private/signup.ts index 3df00ae426..902642425c 100644 --- a/src/api/private/signup.ts +++ b/src/api/private/signup.ts @@ -105,38 +105,40 @@ export default async (req: express.Request, res: express.Response) => { // Create account const account: IUser = await User.insert({ - token: secret, avatar_id: null, banner_id: null, created_at: new Date(), description: null, - email: null, followers_count: 0, following_count: 0, - links: null, name: name, - password: hash, posts_count: 0, likes_count: 0, liked_count: 0, drive_capacity: 1073741824, // 1GB username: username, username_lower: username.toLowerCase(), - profile: { - bio: null, - birthday: null, - blood: null, - gender: null, - handedness: null, - height: null, - location: null, - weight: null - }, - settings: { - auto_watch: true - }, - client_settings: { - home: homeData + account: { + token: secret, + email: null, + links: null, + password: hash, + profile: { + bio: null, + birthday: null, + blood: null, + gender: null, + handedness: null, + height: null, + location: null, + weight: null + }, + settings: { + auto_watch: true + }, + client_settings: { + home: homeData + } } }); diff --git a/src/api/service/twitter.ts b/src/api/service/twitter.ts index adcd5ac49b..02b613454c 100644 --- a/src/api/service/twitter.ts +++ b/src/api/service/twitter.ts @@ -39,10 +39,10 @@ module.exports = (app: express.Application) => { if (userToken == null) return res.send('plz signin'); const user = await User.findOneAndUpdate({ - token: userToken + 'account.token': userToken }, { $set: { - twitter: null + 'account.twitter': null } }); @@ -126,7 +126,7 @@ module.exports = (app: express.Application) => { const result = await twAuth.done(JSON.parse(ctx), req.query.oauth_verifier); const user = await User.findOne({ - 'twitter.user_id': result.userId + 'account.twitter.user_id': result.userId }); if (user == null) { @@ -148,10 +148,10 @@ module.exports = (app: express.Application) => { const result = await twAuth.done(JSON.parse(ctx), verifier); const user = await User.findOneAndUpdate({ - token: userToken + 'account.token': userToken }, { $set: { - twitter: { + 'account.twitter': { access_token: result.accessToken, access_token_secret: result.accessTokenSecret, user_id: result.userId, diff --git a/src/api/stream/home.ts b/src/api/stream/home.ts index cc3fb885e4..1ef0f33b4b 100644 --- a/src/api/stream/home.ts +++ b/src/api/stream/home.ts @@ -74,7 +74,7 @@ export default async function(request: websocket.request, connection: websocket. // Update lastUsedAt User.update({ _id: user._id }, { $set: { - last_used_at: new Date() + 'account.last_used_at': new Date() } }); break; diff --git a/src/api/streaming.ts b/src/api/streaming.ts index f56c08092c..427e01afdd 100644 --- a/src/api/streaming.ts +++ b/src/api/streaming.ts @@ -94,7 +94,7 @@ function authenticate(token: string): Promise<IUser> { // Fetch user const user: IUser = await User .findOne({ - token: token + 'account.token': token }); resolve(user); |