silverbullet/server/http_server.ts

481 lines
16 KiB
TypeScript
Raw Normal View History

import { Application, Context, Next, oakCors, Router } from "./deps.ts";
import { SpacePrimitives } from "../common/spaces/space_primitives.ts";
2022-10-12 17:47:13 +08:00
import { AssetBundle } from "../plugos/asset_bundle/bundle.ts";
import { ensureSettingsAndIndex } from "../common/util.ts";
import { performLocalFetch } from "../common/proxy_fetch.ts";
2023-05-29 15:53:49 +08:00
import { BuiltinSettings } from "../web/types.ts";
import { gitIgnoreCompiler } from "./deps.ts";
import { FilteredSpacePrimitives } from "../common/spaces/filtered_space_primitives.ts";
import { Authenticator } from "./auth.ts";
import { FileMeta } from "../common/types.ts";
export type ServerOptions = {
hostname: string;
port: number;
pagesPath: string;
clientAssetBundle: AssetBundle;
authenticator: Authenticator;
2022-12-05 19:14:21 +08:00
pass?: string;
certFile?: string;
keyFile?: string;
maxFileSizeMB?: number;
};
export class HttpServer {
app: Application;
private hostname: string;
private port: number;
abortController?: AbortController;
clientAssetBundle: AssetBundle;
2023-05-29 15:53:49 +08:00
settings?: BuiltinSettings;
spacePrimitives: SpacePrimitives;
authenticator: Authenticator;
constructor(
2023-05-29 15:53:49 +08:00
spacePrimitives: SpacePrimitives,
private options: ServerOptions,
) {
this.hostname = options.hostname;
this.port = options.port;
this.app = new Application();
this.authenticator = options.authenticator;
this.clientAssetBundle = options.clientAssetBundle;
2023-05-29 15:53:49 +08:00
let fileFilterFn: (s: string) => boolean = () => true;
this.spacePrimitives = new FilteredSpacePrimitives(
spacePrimitives,
(meta) => {
// Don't list file exceeding the maximum file size
if (
options.maxFileSizeMB &&
meta.size / (1024 * 1024) > options.maxFileSizeMB
) {
return false;
}
return fileFilterFn(meta.name);
},
async () => {
await this.reloadSettings();
if (typeof this.settings?.spaceIgnore === "string") {
fileFilterFn = gitIgnoreCompiler(this.settings.spaceIgnore).accepts;
} else {
fileFilterFn = () => true;
}
},
);
}
// Replaces some template variables in index.html in a rather ad-hoc manner, but YOLO
renderIndexHtml() {
return this.clientAssetBundle.readTextFileSync(".client/index.html")
.replaceAll(
"{{SPACE_PATH}}",
this.options.pagesPath.replaceAll("\\", "\\\\"),
);
}
async start() {
2023-05-29 15:53:49 +08:00
await this.reloadSettings();
2022-10-12 17:47:13 +08:00
// Serve static files (javascript, css, html)
this.app.use(this.serveStatic.bind(this));
await this.addPasswordAuth(this.app);
const fsRouter = this.addFsRoutes(this.spacePrimitives);
this.app.use(fsRouter.routes());
this.app.use(fsRouter.allowedMethods());
// Fallback, serve the UI index.html
this.app.use(({ response }) => {
response.headers.set("Content-type", "text/html");
response.body = this.renderIndexHtml();
});
this.abortController = new AbortController();
const listenOptions: any = {
2022-12-15 03:32:26 +08:00
hostname: this.hostname,
port: this.port,
signal: this.abortController.signal,
};
if (this.options.keyFile) {
listenOptions.key = Deno.readTextFileSync(this.options.keyFile);
}
if (this.options.certFile) {
listenOptions.cert = Deno.readTextFileSync(this.options.certFile);
}
this.app.listen(listenOptions)
.catch((e: any) => {
console.log("Server listen error:", e.message);
Deno.exit(1);
});
2022-12-15 03:32:26 +08:00
const visibleHostname = this.hostname === "0.0.0.0"
? "localhost"
: this.hostname;
console.log(
`SilverBullet is now running: http://${visibleHostname}:${this.port}`,
);
2022-11-26 21:15:38 +08:00
}
serveStatic(
{ request, response }: Context<Record<string, any>, Record<string, any>>,
next: Next,
) {
if (
request.url.pathname === "/"
) {
// Serve the UI (index.html)
// Note: we're explicitly not setting Last-Modified and If-Modified-Since header here because this page is dynamic
response.headers.set("Content-type", "text/html");
response.body = this.renderIndexHtml();
return;
}
try {
const assetName = request.url.pathname.slice(1);
if (
this.clientAssetBundle.has(assetName) &&
request.headers.get("If-Modified-Since") ===
utcDateString(this.clientAssetBundle.getMtime(assetName))
) {
response.status = 304;
return;
}
response.status = 200;
response.headers.set(
"Content-type",
this.clientAssetBundle.getMimeType(assetName),
);
const data = this.clientAssetBundle.readFileSync(
assetName,
);
response.headers.set("Cache-Control", "no-cache");
response.headers.set("Content-length", "" + data.length);
response.headers.set(
"Last-Modified",
utcDateString(this.clientAssetBundle.getMtime(assetName)),
);
if (request.method === "GET") {
response.body = data;
}
} catch {
return next();
}
}
2023-05-29 15:53:49 +08:00
async reloadSettings() {
// TODO: Throttle this?
this.settings = await ensureSettingsAndIndex(this.spacePrimitives);
}
private async addPasswordAuth(app: Application) {
2022-12-22 18:21:12 +08:00
const excludedPaths = [
"/manifest.json",
"/favicon.png",
"/logo.png",
"/.auth",
];
// Middleware handling the /.auth page and flow
app.use(async ({ request, response, cookies }, next) => {
if (request.url.pathname === "/.auth") {
if (request.url.search === "?logout") {
await cookies.delete("auth");
// Implicit fallthrough to login page
}
if (request.method === "GET") {
response.headers.set("Content-type", "text/html");
response.body = this.clientAssetBundle.readTextFileSync(
".client/auth.html",
);
return;
} else if (request.method === "POST") {
const values = await request.body({ type: "form" }).value;
const username = values.get("username")!,
password = values.get("password")!,
refer = values.get("refer");
const hashedPassword = await this.authenticator.authenticate(
username,
password,
);
if (hashedPassword) {
await cookies.set("auth", `${username}:${hashedPassword}`, {
expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 7), // in a week
sameSite: "strict",
});
response.redirect(refer || "/");
// console.log("All headers", request.headers);
} else {
response.redirect("/.auth?error=1");
}
return;
} else {
response.redirect("/.auth");
return;
}
} else {
await next();
}
});
if ((await this.authenticator.getAllUsers()).length > 0) {
// Users defined, so enabling auth
2022-12-22 18:21:12 +08:00
app.use(async ({ request, response, cookies }, next) => {
if (!excludedPaths.includes(request.url.pathname)) {
2022-12-22 18:21:12 +08:00
const authCookie = await cookies.get("auth");
if (!authCookie) {
response.redirect("/.auth");
2022-12-22 18:21:12 +08:00
return;
}
const [username, hashedPassword] = authCookie.split(":");
if (
!await this.authenticator.authenticateHashed(
username,
hashedPassword,
)
) {
response.redirect("/.auth");
return;
}
2022-12-22 18:21:12 +08:00
}
await next();
2022-10-18 02:35:38 +08:00
});
}
}
private addFsRoutes(spacePrimitives: SpacePrimitives): Router {
2022-10-18 02:35:38 +08:00
const fsRouter = new Router();
const corsMiddleware = oakCors({
allowedHeaders: "*",
exposedHeaders: "*",
methods: ["GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS"],
});
fsRouter.use(corsMiddleware);
2022-10-18 02:35:38 +08:00
// File list
fsRouter.get(
"/index.json",
// corsMiddleware,
async ({ request, response }) => {
2023-08-08 21:00:18 +08:00
if (request.headers.has("X-Sync-Mode")) {
// Only handle direct requests for a JSON representation of the file list
response.headers.set("Content-type", "application/json");
response.headers.set("X-Space-Path", this.options.pagesPath);
const files = await spacePrimitives.fetchFileList();
response.body = JSON.stringify(files);
} else {
// Otherwise, redirect to the UI
// The reason to do this is to handle authentication systems like Authelia nicely
response.redirect("/");
}
},
);
2022-10-18 02:35:38 +08:00
// RPC
fsRouter.post("/.rpc", async ({ request, response }) => {
const body = await request.body({ type: "json" }).value;
try {
switch (body.operation) {
case "fetch": {
const result = await performLocalFetch(body.url, body.options);
console.log("Proxying fetch request to", body.url);
response.headers.set("Content-Type", "application/json");
response.body = JSON.stringify(result);
return;
}
case "shell": {
// TODO: Have a nicer way to do this
if (this.options.pagesPath.startsWith("s3://")) {
response.status = 500;
response.body = JSON.stringify({
stdout: "",
stderr: "Cannot run shell commands with S3 backend",
code: 500,
});
return;
}
console.log("Running shell command:", body.cmd, body.args);
const p = new Deno.Command(body.cmd, {
args: body.args,
cwd: this.options.pagesPath,
stdout: "piped",
stderr: "piped",
});
const output = await p.output();
const stdout = new TextDecoder().decode(output.stdout);
const stderr = new TextDecoder().decode(output.stderr);
response.headers.set("Content-Type", "application/json");
response.body = JSON.stringify({
stdout,
stderr,
code: output.code,
});
if (output.code !== 0) {
console.error("Error running shell command", stdout, stderr);
}
return;
}
default:
response.headers.set("Content-Type", "text/plain");
response.status = 400;
response.body = "Unknown operation";
}
} catch (e: any) {
console.log("Error", e);
response.status = 500;
response.body = e.message;
return;
}
});
const filePathRegex = "\/(.+\\.[a-zA-Z]+)";
2022-10-18 02:35:38 +08:00
fsRouter
.get(
filePathRegex,
async ({ params, response, request }) => {
const name = params[0];
console.log("Requested file", name);
2023-08-08 21:00:18 +08:00
if (!request.headers.has("X-Sync-Mode") && name.endsWith(".md")) {
2023-08-08 22:35:46 +08:00
// It can happen that during a sync, authentication expires, this may result in a redirect to the login page and then back to this particular file. This particular file may be an .md file, which isn't great to show so we're redirecting to the associated SB UI page.
2023-08-08 21:00:18 +08:00
console.log("Request was without X-Sync-Mode, redirecting to page");
response.redirect(`/${name.slice(0, -3)}`);
return;
}
if (name.startsWith(".")) {
// Don't expose hidden files
response.status = 404;
response.body = "Not exposed";
2022-10-21 22:56:46 +08:00
return;
}
2023-07-29 23:06:32 +08:00
// Handle federated links through a simple redirect, only used for attachments loads with service workers disabled
if (name.startsWith("!")) {
let url = name.slice(1);
if (url.startsWith("localhost")) {
url = `http://${url}`;
} else {
url = `https://${url}`;
}
2023-07-30 05:41:37 +08:00
try {
const req = await fetch(url);
response.status = req.status;
2023-07-30 17:30:01 +08:00
// Override X-Permssion header to always be "ro"
const newHeaders = new Headers();
for (const [key, value] of req.headers.entries()) {
newHeaders.set(key, value);
}
newHeaders.set("X-Permission", "ro");
response.headers = newHeaders;
2023-07-30 05:41:37 +08:00
response.body = req.body;
} catch (e: any) {
console.error("Error fetching federated link", e);
response.status = 500;
response.body = e.message;
}
// response.redirect(url);
2023-07-29 23:06:32 +08:00
return;
}
try {
2023-08-08 21:00:18 +08:00
if (request.headers.has("X-Get-Meta")) {
// Getting meta via GET request
const fileData = await spacePrimitives.getFileMeta(name);
response.status = 200;
this.fileMetaToHeaders(response.headers, fileData);
response.body = "";
return;
}
const fileData = await spacePrimitives.readFile(name);
const lastModifiedHeader = new Date(fileData.meta.lastModified)
.toUTCString();
if (
request.headers.get("If-Modified-Since") === lastModifiedHeader
) {
response.status = 304;
return;
}
response.status = 200;
this.fileMetaToHeaders(response.headers, fileData.meta);
response.headers.set("Last-Modified", lastModifiedHeader);
2022-10-18 02:35:38 +08:00
response.body = fileData.data;
2023-08-08 21:00:18 +08:00
} catch (e: any) {
2023-08-10 22:09:28 +08:00
console.error("Error GETting file", name, e.message);
response.status = 404;
response.body = "Not found";
}
},
)
.put(
filePathRegex,
async ({ request, response, params }) => {
const name = params[0];
console.log("Saving file", name);
if (name.startsWith(".")) {
// Don't expose hidden files
response.status = 403;
return;
}
2023-01-13 22:41:29 +08:00
const body = await request.body({ type: "bytes" }).value;
try {
const meta = await spacePrimitives.writeFile(
name,
body,
);
response.status = 200;
this.fileMetaToHeaders(response.headers, meta);
response.body = "OK";
} catch (err) {
console.error("Write failed", err);
response.status = 500;
response.body = "Write failed";
}
},
)
.delete(filePathRegex, async ({ response, params }) => {
2022-10-18 02:35:38 +08:00
const name = params[0];
2023-05-25 23:21:51 +08:00
console.log("Deleting file", name);
if (name.startsWith(".")) {
// Don't expose hidden files
response.status = 403;
return;
}
2022-10-18 02:35:38 +08:00
try {
await spacePrimitives.deleteFile(name);
response.status = 200;
response.body = "OK";
} catch (e: any) {
console.error("Error deleting attachment", e);
response.status = 500;
2022-10-18 02:35:38 +08:00
response.body = e.message;
}
})
.options(filePathRegex, corsMiddleware);
return fsRouter;
}
private fileMetaToHeaders(headers: Headers, fileMeta: FileMeta) {
headers.set("Content-Type", fileMeta.contentType);
headers.set(
"X-Last-Modified",
"" + fileMeta.lastModified,
);
headers.set("Cache-Control", "no-cache");
headers.set("X-Permission", fileMeta.perm);
2023-08-08 21:00:18 +08:00
headers.set("X-Content-Length", "" + fileMeta.size);
}
stop() {
if (this.abortController) {
this.abortController.abort();
console.log("stopped server");
}
}
}
function utcDateString(mtime: number): string {
return new Date(mtime).toUTCString();
}