code002lover/IPost
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Merge branch 'master' into snyk-upgrade-b96d6b000d4656468fa5fb82eab0a88b

Browse Source
This commit is contained in:
Code002Lover 2023-05-03 10:00:20 +02:00 committed by GitHub
commit 5946ff4d86
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
19 changed files with 9594 additions and 2807 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -8,3 +8,4 @@ avatars/*
etc/* etc/*
*newrelic* *newrelic*
user_uploads/* user_uploads/*
swagger-api.json

191
package-lock.json generated
View File

@ -13,20 +13,22 @@
"clean-css": "^5.3.2", "clean-css": "^5.3.2",
"compression": "^1.7.4", "compression": "^1.7.4",
"cookie-parser": "^1.4.6", "cookie-parser": "^1.4.6",
"ejs": "^3.1.8", "ejs": "^3.1.9",
"express": "^4.18.2", "express": "^4.18.2",
"express-fileupload": "^1.3.1", "express-fileupload": "^1.3.1",
"express-useragent": "^1.0.15", "express-useragent": "^1.0.15",
"hcaptcha": "^0.1.1", "hcaptcha": "^0.1.1",
"hsts": "^2.2.0",
"html-minifier-terser": "^7.1.0", "html-minifier-terser": "^7.1.0",
"lru-cache": "^8.0.0", "lru-cache": "^8.0.0",
"mysql2": "^3.2.0", "mysql2": "^3.2.0",
"newrelic": "^9.11.0", "newrelic": "^9.11.0",
"sharp": "^0.30.7", "sharp": "^0.30.7",
"spdy": "^4.0.2", "spdy": "^4.0.2",
"swagger-autogen": "^2.23.1",
"uglify-js": "^3.17.4", "uglify-js": "^3.17.4",
"unsafe_encrypt": "^1.0.4", "unsafe_encrypt": "^1.0.4",
"ws": "^8.12.1" "ws": "^8.13.0"
}, },
"devDependencies": { "devDependencies": {
"@hcaptcha/types": "^1.0.3" "@hcaptcha/types": "^1.0.3"
@ -735,6 +737,14 @@
"node": ">=4.0.0" "node": ">=4.0.0"
} }
}, },
"node_modules/deepmerge": {
"version": "4.3.1",
"resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz",
"integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==",
"engines": {
"node": ">=0.10.0"
}
},
"node_modules/denque": { "node_modules/denque": {
"version": "2.1.0", "version": "2.1.0",
"resolved": "https://registry.npmjs.org/denque/-/denque-2.1.0.tgz", "resolved": "https://registry.npmjs.org/denque/-/denque-2.1.0.tgz",
@ -788,9 +798,9 @@
"integrity": "sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0=" "integrity": "sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0="
}, },
"node_modules/ejs": { "node_modules/ejs": {
"version": "3.1.8", "version": "3.1.9",
"resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.8.tgz", "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.9.tgz",
"integrity": "sha512-/sXZeMlhS0ArkfX2Aw780gJzXSMPnKjtspYZv+f3NiKLlubezAHDU5+9xz6gd3/NhG3txQCo6xlglmTS+oTGEQ==", "integrity": "sha512-rC+QVNMJWv+MtPgkt0y+0rVEIdbtxVADApW9JXrUVlzHetgcyczP/E7DJmWJ4fJCZF2cPcBk0laWO9ZHMG3DmQ==",
"dependencies": { "dependencies": {
"jake": "^10.8.5" "jake": "^10.8.5"
}, },
@ -1045,6 +1055,11 @@
"resolved": "https://registry.npmjs.org/fs-constants/-/fs-constants-1.0.0.tgz", "resolved": "https://registry.npmjs.org/fs-constants/-/fs-constants-1.0.0.tgz",
"integrity": "sha512-y6OAwoSIf7FyjMIv94u+b5rdheZEjzR63GTyZJm5qh4Bi+2YgwLCcI/fPFZkL5PSixOt6ZNKm+w+Hfp/Bciwow==" "integrity": "sha512-y6OAwoSIf7FyjMIv94u+b5rdheZEjzR63GTyZJm5qh4Bi+2YgwLCcI/fPFZkL5PSixOt6ZNKm+w+Hfp/Bciwow=="
}, },
"node_modules/fs.realpath": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz",
"integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw=="
},
"node_modules/function-bind": { "node_modules/function-bind": {
"version": "1.1.1", "version": "1.1.1",
"resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz",
@ -1084,6 +1099,25 @@
"resolved": "https://registry.npmjs.org/github-from-package/-/github-from-package-0.0.0.tgz", "resolved": "https://registry.npmjs.org/github-from-package/-/github-from-package-0.0.0.tgz",
"integrity": "sha512-SyHy3T1v2NUXn29OsWdxmK6RwHD+vkj3v8en8AOBZ1wBQ/hCAQ5bAQTD02kW4W9tUp/3Qh6J8r9EvntiyCmOOw==" "integrity": "sha512-SyHy3T1v2NUXn29OsWdxmK6RwHD+vkj3v8en8AOBZ1wBQ/hCAQ5bAQTD02kW4W9tUp/3Qh6J8r9EvntiyCmOOw=="
}, },
"node_modules/glob": {
"version": "7.2.3",
"resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz",
"integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==",
"dependencies": {
"fs.realpath": "^1.0.0",
"inflight": "^1.0.4",
"inherits": "2",
"minimatch": "^3.1.1",
"once": "^1.3.0",
"path-is-absolute": "^1.0.0"
},
"engines": {
"node": "*"
},
"funding": {
"url": "https://github.com/sponsors/isaacs"
}
},
"node_modules/handle-thing": { "node_modules/handle-thing": {
"version": "2.0.1", "version": "2.0.1",
"resolved": "https://registry.npmjs.org/handle-thing/-/handle-thing-2.0.1.tgz", "resolved": "https://registry.npmjs.org/handle-thing/-/handle-thing-2.0.1.tgz",
@ -1135,6 +1169,17 @@
"wbuf": "^1.1.0" "wbuf": "^1.1.0"
} }
}, },
"node_modules/hsts": {
"version": "2.2.0",
"resolved": "https://registry.npmjs.org/hsts/-/hsts-2.2.0.tgz",
"integrity": "sha512-ToaTnQ2TbJkochoVcdXYm4HOCliNozlviNsg+X2XQLQvZNI/kCHR9rZxVYpJB3UPcHz80PgxRyWQ7PdU1r+VBQ==",
"dependencies": {
"depd": "2.0.0"
},
"engines": {
"node": ">=4.0.0"
}
},
"node_modules/html-minifier-terser": { "node_modules/html-minifier-terser": {
"version": "7.1.0", "version": "7.1.0",
"resolved": "https://registry.npmjs.org/html-minifier-terser/-/html-minifier-terser-7.1.0.tgz", "resolved": "https://registry.npmjs.org/html-minifier-terser/-/html-minifier-terser-7.1.0.tgz",
@ -1257,6 +1302,15 @@
} }
] ]
}, },
"node_modules/inflight": {
"version": "1.0.6",
"resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz",
"integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==",
"dependencies": {
"once": "^1.3.0",
"wrappy": "1"
}
},
"node_modules/inherits": { "node_modules/inherits": {
"version": "2.0.4", "version": "2.0.4",
"resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz",
@ -1328,6 +1382,17 @@
"resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz",
"integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==" "integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA=="
}, },
"node_modules/json5": {
"version": "2.2.3",
"resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz",
"integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==",
"bin": {
"json5": "lib/cli.js"
},
"engines": {
"node": ">=6"
}
},
"node_modules/lodash.camelcase": { "node_modules/lodash.camelcase": {
"version": "4.3.0", "version": "4.3.0",
"resolved": "https://registry.npmjs.org/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz", "resolved": "https://registry.npmjs.org/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz",
@ -1728,6 +1793,14 @@
"tslib": "^2.0.3" "tslib": "^2.0.3"
} }
}, },
"node_modules/path-is-absolute": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz",
"integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==",
"engines": {
"node": ">=0.10.0"
}
},
"node_modules/path-to-regexp": { "node_modules/path-to-regexp": {
"version": "0.1.7", "version": "0.1.7",
"resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz", "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz",
@ -2277,6 +2350,28 @@
"node": ">=8" "node": ">=8"
} }
}, },
"node_modules/swagger-autogen": {
"version": "2.23.1",
"resolved": "https://registry.npmjs.org/swagger-autogen/-/swagger-autogen-2.23.1.tgz",
"integrity": "sha512-tOAb5cOGNPduIHKoOxndCRy2Mrg7xV3O1RerrWExrDxeSTjXhA350pyJd7VUDY6ZO9gbZ34Bjlc5CXkleUgvAQ==",
"dependencies": {
"acorn": "^7.4.1",
"deepmerge": "^4.2.2",
"glob": "^7.1.7",
"json5": "^2.2.3"
}
},
"node_modules/swagger-autogen/node_modules/acorn": {
"version": "7.4.1",
"resolved": "https://registry.npmjs.org/acorn/-/acorn-7.4.1.tgz",
"integrity": "sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A==",
"bin": {
"acorn": "bin/acorn"
},
"engines": {
"node": ">=0.4.0"
}
},
"node_modules/tar-fs": { "node_modules/tar-fs": {
"version": "2.1.1", "version": "2.1.1",
"resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.1.tgz", "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.1.tgz",
@ -2488,9 +2583,9 @@
"integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==" "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ=="
}, },
"node_modules/ws": { "node_modules/ws": {
"version": "8.12.1", "version": "8.13.0",
"resolved": "https://registry.npmjs.org/ws/-/ws-8.12.1.tgz", "resolved": "https://registry.npmjs.org/ws/-/ws-8.13.0.tgz",
"integrity": "sha512-1qo+M9Ba+xNhPB+YTWUlK6M17brTut5EXbcBaMRN5pH5dFrXz7lzz1ChFSUq3bOUl8yEvSenhHmYUNJxFzdJew==", "integrity": "sha512-x9vcZYTrFPC7aSIbj7sRCYo7L/Xb8Iy+pW0ng0wt2vCJv7M9HOMy0UoN3rr+IFC7hb7vXoqS+P9ktyLLLhO+LA==",
"engines": { "engines": {
"node": ">=10.0.0" "node": ">=10.0.0"
}, },
@ -3091,6 +3186,11 @@
"resolved": "https://registry.npmjs.org/deep-extend/-/deep-extend-0.6.0.tgz", "resolved": "https://registry.npmjs.org/deep-extend/-/deep-extend-0.6.0.tgz",
"integrity": "sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA==" "integrity": "sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA=="
}, },
"deepmerge": {
"version": "4.3.1",
"resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz",
"integrity": "sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A=="
},
"denque": { "denque": {
"version": "2.1.0", "version": "2.1.0",
"resolved": "https://registry.npmjs.org/denque/-/denque-2.1.0.tgz", "resolved": "https://registry.npmjs.org/denque/-/denque-2.1.0.tgz",
@ -3131,9 +3231,9 @@
"integrity": "sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0=" "integrity": "sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0="
}, },
"ejs": { "ejs": {
"version": "3.1.8", "version": "3.1.9",
"resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.8.tgz", "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.9.tgz",
"integrity": "sha512-/sXZeMlhS0ArkfX2Aw780gJzXSMPnKjtspYZv+f3NiKLlubezAHDU5+9xz6gd3/NhG3txQCo6xlglmTS+oTGEQ==", "integrity": "sha512-rC+QVNMJWv+MtPgkt0y+0rVEIdbtxVADApW9JXrUVlzHetgcyczP/E7DJmWJ4fJCZF2cPcBk0laWO9ZHMG3DmQ==",
"requires": { "requires": {
"jake": "^10.8.5" "jake": "^10.8.5"
} }
@ -3336,6 +3436,11 @@
"resolved": "https://registry.npmjs.org/fs-constants/-/fs-constants-1.0.0.tgz", "resolved": "https://registry.npmjs.org/fs-constants/-/fs-constants-1.0.0.tgz",
"integrity": "sha512-y6OAwoSIf7FyjMIv94u+b5rdheZEjzR63GTyZJm5qh4Bi+2YgwLCcI/fPFZkL5PSixOt6ZNKm+w+Hfp/Bciwow==" "integrity": "sha512-y6OAwoSIf7FyjMIv94u+b5rdheZEjzR63GTyZJm5qh4Bi+2YgwLCcI/fPFZkL5PSixOt6ZNKm+w+Hfp/Bciwow=="
}, },
"fs.realpath": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz",
"integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw=="
},
"function-bind": { "function-bind": {
"version": "1.1.1", "version": "1.1.1",
"resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz",
@ -3369,6 +3474,19 @@
"resolved": "https://registry.npmjs.org/github-from-package/-/github-from-package-0.0.0.tgz", "resolved": "https://registry.npmjs.org/github-from-package/-/github-from-package-0.0.0.tgz",
"integrity": "sha512-SyHy3T1v2NUXn29OsWdxmK6RwHD+vkj3v8en8AOBZ1wBQ/hCAQ5bAQTD02kW4W9tUp/3Qh6J8r9EvntiyCmOOw==" "integrity": "sha512-SyHy3T1v2NUXn29OsWdxmK6RwHD+vkj3v8en8AOBZ1wBQ/hCAQ5bAQTD02kW4W9tUp/3Qh6J8r9EvntiyCmOOw=="
}, },
"glob": {
"version": "7.2.3",
"resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz",
"integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==",
"requires": {
"fs.realpath": "^1.0.0",
"inflight": "^1.0.4",
"inherits": "2",
"minimatch": "^3.1.1",
"once": "^1.3.0",
"path-is-absolute": "^1.0.0"
}
},
"handle-thing": { "handle-thing": {
"version": "2.0.1", "version": "2.0.1",
"resolved": "https://registry.npmjs.org/handle-thing/-/handle-thing-2.0.1.tgz", "resolved": "https://registry.npmjs.org/handle-thing/-/handle-thing-2.0.1.tgz",
@ -3408,6 +3526,14 @@
"wbuf": "^1.1.0" "wbuf": "^1.1.0"
} }
}, },
"hsts": {
"version": "2.2.0",
"resolved": "https://registry.npmjs.org/hsts/-/hsts-2.2.0.tgz",
"integrity": "sha512-ToaTnQ2TbJkochoVcdXYm4HOCliNozlviNsg+X2XQLQvZNI/kCHR9rZxVYpJB3UPcHz80PgxRyWQ7PdU1r+VBQ==",
"requires": {
"depd": "2.0.0"
}
},
"html-minifier-terser": { "html-minifier-terser": {
"version": "7.1.0", "version": "7.1.0",
"resolved": "https://registry.npmjs.org/html-minifier-terser/-/html-minifier-terser-7.1.0.tgz", "resolved": "https://registry.npmjs.org/html-minifier-terser/-/html-minifier-terser-7.1.0.tgz",
@ -3493,6 +3619,15 @@
"resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz", "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz",
"integrity": "sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==" "integrity": "sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA=="
}, },
"inflight": {
"version": "1.0.6",
"resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz",
"integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==",
"requires": {
"once": "^1.3.0",
"wrappy": "1"
}
},
"inherits": { "inherits": {
"version": "2.0.4", "version": "2.0.4",
"resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz",
@ -3552,6 +3687,11 @@
"resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz",
"integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==" "integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA=="
}, },
"json5": {
"version": "2.2.3",
"resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz",
"integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg=="
},
"lodash.camelcase": { "lodash.camelcase": {
"version": "4.3.0", "version": "4.3.0",
"resolved": "https://registry.npmjs.org/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz", "resolved": "https://registry.npmjs.org/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz",
@ -3864,6 +4004,11 @@
"tslib": "^2.0.3" "tslib": "^2.0.3"
} }
}, },
"path-is-absolute": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz",
"integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg=="
},
"path-to-regexp": { "path-to-regexp": {
"version": "0.1.7", "version": "0.1.7",
"resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz", "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz",
@ -4277,6 +4422,24 @@
"has-flag": "^4.0.0" "has-flag": "^4.0.0"
} }
}, },
"swagger-autogen": {
"version": "2.23.1",
"resolved": "https://registry.npmjs.org/swagger-autogen/-/swagger-autogen-2.23.1.tgz",
"integrity": "sha512-tOAb5cOGNPduIHKoOxndCRy2Mrg7xV3O1RerrWExrDxeSTjXhA350pyJd7VUDY6ZO9gbZ34Bjlc5CXkleUgvAQ==",
"requires": {
"acorn": "^7.4.1",
"deepmerge": "^4.2.2",
"glob": "^7.1.7",
"json5": "^2.2.3"
},
"dependencies": {
"acorn": {
"version": "7.4.1",
"resolved": "https://registry.npmjs.org/acorn/-/acorn-7.4.1.tgz",
"integrity": "sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A=="
}
}
},
"tar-fs": { "tar-fs": {
"version": "2.1.1", "version": "2.1.1",
"resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.1.tgz", "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.1.tgz",
@ -4446,9 +4609,9 @@
"integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==" "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ=="
}, },
"ws": { "ws": {
"version": "8.12.1", "version": "8.13.0",
"resolved": "https://registry.npmjs.org/ws/-/ws-8.12.1.tgz", "resolved": "https://registry.npmjs.org/ws/-/ws-8.13.0.tgz",
"integrity": "sha512-1qo+M9Ba+xNhPB+YTWUlK6M17brTut5EXbcBaMRN5pH5dFrXz7lzz1ChFSUq3bOUl8yEvSenhHmYUNJxFzdJew==", "integrity": "sha512-x9vcZYTrFPC7aSIbj7sRCYo7L/Xb8Iy+pW0ng0wt2vCJv7M9HOMy0UoN3rr+IFC7hb7vXoqS+P9ktyLLLhO+LA==",
"requires": {} "requires": {}
}, },
"y18n": { "y18n": {

7
package.json
View File

@ -4,20 +4,23 @@
"clean-css": "^5.3.2", "clean-css": "^5.3.2",
"compression": "^1.7.4", "compression": "^1.7.4",
"cookie-parser": "^1.4.6", "cookie-parser": "^1.4.6",
"ejs": "^3.1.8", "ejs": "^3.1.9",
"express": "^4.18.2", "express": "^4.18.2",
"express-fileupload": "^1.3.1", "express-fileupload": "^1.3.1",
"express-useragent": "^1.0.15", "express-useragent": "^1.0.15",
"hcaptcha": "^0.1.1", "hcaptcha": "^0.1.1",
"hsts": "^2.2.0",
"html-minifier-terser": "^7.1.0", "html-minifier-terser": "^7.1.0",
"lru-cache": "^8.0.0", "lru-cache": "^8.0.0",
"newrelic": "^9.11.0", "newrelic": "^9.11.0",
"mysql2": "^3.2.0", "mysql2": "^3.2.0",
"newrelic": "^9.11.0",
"sharp": "^0.30.7", "sharp": "^0.30.7",
"spdy": "^4.0.2", "spdy": "^4.0.2",
"swagger-autogen": "^2.23.1",
"uglify-js": "^3.17.4", "uglify-js": "^3.17.4",
"unsafe_encrypt": "^1.0.4", "unsafe_encrypt": "^1.0.4",
"ws": "^8.12.1" "ws": "^8.13.0"
}, },
"scripts": { "scripts": {
"start": "node server.js", "start": "node server.js",

12
routes/api/all.js
View File

@ -10,7 +10,6 @@ export const setup = function (router, con, server) {
router.use("/*", (req, res, next) => { router.use("/*", (req, res, next) => {
res.set("Access-Control-Allow-Origin", "*"); //we'll allow it for now res.set("Access-Control-Allow-Origin", "*"); //we'll allow it for now
let unsigned; let unsigned;
if (req.body.user === undefined || req.body.pass === undefined) {
if(typeof req.get("ipost-auth-token") === "string") { if(typeof req.get("ipost-auth-token") === "string") {
try{ try{
req.body.auth = JSON.parse(req.get("ipost-auth-token")) req.body.auth = JSON.parse(req.get("ipost-auth-token"))
@ -73,14 +72,6 @@ export const setup = function (router, con, server) {
return return
} }
} }
}
else {
unsigned = `${req.body.user} ${SHA256(req.body.pass, req.body.user, HASHES_COOKIE)}`;
res.set("message","user+pass authentication is deprecated as of february 2023, consider switching to auth tokens")
//basically we generate the unsigned cookie
res.locals.isbot = true; //only bots use user+pass
}
let sql = `select User_ID,User_Name,User_Bio,User_Avatar,User_Settings from ipost.users where User_Name=? and User_PW=?;`; let sql = `select User_ID,User_Name,User_Bio,User_Avatar,User_Settings from ipost.users where User_Name=? and User_PW=?;`;
let values = unsigned.split(" "); let values = unsigned.split(" ");
values[1] = SHA256(values[1], values[0], HASHES_DIFF); values[1] = SHA256(values[1], values[0], HASHES_DIFF);
@ -118,6 +109,9 @@ export const setup = function (router, con, server) {
res.status(402); res.status(402);
res.json({ "error": "you cannot access the api without being logged in" }); res.json({ "error": "you cannot access the api without being logged in" });
} }
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
}; };
export default { export default {

12
routes/api/dms/PersonalMessages.js
View File

@ -20,6 +20,9 @@ export const setup = function (router, con, server) {
throw err; throw err;
res.json(result); res.json(result);
}); });
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
router.get("/api/dms/conversations", function (req, res) { router.get("/api/dms/conversations", function (req, res) {
res.set("Access-Control-Allow-Origin", "*"); res.set("Access-Control-Allow-Origin", "*");
@ -30,10 +33,16 @@ export const setup = function (router, con, server) {
throw err; throw err;
res.json(result); res.json(result);
}); });
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
router.get("/api/dms/encrypt.js", function (req, res) { router.get("/api/dms/encrypt.js", function (req, res) {
res.set("Access-Control-Allow-Origin", "*"); res.set("Access-Control-Allow-Origin", "*");
res.send(web_version()); res.send(web_version());
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
// //
router.get("/api/dms/getDM", function (req, res) { router.get("/api/dms/getDM", function (req, res) {
@ -52,6 +61,9 @@ export const setup = function (router, con, server) {
res.json({ "error": "there is no such dm!" }); res.json({ "error": "there is no such dm!" });
} }
}); });
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
}; };
export default { export default {

7
routes/api/dms/post.js
View File

@ -19,6 +19,9 @@ export const setup = function (router, con, server) {
router.get("/api/dms/pid", function (req, res) { router.get("/api/dms/pid", function (req, res) {
res.set("Access-Control-Allow-Origin", "*"); res.set("Access-Control-Allow-Origin", "*");
res.json({ "pid": createPID() }); res.json({ "pid": createPID() });
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
router.post("/api/dms/post", function (req, res) { router.post("/api/dms/post", function (req, res) {
if (!req.body.message) { if (!req.body.message) {
@ -89,6 +92,10 @@ export const setup = function (router, con, server) {
console.log(5, `posted new dm by ${res.locals.username} to ${otherperson} : ${xor(encodeURIComponent(res.locals.username), otherperson)}`); console.log(5, `posted new dm by ${res.locals.username} to ${otherperson} : ${xor(encodeURIComponent(res.locals.username), otherperson)}`);
}); });
//TODO: bring dms up-to-date with normal posts //TODO: bring dms up-to-date with normal posts
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
return createPID return createPID
}; };

7
routes/api/getFileIcon.js
View File

@ -31,8 +31,8 @@ async function addTextOnImage(text,buf) {
} }
export const setup = function (router, con, server) { export const setup = function (router, con, server) {
router.get("/api/getFileIcon/*",async function(req,res){ router.get("/api/getFileIcon/:icon",async function(req,res){
let path = req.path.split("/api/getFileIcon/")[1] let path = req.params.icon
if(path.length > 4) { if(path.length > 4) {
res.status(410).json({"error":"file ending is too long"}) res.status(410).json({"error":"file ending is too long"})
return; return;
@ -41,5 +41,8 @@ export const setup = function (router, con, server) {
res.set("content-type","image/png") res.set("content-type","image/png")
res.send(buf) res.send(buf)
}) })
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}) })
} }

13
routes/api/getPosts.js
View File

@ -1,8 +1,4 @@
export const setup = function (router, con, server) { export const setup = function (router, con, server) {
router.get("/api/getPosts/*", function (_req, res) {
res.set("Access-Control-Allow-Origin", "");
res.redirect("/api/getPosts");
});
router.get("/api/getPosts", function (req, res) { router.get("/api/getPosts", function (req, res) {
res.set("Access-Control-Allow-Origin", "*"); res.set("Access-Control-Allow-Origin", "*");
if (req.query.channel !== undefined) { if (req.query.channel !== undefined) {
@ -21,6 +17,9 @@ export const setup = function (router, con, server) {
res.json(result); res.json(result);
}); });
} }
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
router.get("/api/getPostsLowerThan", function (req, res) { router.get("/api/getPostsLowerThan", function (req, res) {
res.set("Access-Control-Allow-Origin", "*"); res.set("Access-Control-Allow-Origin", "*");
@ -40,6 +39,9 @@ export const setup = function (router, con, server) {
res.json(result); res.json(result);
}); });
} }
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
router.get("/api/getPost", function (req, res) { router.get("/api/getPost", function (req, res) {
res.set("Access-Control-Allow-Origin", "*"); res.set("Access-Control-Allow-Origin", "*");
@ -56,5 +58,8 @@ export const setup = function (router, con, server) {
res.json({ "error": "there is no such post!" }); res.json({ "error": "there is no such post!" });
} }
}); });
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
} }

6
routes/api/post.js
View File

@ -32,6 +32,9 @@ export const setup = function (router, con, server) {
router.get("/api/pid", function (req, res) { router.get("/api/pid", function (req, res) {
res.set("Access-Control-Allow-Origin", "*"); res.set("Access-Control-Allow-Origin", "*");
res.json({ "pid": createPID() }); res.json({ "pid": createPID() });
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
function validateMessage(message) { function validateMessage(message) {
@ -204,6 +207,9 @@ export const setup = function (router, con, server) {
res.json({"error":"internal server error", "status": 500}) res.json({"error":"internal server error", "status": 500})
} }
} }
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
return createPID return createPID
}; };

4
routes/api/search.js
View File

@ -34,5 +34,9 @@ export const setup = function (router, con, server) {
else { else {
res.json({ "error": "invalid type passed along, expected `user` or `post`", "message": "search has been deprecated as of 11/30/2022"}); res.json({ "error": "invalid type passed along, expected `user` or `post`", "message": "search has been deprecated as of 11/30/2022"});
} }
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
} }

8
routes/api/settingshandler.js
View File

@ -4,6 +4,10 @@ const allowed_settings = {
export const setup = function (router, con, server) { export const setup = function (router, con, server) {
router.get("/api/settings", function (req, res) { router.get("/api/settings", function (req, res) {
res.json(res.locals.settings); res.json(res.locals.settings);
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
router.post("/api/settings", function (req, res) { router.post("/api/settings", function (req, res) {
if (!req.body.setting) { if (!req.body.setting) {
@ -45,6 +49,10 @@ export const setup = function (router, con, server) {
} }
res.json({ "status": "success" }); res.json({ "status": "success" });
}); });
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
}; };
export default { export default {

18
routes/api/userRoutes.js
View File

@ -48,9 +48,15 @@ export const setup = function (router, con, server) {
}); });
}) })
}); });
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
router.get("/api/getuser", function (_req, res) { router.get("/api/getuser", function (_req, res) {
res.json({ "username": res.locals.username, "bio": res.locals.bio, "avatar": res.locals.avatar, "userid": res.locals.userid }); res.json({ "username": res.locals.username, "bio": res.locals.bio, "avatar": res.locals.avatar, "userid": res.locals.userid });
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
router.get("/api/getalluserinformation", function (req, res) { router.get("/api/getalluserinformation", function (req, res) {
res.set("Access-Control-Allow-Origin", ""); //we don't want that here res.set("Access-Control-Allow-Origin", ""); //we don't want that here
@ -73,6 +79,9 @@ export const setup = function (router, con, server) {
res.json({ "error": "you cannot access the api without being logged in" }); res.json({ "error": "you cannot access the api without being logged in" });
} }
}); });
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
router.get("/api/getotheruser", function (req, res) { router.get("/api/getotheruser", function (req, res) {
res.set("Access-Control-Allow-Origin", "*"); res.set("Access-Control-Allow-Origin", "*");
@ -109,6 +118,9 @@ export const setup = function (router, con, server) {
throw err; throw err;
res.json({ "success": "updated bio" }); res.json({ "success": "updated bio" });
}); });
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
router.post("/api/changePW", (req, res) => { router.post("/api/changePW", (req, res) => {
res.set("Access-Control-Allow-Origin", ""); res.set("Access-Control-Allow-Origin", "");
@ -149,6 +161,9 @@ export const setup = function (router, con, server) {
res.json({ "error": "invalid password" }); res.json({ "error": "invalid password" });
} }
}); });
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
router.post("/api/changeUsername", function (req, res) { router.post("/api/changeUsername", function (req, res) {
res.set("Access-Control-Allow-Origin", ""); res.set("Access-Control-Allow-Origin", "");
@ -212,5 +227,8 @@ export const setup = function (router, con, server) {
res.json({ "error": "invalid password" }); res.json({ "error": "invalid password" });
} }
}); });
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
} }

10
routes/authorize.js
View File

@ -35,7 +35,7 @@ export const setup = function (router, con, server) {
if(data !== undefined && data.token===token && data.appid === appid && data.userid === res.locals.userid) { if(data !== undefined && data.token===token && data.appid === appid && data.userid === res.locals.userid) {
temp_code_to_token[tokencode]=undefined temp_code_to_token[tokencode]=undefined
} }
}, 300000); //wait for 5 minutes }, 1000*60*5);
const sql = "SELECT application_auth_url FROM ipost.application where application_id=?" const sql = "SELECT application_auth_url FROM ipost.application where application_id=?"
@ -59,6 +59,10 @@ export const setup = function (router, con, server) {
} }
res.redirect(`/authorize?id=${req.body.application_id}`) res.redirect(`/authorize?id=${req.body.application_id}`)
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}) })
router.post("/redeemauthcode", (req,res) => { router.post("/redeemauthcode", (req,res) => {
@ -124,4 +128,8 @@ export const setup = function (router, con, server) {
}) })
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
} }

37
routes/serve_static_files.js
View File

@ -5,43 +5,43 @@ export const setup = function (router, con, server) {
const __dirname = server.dirname const __dirname = server.dirname
const dir = __dirname + "/" const dir = __dirname + "/"
router.get("/users/*", function (req, res) { router.get("/users/:user", function (req, res) {
if (!increaseUSERCall(req, res)) if (!increaseUSERCall(req, res))
return; return;
res.sendFile(dir + "views/otheruser.html"); res.sendFile(dir + "views/otheruser.html");
}); });
router.get("/css/*", (request, response) => { router.get("/css/:file", (request, response) => {
if (!increaseUSERCall(request, response)) if (!increaseUSERCall(request, response))
return; return;
if (existsSync(__dirname + request.originalUrl)) { if (existsSync(`${__dirname}/css/${request.params.file}`)) {
response.sendFile(__dirname + request.originalUrl); response.sendFile(`${__dirname}/css/${request.params.file}`);
} }
else { else {
response.status(404).send("no file with that name found"); response.status(404).send("no file with that name found");
} }
return; return;
}); });
router.get("/js/*", (request, response) => { router.get("/js/:file", (request, response) => {
if (!increaseUSERCall(request, response)) if (!increaseUSERCall(request, response))
return; return;
if (existsSync(__dirname + request.originalUrl)) { if (existsSync(`${__dirname}/js/${request.params.file}`)) {
response.sendFile(__dirname + request.originalUrl); response.sendFile(`${__dirname}/js/${request.params.file}`);
} }
else { else {
response.status(404).send("no file with that name found"); response.status(404).send("no file with that name found");
} }
return; return;
}); });
router.get("/images/*", (request, response) => { router.get("/images/:file", (request, response) => {
if (!increaseUSERCall(request, response)) if (!increaseUSERCall(request, response))
return; return;
if (existsSync(__dirname + request.originalUrl)) { if (existsSync(`${__dirname}/images/${request.params.file}`)) {
response.set('Cache-Control', 'public, max-age=2592000'); //cache it for one month-ish response.set('Cache-Control', 'public, max-age=2592000'); //cache it for one month-ish
response.sendFile(__dirname + request.originalUrl); response.sendFile(`${__dirname}/images/${request.params.file}`);
} }
else if(existsSync(__dirname + request.originalUrl.toLowerCase())){ else if(existsSync(`${__dirname}/images/${request.params.file.toLowerCase()}`)){
response.set('Cache-Control', 'public, max-age=2592000'); //cache it for one month-ish response.set('Cache-Control', 'public, max-age=2592000'); //cache it for one month-ish
response.sendFile(__dirname + request.originalUrl.toLowerCase()); response.sendFile(`${__dirname}/images/${request.params.file.toLowerCase()}`);
} }
else { else {
response.status(404).send("no file with that name found"); response.status(404).send("no file with that name found");
@ -49,12 +49,12 @@ export const setup = function (router, con, server) {
return; return;
}); });
router.get("/user_uploads/*", (request, response) => { router.get("/user_uploads/:file", (request, response) => {
if (!increaseUSERCall(request, response)) if (!increaseUSERCall(request, response))
return; return;
if (existsSync(__dirname + request.originalUrl)) { if (existsSync(`${__dirname}/user_uploads/${request.params.file}`)) {
response.set('Cache-Control', 'public, max-age=2592000'); //cache it for one month-ish response.set('Cache-Control', 'public, max-age=2592000'); //cache it for one month-ish
response.sendFile(__dirname + request.originalUrl); response.sendFile(`${__dirname}/user_uploads/${request.params.file}`);
} }
else { else {
response.status(404).send("no file with that name found"); response.status(404).send("no file with that name found");
@ -62,13 +62,12 @@ export const setup = function (router, con, server) {
return; return;
}); });
router.get("/avatars/*", (request, response) => { router.get("/avatars/:avatar", (request, response) => {
if (!increaseUSERCall(request, response)) if (!increaseUSERCall(request, response))
return; return;
response.set('Cache-Control', 'public, max-age=2592000'); //cache it for one month-ish response.set('Cache-Control', 'public, max-age=2592000'); //cache it for one month-ish
let originalUrl = request.originalUrl.split("?").shift(); if (existsSync(`${__dirname}/avatars/${request.params.avatar}`)) {
if (existsSync(dir + originalUrl)) { return response.sendFile(`${__dirname}/avatars/${request.params.avatar}`);
return response.sendFile(dir + originalUrl);
} }
response.status(404).send("No avatar with that name found"); response.status(404).send("No avatar with that name found");
}); });

28
routes/userfiles.js
View File

@ -70,6 +70,10 @@ export const setup = function (router, con, server) {
function getAppWithId(appid) { function getAppWithId(appid) {
appid = Number(appid) appid = Number(appid)
return new Promise((res,rej) => { return new Promise((res,rej) => {
if(isNaN(appid)) {
res({})
return
}
if(appId_Cache.has(appid)) { if(appId_Cache.has(appid)) {
res(appId_Cache.get(appid) || {}) res(appId_Cache.get(appid) || {})
return return
@ -111,7 +115,9 @@ export const setup = function (router, con, server) {
if (!increaseUSERCall(request, response))return; if (!increaseUSERCall(request, response))return;
if(typeof overrideurl !== "string")overrideurl = undefined; if(typeof overrideurl !== "string")overrideurl = undefined;
let originalUrl = overrideurl || request.originalUrl.split("?").shift(); let originalUrl = overrideurl
|| request.params.file
|| request.originalUrl.split("?").shift(); //backup in case anything goes wrong
let path = "" let path = ""
if (existsSync(dir + "views" + originalUrl)) { if (existsSync(dir + "views" + originalUrl)) {
@ -136,10 +142,11 @@ export const setup = function (router, con, server) {
path = dir + "views" + originalUrl + ".html" path = dir + "views" + originalUrl + ".html"
} }
if(path !== "" && originalUrl !== "/favicon.ico" && originalUrl !== "/api/documentation/") { if(path !== "" && originalUrl !== "favicon.ico" && originalUrl !== "api_documentation" && originalUrl !== "api_documentation.html") {
console.log(originalUrl)
global_page_variables.user = { "username": response.locals.username, "bio": response.locals.bio, "avatar": response.locals.avatar } global_page_variables.user = { "username": response.locals.username, "bio": response.locals.bio, "avatar": response.locals.avatar }
global_page_variables.query = request.query global_page_variables.query = request.query
if(originalUrl === "/authorize") { if(originalUrl === "authorize") {
global_page_variables.application = await getAppWithId(request.query.id) global_page_variables.application = await getAppWithId(request.query.id)
} }
ejs.renderFile(path,global_page_variables,{async: true},async function(err,str){ ejs.renderFile(path,global_page_variables,{async: true},async function(err,str){
@ -177,16 +184,16 @@ export const setup = function (router, con, server) {
return; return;
} }
if(originalUrl === "/favicon.ico") { if(originalUrl === "api_documentation" || originalUrl === "api_documentation.html") {
response.set('Cache-Control', 'public, max-age=2592000'); response.set('Cache-Control', 'public, max-age=2592000');
response.sendFile(dir + "/views/favicon.ico") response.set('Content-Type', 'text/html')
response.send(load_var("./views/api_documentation.html"))
return return
} }
if(originalUrl === "/api/documentation/") { if(originalUrl === "favicon.ico") {
readFile(path,function(_err,res){ response.set('Cache-Control', 'public, max-age=2592000');
response.send(res.toString()) response.sendFile(dir + "/views/favicon.ico")
})
return return
} }
@ -202,8 +209,9 @@ export const setup = function (router, con, server) {
* Handle default URI as /index (interpreted redirect: "localhost" -> "localhost/index" ) * Handle default URI as /index (interpreted redirect: "localhost" -> "localhost/index" )
*/ */
router.get("/", function (req, res) { router.get("/", function (req, res) {
req.params.file = "index"
handleUserFiles(req,res,"/index") handleUserFiles(req,res,"/index")
}); });
router.get("/*", handleUserFiles); router.get("/:file", handleUserFiles);
} }

10
server.js
View File

@ -14,6 +14,7 @@ import { readFileSync, appendFile } from "fs";
import { format } from "util"; import { format } from "util";
import { setup as SETUP_ROUTES} from "./routes/setup_all_routes.js" import { setup as SETUP_ROUTES} from "./routes/setup_all_routes.js"
import { verify as verifyHCaptcha_int } from "hcaptcha" import { verify as verifyHCaptcha_int } from "hcaptcha"
import hsts from "hsts"
import { ensureExists } from "./extra_modules/ensureExists.js" import { ensureExists } from "./extra_modules/ensureExists.js"
@ -262,6 +263,12 @@ app.use(fileUpload({
} }
})); }));
app.use(hsts({
maxAge: 31536000,
includeSubDomains: true,
preload: true
}));
app.use(bodyParser.default.json({ limit: "100mb" })); app.use(bodyParser.default.json({ limit: "100mb" }));
app.use(bodyParser.default.urlencoded({ limit: "100mb", extended: true })); app.use(bodyParser.default.urlencoded({ limit: "100mb", extended: true }));
app.use(cookieParser(cookiesecret)); app.use(cookieParser(cookiesecret));
@ -358,6 +365,9 @@ router.get("/api/getChannels", function (_req, res) {
throw err; throw err;
res.json(result); res.json(result);
}); });
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}); });
/* /*

4
server_config.json
View File

@ -155,8 +155,8 @@
"level": 5 "level": 5
}, },
"ssl": { "ssl": {
"privateKey": "./etc/letsencrypt/live/ipost.rocks/privkey.pem", "privateKey": "/etc/letsencrypt/live/ipost.rocks-0002/privkey.pem",
"certificate" : "./etc/letsencrypt/live/ipost.rocks/fullchain.pem" "certificate" : "/etc/letsencrypt/live/ipost.rocks-0002/fullchain.pem"
}, },
"ports": { "ports": {
"http": 9999, "http": 9999,

78
swagger.cjs Normal file
View File

@ -0,0 +1,78 @@
const fs = require('fs');
const swaggerAutogen = require('swagger-autogen')();
const doc = {
info: {
title: 'IPost API',
description: 'the official IPost.rocks API documentation',
},
host: 'ipost.rocks',
schemes: ['https'],
securityDefinitions: {
appTokenAuthHeader: {
type: 'apiKey',
in: 'header', // can be 'header', 'query' or 'cookie'
name: 'ipost-auth-token', // name of the header, query parameter or cookie
description: 'authenticate using the authentication object in the header'
}
}
};
const outputFile = './swagger-api.json';
const tempFile = './swagger-output.json';
const endpointsFiles = ['./server.js'];
function pushdirectory(currentpath) {
fs.readdirSync(currentpath, {
withFileTypes: true
}).forEach(dirent => {
if (dirent.isFile()) {
endpointsFiles.push(currentpath + dirent.name);
} else {
pushdirectory(currentpath + dirent.name + "/");
}
});
}
pushdirectory("./routes/");
swaggerAutogen(tempFile, endpointsFiles, doc);
/*
Replace some error codes with own error codes, as described in error_codes.txt
*/
const to_replace = {
"401": "login error (invalid cookie)",
"402": "login error (bad cookie)",
"403": "login error (no cookie)",
"410": "argument/data error",
"411": "argument/data error",
"412": "argument/data error",
"413": "argument/data error",
"414": "argument/data error",
"415": "argument/data error",
"416": "argument/data error",
"417": "argument/data error",
"418": "argument/data error",
"419": "argument/data error",
"420": "invalid authetication object",
}
let file = JSON.parse(fs.readFileSync(tempFile, 'utf8'));
for (let path in file.paths) {
for (let method in file.paths[path]) {
for (let response in file.paths[path][method].responses) {
if (to_replace[response]) {
file.paths[path][method].responses[response].description = to_replace[response];
}
}
}
}
file = JSON.stringify(file);
console.log(file)
fs.writeFileSync(outputFile, file);
fs.rmSync(tempFile);

11774
views/api/documentation/index.html → views/api_documentation.html
View File

File diff suppressed because it is too large Load Diff