code002lover/IPost
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Compare commits

base: code002lover:master
Branches Tags
code002lover:master
code002lover:renovate/configure
code002lover:snyk-upgrade-1cff5713488ed288f1e88eb46b701115
code002lover:snyk-upgrade-d3ac1e0411973fa38a86da7eec32a8d3
code002lover:snyk-upgrade-052f65256ac8f1a82acd3e51984f6221
code002lover:snyk-upgrade-33e291a67369fc9770e27bfbdf6af2a9
code002lover:snyk-upgrade-f06284b5f81b06efea78adff20177a70
code002lover:snyk-upgrade-518d290a75b5b25f6b0e425ba7c9a971
code002lover:snyk-upgrade-674080c4e5fa8ad627ccb372d90f2a2c
code002lover:snyk-upgrade-641d0cea3a85454fccc2386c4c8805d7
code002lover:snyk-upgrade-3087ad25cae29b54570eae93896a90f2
code002lover:snyk-upgrade-0291ac594766997bc7c8022129990c4d
..
compare: code002lover:snyk-upgrade-0291ac594766997bc7c8022129990c4d
Branches Tags
code002lover:renovate/configure
code002lover:master
code002lover:snyk-upgrade-1cff5713488ed288f1e88eb46b701115
code002lover:snyk-upgrade-d3ac1e0411973fa38a86da7eec32a8d3
code002lover:snyk-upgrade-052f65256ac8f1a82acd3e51984f6221
code002lover:snyk-upgrade-33e291a67369fc9770e27bfbdf6af2a9
code002lover:snyk-upgrade-f06284b5f81b06efea78adff20177a70
code002lover:snyk-upgrade-518d290a75b5b25f6b0e425ba7c9a971
code002lover:snyk-upgrade-674080c4e5fa8ad627ccb372d90f2a2c
code002lover:snyk-upgrade-641d0cea3a85454fccc2386c4c8805d7
code002lover:snyk-upgrade-3087ad25cae29b54570eae93896a90f2
code002lover:snyk-upgrade-0291ac594766997bc7c8022129990c4d

1 Commits
master ... snyk-upgra

Author SHA1 Message Date
snyk-bot
6b97548f24
fix: upgrade sharp from 0.30.7 to 0.31.3 
Snyk has created this PR to upgrade sharp from 0.30.7 to 0.31.3.

See this package in npm:
https://www.npmjs.com/package/sharp

See this project in Snyk:
https://app.snyk.io/org/mystikfluu/project/c5b23892-809c-4121-9c2f-67962c7a4953?utm_source=github&utm_medium=referral&page=upgrade-pr
 2023-03-04 16:42:11 +00:00
22 changed files with 2260 additions and 9143 deletions
Show Stats Expand all files Collapse all files

1
.gitignore vendored
View File

@ -8,4 +8,3 @@ avatars/*
etc/*
*newrelic*
user_uploads/*
swagger-api.json

2
README.md
View File

@ -1,3 +1,3 @@
# IPost
IPost, formerly known as "authwebsite" is a chatting platform that also server as a gateway for me to have authentication for my other projects.
IPost, formerly known as "authwebsite" is a chatting platform that mainly has one thing in mind: privacy.
You can visit IPost under https://ipost.rocks

2
error_codes.txt
View File

@ -4,7 +4,7 @@
403: login error (no cookie)
404: invalid url / not found
410-419: argument/data error
420: invalid authentication object
420: invalid authetication object
429: ratelimit
500: server error

617
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

19
package.json
View File

@ -1,26 +1,23 @@
{
"dependencies": {
"body-parser": "^1.20.2",
"body-parser": "^1.20.1",
"clean-css": "^5.3.2",
"compression": "^1.7.4",
"cookie-parser": "^1.4.6",
"ejs": "^3.1.9",
"ejs": "^3.1.8",
"express": "^4.18.2",
"express-fileupload": "^1.3.1",
"express-useragent": "^1.0.15",
"hcaptcha": "^0.1.1",
"hsts": "^2.2.0",
"newrelic": "^9.15.0",
"html-minifier-terser": "^7.2.0",
"lru-cache": "^9.1.2",
"mysql2": "^3.3.5",
"newrelic": "^9.11.0",
"sharp": "^0.30.7",
"html-minifier-terser": "^7.1.0",
"lru-cache": "^7.14.1",
"mysql2": "^3.1.2",
"newrelic": "^9.8.1",
"sharp": "^0.31.3",
"spdy": "^4.0.2",
"swagger-autogen": "^2.23.1",
"uglify-js": "^3.17.4",
"unsafe_encrypt": "^1.0.4",
"ws": "^8.13.0"
"ws": "^8.12.0"
},
"scripts": {
"start": "node server.js",

12
routes/api/all.js
View File

@ -10,6 +10,7 @@ export const setup = function (router, con, server) {
router.use("/*", (req, res, next) => {
res.set("Access-Control-Allow-Origin", "*"); //we'll allow it for now
let unsigned;
if (req.body.user === undefined || req.body.pass === undefined) {
if(typeof req.get("ipost-auth-token") === "string") {
try{
req.body.auth = JSON.parse(req.get("ipost-auth-token"))
@ -72,6 +73,14 @@ export const setup = function (router, con, server) {
return
}
}
}
else {
unsigned = `${req.body.user} ${SHA256(req.body.pass, req.body.user, HASHES_COOKIE)}`;
res.set("message","user+pass authentication is deprecated as of february 2023, consider switching to auth tokens")
//basically we generate the unsigned cookie
res.locals.isbot = true; //only bots use user+pass
}
let sql = `select User_ID,User_Name,User_Bio,User_Avatar,User_Settings from ipost.users where User_Name=? and User_PW=?;`;
let values = unsigned.split(" ");
values[1] = SHA256(values[1], values[0], HASHES_DIFF);
@ -109,9 +118,6 @@ export const setup = function (router, con, server) {
res.status(402);
res.json({ "error": "you cannot access the api without being logged in" });
}
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
};
export default {

12
routes/api/dms/PersonalMessages.js
View File

@ -20,9 +20,6 @@ export const setup = function (router, con, server) {
throw err;
res.json(result);
});
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
router.get("/api/dms/conversations", function (req, res) {
res.set("Access-Control-Allow-Origin", "*");
@ -33,16 +30,10 @@ export const setup = function (router, con, server) {
throw err;
res.json(result);
});
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
router.get("/api/dms/encrypt.js", function (req, res) {
res.set("Access-Control-Allow-Origin", "*");
res.send(web_version());
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
//
router.get("/api/dms/getDM", function (req, res) {
@ -61,9 +52,6 @@ export const setup = function (router, con, server) {
res.json({ "error": "there is no such dm!" });
}
});
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
};
export default {

7
routes/api/dms/post.js
View File

@ -19,9 +19,6 @@ export const setup = function (router, con, server) {
router.get("/api/dms/pid", function (req, res) {
res.set("Access-Control-Allow-Origin", "*");
res.json({ "pid": createPID() });
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
router.post("/api/dms/post", function (req, res) {
if (!req.body.message) {
@ -92,10 +89,6 @@ export const setup = function (router, con, server) {
console.log(5, `posted new dm by ${res.locals.username} to ${otherperson} : ${xor(encodeURIComponent(res.locals.username), otherperson)}`);
});
//TODO: bring dms up-to-date with normal posts
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
return createPID
};

7
routes/api/getFileIcon.js
View File

@ -31,8 +31,8 @@ async function addTextOnImage(text,buf) {
}
export const setup = function (router, con, server) {
router.get("/api/getFileIcon/:icon",async function(req,res){
let path = req.params.icon
router.get("/api/getFileIcon/*",async function(req,res){
let path = req.path.split("/api/getFileIcon/")[1]
if(path.length > 4) {
res.status(410).json({"error":"file ending is too long"})
return;
@ -41,8 +41,5 @@ export const setup = function (router, con, server) {
res.set("content-type","image/png")
res.send(buf)
})
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
})
}

13
routes/api/getPosts.js
View File

@ -1,4 +1,8 @@
export const setup = function (router, con, server) {
router.get("/api/getPosts/*", function (_req, res) {
res.set("Access-Control-Allow-Origin", "");
res.redirect("/api/getPosts");
});
router.get("/api/getPosts", function (req, res) {
res.set("Access-Control-Allow-Origin", "*");
if (req.query.channel !== undefined) {
@ -17,9 +21,6 @@ export const setup = function (router, con, server) {
res.json(result);
});
}
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
router.get("/api/getPostsLowerThan", function (req, res) {
res.set("Access-Control-Allow-Origin", "*");
@ -39,9 +40,6 @@ export const setup = function (router, con, server) {
res.json(result);
});
}
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
router.get("/api/getPost", function (req, res) {
res.set("Access-Control-Allow-Origin", "*");
@ -58,8 +56,5 @@ export const setup = function (router, con, server) {
res.json({ "error": "there is no such post!" });
}
});
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
}

6
routes/api/post.js
View File

@ -32,9 +32,6 @@ export const setup = function (router, con, server) {
router.get("/api/pid", function (req, res) {
res.set("Access-Control-Allow-Origin", "*");
res.json({ "pid": createPID() });
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
function validateMessage(message) {
@ -207,9 +204,6 @@ export const setup = function (router, con, server) {
res.json({"error":"internal server error", "status": 500})
}
}
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
return createPID
};

4
routes/api/search.js
View File

@ -34,9 +34,5 @@ export const setup = function (router, con, server) {
else {
res.json({ "error": "invalid type passed along, expected `user` or `post`", "message": "search has been deprecated as of 11/30/2022"});
}
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
}

8
routes/api/settingshandler.js
View File

@ -4,10 +4,6 @@ const allowed_settings = {
export const setup = function (router, con, server) {
router.get("/api/settings", function (req, res) {
res.json(res.locals.settings);
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
router.post("/api/settings", function (req, res) {
if (!req.body.setting) {
@ -49,10 +45,6 @@ export const setup = function (router, con, server) {
}
res.json({ "status": "success" });
});
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
};
export default {

18
routes/api/userRoutes.js
View File

@ -48,15 +48,9 @@ export const setup = function (router, con, server) {
});
})
});
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
router.get("/api/getuser", function (_req, res) {
res.json({ "username": res.locals.username, "bio": res.locals.bio, "avatar": res.locals.avatar, "userid": res.locals.userid });
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
router.get("/api/getalluserinformation", function (req, res) {
res.set("Access-Control-Allow-Origin", ""); //we don't want that here
@ -79,9 +73,6 @@ export const setup = function (router, con, server) {
res.json({ "error": "you cannot access the api without being logged in" });
}
});
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
router.get("/api/getotheruser", function (req, res) {
res.set("Access-Control-Allow-Origin", "*");
@ -118,9 +109,6 @@ export const setup = function (router, con, server) {
throw err;
res.json({ "success": "updated bio" });
});
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
router.post("/api/changePW", (req, res) => {
res.set("Access-Control-Allow-Origin", "");
@ -161,9 +149,6 @@ export const setup = function (router, con, server) {
res.json({ "error": "invalid password" });
}
});
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
router.post("/api/changeUsername", function (req, res) {
res.set("Access-Control-Allow-Origin", "");
@ -227,8 +212,5 @@ export const setup = function (router, con, server) {
res.json({ "error": "invalid password" });
}
});
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
}

18
routes/authorize.js
View File

@ -23,7 +23,7 @@ export const setup = function (router, con, server) {
let tokencode;
while(tokencode===undefined || temp_code_to_token[tokencode]!==undefined) {
tokencode = randomBytes(15).toString("base64").replaceAll("/","f").replaceAll("+","A") //"/" and "+" may break some apps
tokencode = randomBytes(15).toString("base64")
}
temp_code_to_token[tokencode]={
"userid":res.locals.userid,
@ -35,7 +35,7 @@ export const setup = function (router, con, server) {
if(data !== undefined && data.token===token && data.appid === appid && data.userid === res.locals.userid) {
temp_code_to_token[tokencode]=undefined
}
}, 1000*60*5);
}, 300000); //wait for 5 minutes
const sql = "SELECT application_auth_url FROM ipost.application where application_id=?"
@ -45,11 +45,7 @@ export const setup = function (router, con, server) {
res.redirect(`/authorize?id=${req.body.application_id}`)
return
}
let extra = ""
if(req.body.application_extra !== "") {
extra = "&extra="+String(req.body.application_extra)
}
res.redirect(`${result[0].application_auth_url}?code=${tokencode}${extra}`)
res.redirect(`${result[0].application_auth_url}?code=${tokencode}`)
})
@ -59,10 +55,6 @@ export const setup = function (router, con, server) {
}
res.redirect(`/authorize?id=${req.body.application_id}`)
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
})
router.post("/redeemauthcode", (req,res) => {
@ -128,8 +120,4 @@ export const setup = function (router, con, server) {
})
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
}

37
routes/serve_static_files.js
View File

@ -5,43 +5,43 @@ export const setup = function (router, con, server) {
const __dirname = server.dirname
const dir = __dirname + "/"
router.get("/users/:user", function (req, res) {
router.get("/users/*", function (req, res) {
if (!increaseUSERCall(req, res))
return;
res.sendFile(dir + "views/otheruser.html");
});
router.get("/css/:file", (request, response) => {
router.get("/css/*", (request, response) => {
if (!increaseUSERCall(request, response))
return;
if (existsSync(`${__dirname}/css/${request.params.file}`)) {
response.sendFile(`${__dirname}/css/${request.params.file}`);
if (existsSync(__dirname + request.originalUrl)) {
response.sendFile(__dirname + request.originalUrl);
}
else {
response.status(404).send("no file with that name found");
}
return;
});
router.get("/js/:file", (request, response) => {
router.get("/js/*", (request, response) => {
if (!increaseUSERCall(request, response))
return;
if (existsSync(`${__dirname}/js/${request.params.file}`)) {
response.sendFile(`${__dirname}/js/${request.params.file}`);
if (existsSync(__dirname + request.originalUrl)) {
response.sendFile(__dirname + request.originalUrl);
}
else {
response.status(404).send("no file with that name found");
}
return;
});
router.get("/images/:file", (request, response) => {
router.get("/images/*", (request, response) => {
if (!increaseUSERCall(request, response))
return;
if (existsSync(`${__dirname}/images/${request.params.file}`)) {
if (existsSync(__dirname + request.originalUrl)) {
response.set('Cache-Control', 'public, max-age=2592000'); //cache it for one month-ish
response.sendFile(`${__dirname}/images/${request.params.file}`);
response.sendFile(__dirname + request.originalUrl);
}
else if(existsSync(`${__dirname}/images/${request.params.file.toLowerCase()}`)){
else if(existsSync(__dirname + request.originalUrl.toLowerCase())){
response.set('Cache-Control', 'public, max-age=2592000'); //cache it for one month-ish
response.sendFile(`${__dirname}/images/${request.params.file.toLowerCase()}`);
response.sendFile(__dirname + request.originalUrl.toLowerCase());
}
else {
response.status(404).send("no file with that name found");
@ -49,12 +49,12 @@ export const setup = function (router, con, server) {
return;
});
router.get("/user_uploads/:file", (request, response) => {
router.get("/user_uploads/*", (request, response) => {
if (!increaseUSERCall(request, response))
return;
if (existsSync(`${__dirname}/user_uploads/${request.params.file}`)) {
if (existsSync(__dirname + request.originalUrl)) {
response.set('Cache-Control', 'public, max-age=2592000'); //cache it for one month-ish
response.sendFile(`${__dirname}/user_uploads/${request.params.file}`);
response.sendFile(__dirname + request.originalUrl);
}
else {
response.status(404).send("no file with that name found");
@ -62,12 +62,13 @@ export const setup = function (router, con, server) {
return;
});
router.get("/avatars/:avatar", (request, response) => {
router.get("/avatars/*", (request, response) => {
if (!increaseUSERCall(request, response))
return;
response.set('Cache-Control', 'public, max-age=2592000'); //cache it for one month-ish
if (existsSync(`${__dirname}/avatars/${request.params.avatar}`)) {
return response.sendFile(`${__dirname}/avatars/${request.params.avatar}`);
let originalUrl = request.originalUrl.split("?").shift();
if (existsSync(dir + originalUrl)) {
return response.sendFile(dir + originalUrl);
}
response.status(404).send("No avatar with that name found");
});

76
routes/userfiles.js
View File

@ -1,5 +1,5 @@
import ejs from "ejs"
import { LRUCache as LRU} from "lru-cache"
import LRU from "lru-cache"
import {minify as min_js} from "uglify-js"
import Clean from 'clean-css';
import Minifier from 'html-minifier-terser';
@ -25,27 +25,27 @@ export const setup = function (router, con, server) {
updateAgeOnHas: true
})
function load_var(filePath) {
if (load_var_cache.has(filePath)) {
return load_var_cache.get(filePath);
function load_var(fina) {
if(load_var_cache.get(fina))return load_var_cache.get(fina)
if(!existsSync(fina)) {
console.log(1,"tried loading non-existent file",fina)
load_var_cache.set(fina,"")
return "";
}
let out = readFileSync(fina)
if(fina.endsWith(".js")) {
out = min_js(out.toString()).code
}
else if(fina.endsWith(".css")) {
const {
styles,
} = new Clean({}).minify(out.toString());
out = styles
}
if (!existsSync(filePath)) {
console.log(1,'Tried loading non-existent file', filePath);
load_var_cache.set(filePath, '');
return '';
}
load_var_cache.set(fina,out)
let output = readFileSync(filePath);
if (filePath.endsWith('.js')) {
output = min_js(output.toString()).code;
} else if (filePath.endsWith('.css')) {
const { styles } = new Clean({}).minify(output.toString());
output = styles;
}
load_var_cache.set(filePath, output);
return output;
return out
}
function get_channels(){
@ -70,10 +70,6 @@ export const setup = function (router, con, server) {
function getAppWithId(appid) {
appid = Number(appid)
return new Promise((res,rej) => {
if(isNaN(appid)) {
res({})
return
}
if(appId_Cache.has(appid)) {
res(appId_Cache.get(appid) || {})
return
@ -115,13 +111,11 @@ export const setup = function (router, con, server) {
if (!increaseUSERCall(request, response))return;
if(typeof overrideurl !== "string")overrideurl = undefined;
let originalUrl = overrideurl
|| request.params.file
|| request.originalUrl.split("?").shift(); //backup in case anything goes wrong
let originalUrl = overrideurl || request.originalUrl.split("?").shift();
let path = ""
if (existsSync(dir + "views/" + originalUrl)) {
path = dir + "views/" + originalUrl
if (existsSync(dir + "views" + originalUrl)) {
path = dir + "views" + originalUrl
//send .txt files as plaintext to help browsers interpret it correctly
if(originalUrl.endsWith(".txt")) {
response.set('Content-Type', 'text/plain');
@ -142,11 +136,10 @@ export const setup = function (router, con, server) {
path = dir + "views" + originalUrl + ".html"
}
if(path !== "" && originalUrl !== "favicon.ico" && originalUrl !== "api_documentation" && originalUrl !== "api_documentation.html") {
console.log(originalUrl)
if(path !== "" && originalUrl !== "/favicon.ico" && originalUrl !== "/api/documentation/") {
global_page_variables.user = { "username": response.locals.username, "bio": response.locals.bio, "avatar": response.locals.avatar }
global_page_variables.query = request.query
if(originalUrl === "authorize") {
if(originalUrl === "/authorize") {
global_page_variables.application = await getAppWithId(request.query.id)
}
ejs.renderFile(path,global_page_variables,{async: true},async function(err,str){
@ -184,16 +177,16 @@ export const setup = function (router, con, server) {
return;
}
if(originalUrl === "api_documentation" || originalUrl === "api_documentation.html") {
if(originalUrl === "/favicon.ico") {
response.set('Cache-Control', 'public, max-age=2592000');
response.set('Content-Type', 'text/html')
response.send(load_var("./views/api_documentation.html"))
response.sendFile(dir + "/views/favicon.ico")
return
}
if(originalUrl === "favicon.ico") {
response.set('Cache-Control', 'public, max-age=2592000');
response.sendFile(dir + "/views/favicon.ico")
if(originalUrl === "/api/documentation/") {
readFile(path,function(_err,res){
response.send(res.toString())
})
return
}
@ -208,14 +201,9 @@ export const setup = function (router, con, server) {
/**
* Handle default URI as /index (interpreted redirect: "localhost" -> "localhost/index" )
*/
router.get("/", (req, res) => {
req.params.file = "index"
router.get("/", function (req, res) {
handleUserFiles(req,res,"/index")
});
router.get("/:file", handleUserFiles);
router.get("/:folder/:file", (req, res) => {
req.params.file = req.params.folder+"/"+req.params.file
handleUserFiles(req,res)
});
router.get("/*", handleUserFiles);
}

25
server.js
View File

@ -14,7 +14,6 @@ import { readFileSync, appendFile } from "fs";
import { format } from "util";
import { setup as SETUP_ROUTES} from "./routes/setup_all_routes.js"
import { verify as verifyHCaptcha_int } from "hcaptcha"
import hsts from "hsts"
import { ensureExists } from "./extra_modules/ensureExists.js"
@ -263,26 +262,6 @@ app.use(fileUpload({
}
}));
const hstsMiddleware = hsts({
maxAge: 31536000,
includeSubDomains: true,
preload: true
})
app.use((req, res, next) => {
res.set("x-powered-by", "ipost");
res.set("X-Frame-Options","DENY");
res.set("X-XSS-Protection","1; mode=block");
res.set("X-Content-Type-Options","nosniff");
res.set("Referrer-Policy","no-referrer");
if (req.secure) {
hstsMiddleware(req, res, next)
} else {
next()
}
})
app.use(bodyParser.default.json({ limit: "100mb" }));
app.use(bodyParser.default.urlencoded({ limit: "100mb", extended: true }));
app.use(cookieParser(cookiesecret));
@ -325,6 +304,7 @@ app.use((req, res, next) => {
});
app.use("/*", function (req, res, next) {
res.set("x-powered-by", "ipost");
for (let i = 0; i < blocked_headers.length; i++) {
if (req.header(blocked_headers[i]) !== undefined) {
res.json({ "error": "we don't allow proxies on our website." });
@ -378,9 +358,6 @@ router.get("/api/getChannels", function (_req, res) {
throw err;
res.json(result);
});
/* #swagger.security = [{
"appTokenAuthHeader": []
}] */
});
/*

4
server_config.json
View File

@ -155,8 +155,8 @@
"level": 5
},
"ssl": {
"privateKey": "/etc/letsencrypt/live/ipost.rocks-0002/privkey.pem",
"certificate" : "/etc/letsencrypt/live/ipost.rocks-0002/fullchain.pem"
"privateKey": "./etc/letsencrypt/live/ipost.rocks/privkey.pem",
"certificate" : "./etc/letsencrypt/live/ipost.rocks/fullchain.pem"
},
"ports": {
"http": 9999,

78
swagger.cjs
View File

@ -1,78 +0,0 @@
const fs = require('fs');
const swaggerAutogen = require('swagger-autogen')();
const doc = {
info: {
title: 'IPost API',
description: 'the official IPost.rocks API documentation',
},
host: 'ipost.rocks',
schemes: ['https'],
securityDefinitions: {
appTokenAuthHeader: {
type: 'apiKey',
in: 'header', // can be 'header', 'query' or 'cookie'
name: 'ipost-auth-token', // name of the header, query parameter or cookie
description: 'authenticate using the authentication object in the header'
}
}
};
const outputFile = './swagger-api.json';
const tempFile = './swagger-output.json';
const endpointsFiles = ['./server.js'];
function pushdirectory(currentpath) {
fs.readdirSync(currentpath, {
withFileTypes: true
}).forEach(dirent => {
if (dirent.isFile()) {
endpointsFiles.push(currentpath + dirent.name);
} else {
pushdirectory(currentpath + dirent.name + "/");
}
});
}
pushdirectory("./routes/");
swaggerAutogen(tempFile, endpointsFiles, doc);
/*
Replace some error codes with own error codes, as described in error_codes.txt
*/
const to_replace = {
"401": "login error (invalid cookie)",
"402": "login error (bad cookie)",
"403": "login error (no cookie)",
"410": "argument/data error",
"411": "argument/data error",
"412": "argument/data error",
"413": "argument/data error",
"414": "argument/data error",
"415": "argument/data error",
"416": "argument/data error",
"417": "argument/data error",
"418": "argument/data error",
"419": "argument/data error",
"420": "invalid authetication object",
}
let file = JSON.parse(fs.readFileSync(tempFile, 'utf8'));
for (let path in file.paths) {
for (let method in file.paths[path]) {
for (let response in file.paths[path][method].responses) {
if (to_replace[response]) {
file.paths[path][method].responses[response].description = to_replace[response];
}
}
}
}
file = JSON.stringify(file);
console.log(file)
fs.writeFileSync(outputFile, file);
fs.rmSync(tempFile);

10158
views/api_documentation.html → views/api/documentation/index.html
View File

File diff suppressed because it is too large Load Diff

1
views/authorize.html
View File

@ -27,7 +27,6 @@
<p>Please authorize the app "<%= application.application_name %>" to access your information:</p>
<form action="/authorize" method="post">
<input type="number" value=<%= query.id %> class="hidden" name="application_id" id="application_id">
<input type="number" value=<%= query.extra || "" %> class="hidden" name="application_extra" id="application_extra">
<div class="h-captcha" data-sitekey="<%- hcaptcha_sitekey %>"></div>
<input type="submit" value="Authorize">
</form>