Upload web code

This commit is contained in:
Cadence Ember 2024-09-22 15:42:15 +12:00
parent 1d2daf2504
commit b6c23c30fb
22 changed files with 765 additions and 6 deletions

2
package-lock.json generated
View file

@ -30,6 +30,7 @@
"get-stream": "^6.0.1",
"h3": "^1.12.0",
"heatsync": "^2.5.3",
"lru-cache": "^10.4.3",
"minimist": "^1.2.8",
"node-fetch": "^2.6.7",
"prettier-bytes": "^1.0.4",
@ -2131,7 +2132,6 @@
"version": "10.4.3",
"resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz",
"integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==",
"dev": true,
"license": "ISC"
},
"node_modules/make-dir": {

View file

@ -39,6 +39,7 @@
"get-stream": "^6.0.1",
"h3": "^1.12.0",
"heatsync": "^2.5.3",
"lru-cache": "^10.4.3",
"minimist": "^1.2.8",
"node-fetch": "^2.6.7",
"prettier-bytes": "^1.0.4",

View file

@ -189,6 +189,7 @@ Total transitive production dependencies: 147
* (0) get-stream: Only needed if content_length_workaround is true.
* (1) heatsync: Module hot-reloader that I trust.
* (1) js-yaml: Will be removed in the future after registration.yaml is converted to JSON.
* (0) lru-cache: For holding unused nonce in memory and letting them be overwritten later if never used.
* (0) minimist: It's already pulled in by better-sqlite3->prebuild-install.
* (3) node-fetch@2: I like it and it does what I want. Version 2 is used because version 3 is ESM-only.
* (0) prettier-bytes: It does what I want and has no dependencies.

View file

@ -38,6 +38,7 @@ const passthrough = require("../src/passthrough")
const db = new sqlite("ooye.db")
const migrate = require("../src/db/migrate")
/** @type {import("heatsync").default} */ // @ts-ignore
const sync = new HeatSync({watchFS: false})
Object.assign(passthrough, {sync, db})
@ -166,8 +167,28 @@ async function validateHomeserverOrigin(serverUrlPrompt, url) {
}
}
})
console.log("What is your Discord client secret?")
/** @type {{discord_client_secret: string}} */
const clientSecretResponse = await prompt({
type: "input",
name: "discord_client_secret",
message: "Client secret"
})
const template = getTemplateRegistration()
reg = {...template, url: bridgeOriginResponse.bridge_origin, ooye: {...template.ooye, ...serverNameResponse, ...bridgeOriginResponse, server_origin: serverOrigin, ...discordTokenResponse}}
reg = {
...template,
url: bridgeOriginResponse.bridge_origin,
ooye: {
...template.ooye,
...serverNameResponse,
...bridgeOriginResponse,
server_origin: serverOrigin,
...discordTokenResponse,
...clientSecretResponse
}
}
registration.reg = reg
checkRegistration(reg)
writeRegistration(reg)

42
scripts/start-server.js Executable file
View file

@ -0,0 +1,42 @@
#!/usr/bin/env node
// @ts-check
const {createServer} = require("http")
const EventEmitter = require("events")
const {createApp, createRouter, toNodeListener} = require("h3")
const sqlite = require("better-sqlite3")
const migrate = require("../src/db/migrate")
const HeatSync = require("heatsync")
const {reg} = require("../src/matrix/read-registration")
const passthrough = require("../src/passthrough")
const db = new sqlite("ooye.db")
/** @type {import("heatsync").default} */ // @ts-ignore
const sync = new HeatSync()
Object.assign(passthrough, {sync, db})
const DiscordClient = require("../src/d2m/discord-client")
const discord = new DiscordClient(reg.ooye.discord_token, "half")
passthrough.discord = discord
const app = createApp()
const router = createRouter()
app.use(router)
const server = createServer(toNodeListener(app))
server.listen(reg.socket || new URL(reg.url).port)
const as = Object.assign(new EventEmitter(), {app, router, server}) // @ts-ignore
passthrough.as = as
const orm = sync.require("../src/db/orm")
passthrough.from = orm.from
passthrough.select = orm.select
;(async () => {
await migrate.migrate(db)
await discord.cloud.connect()
console.log("Discord gateway started")
sync.require("../src/web/server")
})()

View file

@ -6,7 +6,7 @@ const { Client: CloudStorm } = require("cloudstorm")
const passthrough = require("../passthrough")
const { sync } = passthrough
/** @type {typeof import("./discord-packets")} */
/** @type {import("./discord-packets")} */
const discordPackets = sync.require("./discord-packets")
class DiscordClient {

View file

@ -0,0 +1,5 @@
BEGIN TRANSACTION;
ALTER TABLE guild_space ADD COLUMN autocreate INTEGER NOT NULL DEFAULT 1;
COMMIT;

View file

@ -31,6 +31,7 @@ export type Models = {
guild_id: string
space_id: string
privacy_level: number
autocreate: number
}
lottie: {

View file

@ -15,8 +15,13 @@ function select(table, cols, where = {}, e = "") {
if (!Array.isArray(cols)) cols = [cols]
const parameters = []
const wheres = Object.entries(where).map(([col, value]) => {
parameters.push(value)
return `"${col}" = ?`
if (Array.isArray(value)) {
parameters.push(...value)
return `"${col}" IN (` + Array(value.length).fill("?").join(", ") + ")"
} else {
parameters.push(value)
return `"${col}" = ?`
}
})
const whereString = wheres.length ? " WHERE " + wheres.join(" AND ") : ""
/** @type {U.Prepared<Pick<U.Models[Table], Col>>} */

1
src/types.d.ts vendored
View file

@ -24,6 +24,7 @@ export type AppServiceRegistrationConfig = {
server_origin: string
bridge_origin: string
discord_token: string
discord_client_secret: string
content_length_workaround: boolean
include_user_id_in_mxid: boolean
invite: string[]

78
src/web/pug-sync.js Normal file
View file

@ -0,0 +1,78 @@
// @ts-check
const assert = require("assert/strict")
const fs = require("fs")
const {join} = require("path")
const h3 = require("h3")
const {defineEventHandler, defaultContentType, setResponseStatus, useSession, getQuery} = h3
const {compileFile} = require("@cloudrac3r/pug")
const {as} = require("../passthrough")
const {reg} = require("../matrix/read-registration")
// Pug
let globals = {}
/** @type {Map<string, (event: import("h3").H3Event, locals: Record<string, any>) => Promise<string>>} */
const pugCache = new Map()
function addGlobals(obj) {
Object.assign(globals, obj)
}
/**
* @param {import("h3").H3Event} event
* @param {string} filename
* @param {Record<string, any>} locals
*/
function render(event, filename, locals) {
const path = join(__dirname, "pug", filename)
function compile() {
try {
const template = compileFile(path, {})
pugCache.set(path, async (event, locals) => {
defaultContentType(event, "text/html; charset=utf-8")
const session = await useSession(event, {password: reg.as_token})
return template(Object.assign({},
getQuery(event), // Query parameters can be easily accessed on the top level but don't allow them to overwrite anything
globals, // Globals
locals, // Explicit locals overwrite globals in case we need to DI something
{session} // Session is always session because it has to be trusted
))
})
} catch (e) {
pugCache.set(path, async (event) => {
setResponseStatus(event, 500, "Internal Template Error")
defaultContentType(event, "text/plain")
return e.toString()
})
}
}
if (!pugCache.has(path)) {
compile()
fs.watch(path, {persistent: false}, compile)
fs.watch(join(__dirname, "pug", "includes"), {persistent: false}, compile)
}
const cb = pugCache.get(path)
assert(cb)
return cb(event, locals)
}
/**
* @param {import("h3").Router} router
* @param {string} url
* @param {string} filename
*/
function createRoute(router, url, filename) {
router.get(url, defineEventHandler(async event => {
return render(event, filename, {})
}))
}
module.exports.addGlobals = addGlobals
module.exports.render = render
module.exports.createRoute = createRoute

159
src/web/pug/guild.pug Normal file
View file

@ -0,0 +1,159 @@
extends includes/template.pug
mixin badge-readonly
.s-badge.s-badge__xs.s-badge__icon.s-badge__muted
!= icons.Icons.IconEyeSm
| Read-only
mixin badge-private
.s-badge.s-badge__xs.s-badge__icon.s-badge__warning
!= icons.Icons.IconLockSm
| Private
mixin discord(channel, radio=false)
- let permissions = dUtils.getPermissions([], discord.guilds.get(channel.guild_id).roles, "", channel.permission_overwrites)
.s-user-card.s-user-card__small
if !dUtils.hasPermission(permissions, DiscordTypes.PermissionFlagsBits.ViewChannel)
!= icons.Icons.IconLock
else if channel.type === 5
!= icons.Icons.IconBullhorn
else if channel.type === 2
!= icons.Icons.IconPhone
else if channel.type === 11 || channel.type === 12
!= icons.Icons.IconCollection
else
include includes/hash.svg
.s-user-card--info.ws-nowrap
if radio
= channel.name
else
.s-user-card--link.fs-body1
a(href=`https://discord.com/channels/${channel.guild_id}/${channel.id}`)= channel.name
if channel.parent_id
.s-user-card--location= discord.channels.get(channel.parent_id).name
if !dUtils.hasPermission(permissions, DiscordTypes.PermissionFlagsBits.ViewChannel)
+badge-private
else if !dUtils.hasPermission(permissions, DiscordTypes.PermissionFlagsBits.SendMessages)
+badge-readonly
mixin matrix(row, radio=false, badge="")
.s-user-card.s-user-card__small
!= icons.Icons.IconMessage
.s-user-card--info.ws-nowrap
if radio
= row.nick || row.name
else
.s-user-card--link.fs-body1
a(href=`https://matrix.to/#/${row.room_id}`)= row.nick || row.name
block body
if !guild_id && session.data.managedGuilds
.s-empty-state.wmx4.p48
!= icons.Spots.SpotEmptyXL
p Select a server from the top right corner to continue.
p If the server you're looking for isn't there, try #[a(href="/oauth?action=add") logging in again.]
else if !session.data.managedGuilds
.s-empty-state.wmx4.p48
!= icons.Spots.SpotEmptyXL
p You need to log in to manage your servers.
a.s-btn.s-btn__icon.s-btn__filled(href="/oauth")
!= icons.Icons.IconDiscord
= ` Log in with Discord`
else if !discord.guilds.has(guild_id) || !session.data.managedGuilds || !session.data.managedGuilds.includes(guild_id)
.s-empty-state.wmx4.p48
!= icons.Spots.SpotAlertXL
p Either the selected server doesn't exist, or you don't have the Manage Server permission on Discord.
p If you've checked your permissions, try #[a(href="/oauth") logging in again.]
else
- let guild = discord.guilds.get(guild_id)
.s-page-title.mb24
h1.s-page-title--header= guild.name
.d-flex.g16
.fl-grow1
h2.fs-headline1 Invite a Matrix user
form.d-grid.g-af-column.gy4.gx8.jc-start(method="post" action="/api/invite" style="grid-template-rows: repeat(2, auto)")
label.s-label(for="mxid") Matrix ID
input.fl-grow1.s-input.wmx3#mxid(name="mxid" required placeholder="@user:example.org")
label.s-label(for="permissions") Permissions
.s-select
select#permissions(name="permissions")
option(value="default") Default
option(value="moderator") Moderator
input(type="hidden" name="guild_id" value=guild_id)
.grid--row-start2
button.s-btn.s-btn__filled.htmx-indicator Invite
div
-
let size = 105
let src = new URL(`https://api.qrserver.com/v1/create-qr-code/?qzone=1&format=svg&size=${size}x${size}`)
src.searchParams.set("data", `https://bridge.cadence.moe/invite?nonce=${nonce}`)
img(width=size height=size src=src.toString())
h2.mt48.fs-headline1 Linked channels
-
function getPosition(channel) {
let position = 0
let looking = channel
while (looking.parent_id) {
looking = discord.channels.get(looking.parent_id)
position = looking.position * 1000
}
if (channel.position) position += channel.position
return position
}
let channelIDs = discord.guildChannelMap.get(guild_id)
let linkedChannels = select("channel_room", ["channel_id", "room_id", "name", "nick"], {channel_id: channelIDs}).all()
let linkedChannelsWithDetails = linkedChannels.map(c => ({channel: discord.channels.get(c.channel_id), ...c})).filter(c => c.channel)
let linkedChannelIDs = linkedChannelsWithDetails.map(c => c.channel_id)
linkedChannelsWithDetails.sort((a, b) => getPosition(a.channel) - getPosition(b.channel))
let unlinkedChannelIDs = channelIDs.filter(c => !linkedChannelIDs.includes(c))
let unlinkedChannels = unlinkedChannelIDs.map(c => discord.channels.get(c)).filter(c => [0, 5].includes(c.type))
unlinkedChannels.sort((a, b) => getPosition(a) - getPosition(b))
.s-card.bs-sm.p0
.s-table-container
table.s-table.s-table__bx-simple
each row in linkedChannelsWithDetails
tr
td.w40: +discord(row.channel)
td.p2: button.s-btn.s-btn__muted.s-btn__xs!= icons.Icons.IconLinkSm
td: +matrix(row)
else
tr
td(colspan="3")
.s-empty-state No channels linked between Discord and Matrix yet...
h3.mt32.fs-category Auto-create
.s-card
form.d-flex.ai-center.g8
label.s-label.fl-grow1(for="autocreate")
| Create new Matrix rooms automatically
p.s-description If you want, OOYE can automatically create new Matrix rooms and link them when a new Discord channel is spoken in.
- let value = select("guild_space", "autocreate", {guild_id}).pluck().get()
input(type="hidden" name="guild_id" value=guild_id)
input.s-toggle-switch.order-last#autocreate(name="autocreate" type="checkbox" hx-post="/api/autocreate" hx-indicator="#autocreate-loading" hx-disabled-elt="this" checked=value)
.is-loading#autocreate-loading
h3.mt32.fs-category Manually link channels
form.d-flex.g16.ai-start(method="post" action="/api/link")
.fl-grow2.s-btn-group.fd-column.w40
each channel in unlinkedChannels
input.s-btn--radio(type="radio" name="discord" id=channel.id value=channel.id)
label.s-btn.s-btn__muted.ta-left.truncate(for=channel.id)
+discord(channel, true, "Announcement")
else
.s-empty-state.p8 All Discord channels are linked.
.fl-grow1.s-btn-group.fd-column.w30
.s-empty-state.p8 I don't know how to get the Matrix room list yet...
div
button.s-btn.s-btn__icon.s-btn__filled
!= icons.Icons.IconLink
= ` Connect`

24
src/web/pug/home.pug Normal file
View file

@ -0,0 +1,24 @@
extends includes/template.pug
block body
.s-page-title.mb24
h1.s-page-title--header Bridge a Discord server
.d-grid.grid__2.g24
.s-card.bs-md.d-flex.fd-column
h2 Easy mode
p Add the bot to your Discord server.
p It will automatically create new Matrix rooms for you.
.fl-grow1
a.s-btn.s-btn__filled.s-btn__icon(href="/oauth?action=add")
!= icons.Icons.IconPlus
= ` Add to server`
.s-card.bs-md.d-flex.fd-column
h2 Self-service
p OOYE will link an existing Discord server and Matrix space together.
p Choose this option if you already have a community set up on Matrix.
p Or, choose this if you're migrating from a different bridge.
.fl-grow1
a.s-btn.s-btn__outlined.s-btn__icon(href="/oauth?action=add-self-service")
!= icons.Icons.IconUnorderedList
= ` Set up self-service`

View file

@ -0,0 +1,46 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<svg
aria-hidden="true"
class="svg-icon iconItalic"
width="18"
height="18"
viewBox="0 0 18 18"
version="1.1"
id="svg1"
sodipodi:docname="hash.svg"
inkscape:version="1.3.2 (091e20ef0f, 2023-11-25)"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns="http://www.w3.org/2000/svg"
xmlns:svg="http://www.w3.org/2000/svg">
<defs
id="defs1" />
<path
style="opacity:1;stroke-width:24.2222;stroke-linecap:square;paint-order:stroke fill markers"
d="m 13.949463,2.0417087 c 0,0 0.664304,0.00704 0.854464,0.00134 0.19016,-0.0057 0.924873,0.2384962 0.57664,0.9863413 -0.288846,0.6203095 -5.045042,11.035358 -5.4783833,11.984378 -0.4333415,0.949021 -0.7881247,0.945761 -1.3553087,0.945761 -0.567184,0 -0.3175392,0 -0.734375,0 -0.4168358,0 -0.7985231,-0.467356 -0.5770328,-0.951217 C 7.4569576,14.524452 12.479729,3.5512928 12.725807,3.0070042 13.022379,2.3510304 13.336114,2.0361844 13.949463,2.0417087 Z"
id="path4"
sodipodi:nodetypes="czszzzzsc" />
<rect
style="opacity:1;stroke-width:27.7591;stroke-linecap:square;paint-order:stroke fill markers"
id="rect4"
width="11.987322"
height="2"
x="2.002677"
y="11.007812"
rx="1"
ry="1" />
<rect
style="opacity:1;stroke-width:27.7591;stroke-linecap:square;paint-order:stroke fill markers"
id="rect5"
width="11.987322"
height="2"
x="4.0100012"
y="5.007813"
rx="1"
ry="1" />
<path
style="opacity:1;stroke-width:24.2222;stroke-linecap:square;paint-order:stroke fill markers"
d="m 9.1764922,2.0417087 c 0,0 0.664304,0.00704 0.8544638,0.00134 0.19016,-0.0057 0.924873,0.2384962 0.57664,0.9863413 -0.288846,0.6203095 -5.0450418,11.035358 -5.4783831,11.984378 -0.4333415,0.949021 -0.7881247,0.945761 -1.3553087,0.945761 -0.567184,0 -0.3175392,0 -0.734375,0 -0.4168358,0 -0.7985231,-0.467356 -0.5770328,-0.951217 C 2.6839868,14.524452 7.7067582,3.5512928 7.9528362,3.0070042 8.2494082,2.3510304 8.5631432,2.0361844 9.1764922,2.0417087 Z"
id="path1"
sodipodi:nodetypes="czszzzzsc" />
</svg>

After

Width:  |  Height:  |  Size: 2.2 KiB

View file

@ -0,0 +1,66 @@
mixin guild(guild)
span.s-avatar.s-avatar__32.s-user-card--avatar
if guild.icon
img.s-avatar--image(src=`https://cdn.discordapp.com/icons/${guild.id}/${guild.icon}.png?size=32`)
else
.s-avatar--letter.bg-silver-400.bar-md(aria-hidden="true")= guild.name[0]
.s-user-card--info.ai-start
strong= guild.name
ul.s-user-card--awards
li #{discord.guildChannelMap.get(guild.id).filter(c => [0, 5, 15, 16].includes(discord.channels.get(c).type)).length} channels
doctype html
html(lang="en")
head
title Out Of Your Element
link(rel="stylesheet" type="text/css" href="/static/stacks.min.css")
<link rel="icon" href="data:image/svg+xml,<svg xmlns=%22http://www.w3.org/2000/svg%22 viewBox=%220 0 100 80%22><text y=%22.83em%22 font-size=%2283%22>💬</text></svg>">
meta(name="htmx-config" content='{"indicatorClass":"is-loading"}')
style.
.themed {
--theme-base-primary-color-h: 266;
--theme-base-primary-color-s: 53%;
--theme-base-primary-color-l: 63%;
--theme-dark-primary-color-h: 266;
--theme-dark-primary-color-s: 53%;
--theme-dark-primary-color-l: 63%;
}
body.themed.theme-system
header.s-topbar
.s-topbar--skip-link(href="#content") Skip to main content
.s-topbar--container.wmx9
a.s-topbar--logo(href="/")
img.s-avatar.s-avatar__32(src="/icon.png")
nav.s-topbar--navigation
ul.s-topbar--content
li.ps-relative
if !session.data.managedGuilds || session.data.managedGuilds.length === 0
a.s-btn.s-btn__icon.as-center(href="/oauth")
!= icons.Icons.IconDiscord
= ` Log in`
else if guild_id && session.data.managedGuilds.includes(guild_id) && discord.guilds.has(guild_id)
button.s-topbar--item.s-btn.s-btn__muted.s-user-card(popovertarget="guilds")
+guild(discord.guilds.get(guild_id))
else if session.data.managedGuilds
button.s-topbar--item.s-btn.s-btn__muted.s-btn__dropdown.pr24.s-user-card.s-label(popovertarget="guilds")
| Your servers
#guilds(popover data-popper-placement="bottom" style="display: revert; width: revert;").s-popover.overflow-visible
.s-popover--arrow.s-popover--arrow__tc
.s-popover--content.overflow-y-auto.overflow-x-hidden
ul.s-menu(role="menu")
each guild in (session.data.managedGuilds || []).map(id => discord.guilds.get(id)).filter(g => g)
li(role="menuitem")
a.s-topbar--item.s-user-card.d-flex.p4(href=`/guild?guild_id=${guild.id}`)
+guild(guild)
.mx-auto.w100.wmx9.py24#content
block body
script.
document.querySelectorAll("[popovertarget]").forEach(e => {
e.addEventListener("click", () => {
const rect = e.getBoundingClientRect()
const t = `:popover-open { position: absolute; top: ${Math.floor(rect.bottom)}px; left: ${Math.floor(rect.left + rect.width / 2)}px; width: ${Math.floor(rect.width)}px; transform: translateX(-50%); box-sizing: content-box; margin: 0 }`
// console.log(t)
document.styleSheets[0].insertRule(t)
})
})
script(src="/static/htmx.min.js")

32
src/web/pug/invite.pug Normal file
View file

@ -0,0 +1,32 @@
extends includes/template.pug
block body
if !isValid
.s-empty-state.wmx4.p48
!= icons.Spots.SpotAlertXL
p This QR code has expired.
p Refresh the guild management page to generate a new one.
else
- let guild = discord.guilds.get(guild_id)
.s-page-title.mb24
h1.s-page-title--header= guild.name
.d-flex.g16
.fl-grow1
h2.fs-headline1 Invite a Matrix user
form.d-flex.gy16.fd-column(method="post" action="/api/invite" style="grid-template-rows: repeat(2, auto)")
.d-flex.gy4.fd-column
label.s-label(for="mxid") Matrix ID
input.fl-grow1.s-input.wmx3#mxid(name="mxid" required placeholder="@user:example.org")
.d-flex.gy4.fd-column
label.s-label(for="permissions") Permissions
.s-select
select#permissions(name="permissions")
option(value="default") Default
option(value="moderator") Moderator
input(type="hidden" name="nonce" value=nonce)
div
button.s-btn.s-btn__filled.htmx-indicator Invite

6
src/web/pug/ok.pug Normal file
View file

@ -0,0 +1,6 @@
extends includes/template.pug
block body
.ta-center.wmx5.p48.mx-auto
!= icons.Spots.SpotApproveXL
p.mt24.fs-body2= msg

View file

@ -0,0 +1,23 @@
// @ts-check
const {z} = require("zod")
const {defineEventHandler, sendRedirect, useSession, createError, readValidatedBody} = require("h3")
const {as, db} = require("../../passthrough")
const {reg} = require("../../matrix/read-registration")
const schema = {
autocreate: z.object({
guild_id: z.string(),
autocreate: z.string().optional()
})
}
as.router.post("/api/autocreate", defineEventHandler(async event => {
const parsedBody = await readValidatedBody(event, schema.autocreate.parse)
const session = await useSession(event, {password: reg.as_token})
if (!(session.data.managedGuilds || []).includes(parsedBody.guild_id)) throw createError({status: 403, message: "Forbidden", data: "Can't change settings for a guild you don't have Manage Server permissions in"})
db.prepare("UPDATE guild_space SET autocreate = ? WHERE guild_id = ?").run(+!!parsedBody.autocreate, parsedBody.guild_id)
return sendRedirect(event, `/guild?guild_id=${parsedBody.guild_id}`, 302)
}))

99
src/web/routes/invite.js Normal file
View file

@ -0,0 +1,99 @@
// @ts-check
const assert = require("assert/strict")
const {z} = require("zod")
const {defineEventHandler, sendRedirect, useSession, createError, getValidatedQuery, readValidatedBody} = require("h3")
const {randomUUID} = require("crypto")
const {LRUCache} = require("lru-cache")
const {discord, as, sync, select} = require("../../passthrough")
/** @type {import("../pug-sync")} */
const pugSync = sync.require("../pug-sync")
const {reg} = require("../../matrix/read-registration")
/** @type {import("../../matrix/api")} */
const api = sync.require("../../matrix/api")
const schema = {
guild: z.object({
guild_id: z.string().optional()
}),
invite: z.object({
mxid: z.string().regex(/@([^:]+):([a-z0-9:-]+\.[a-z0-9.:-]+)/),
permissions: z.enum(["default", "moderator"]),
guild_id: z.string().optional(),
nonce: z.string().optional()
}),
inviteNonce: z.object({
nonce: z.string()
})
}
/** @type {LRUCache<string, string>} nonce to guild id */
const validNonce = new LRUCache({max: 200})
as.router.get("/guild", defineEventHandler(async event => {
const {guild_id} = await getValidatedQuery(event, schema.guild.parse)
const nonce = randomUUID()
if (guild_id) {
// Security note: the nonce alone is valid for updating the guild
// We have not verified the user has sufficient permissions in the guild at generation time
// These permissions are checked later during page rendering and the generated nonce is only revealed if the permissions are sufficient
validNonce.set(nonce, guild_id)
}
return pugSync.render(event, "guild.pug", {nonce})
}))
as.router.get("/invite", defineEventHandler(async event => {
const {nonce} = await getValidatedQuery(event, schema.inviteNonce.parse)
const isValid = validNonce.has(nonce)
const guild_id = validNonce.get(nonce)
const guild = discord.guilds.get(guild_id || "")
return pugSync.render(event, "invite.pug", {isValid, nonce, guild_id, guild})
}))
as.router.post("/api/invite", defineEventHandler(async event => {
const parsedBody = await readValidatedBody(event, schema.invite.parse)
const session = await useSession(event, {password: reg.as_token})
// Check guild ID or nonce
if (parsedBody.guild_id) {
var guild_id = parsedBody.guild_id
if (!(session.data.managedGuilds || []).includes(guild_id)) throw createError({status: 403, message: "Forbidden", data: "Can't invite users to a guild you don't have Manage Server permissions in"})
} else if (parsedBody.nonce) {
if (!validNonce.has(parsedBody.nonce)) throw createError({status: 403, message: "Nonce expired", data: "Nonce means number-used-once, and, well, you tried to use it twice..."})
let ok = validNonce.get(parsedBody.nonce)
assert(ok)
var guild_id = ok
validNonce.delete(parsedBody.nonce)
} else {
throw createError({status: 400, message: "Missing guild ID", data: "Passing a guild ID or a nonce is required."})
}
// Check guild is bridged
const spaceID = select("guild_space", "space_id", {guild_id: guild_id}).pluck().get()
if (!spaceID) throw createError({status: 428, message: "Server not bridged", data: "You can only invite Matrix users to servers that are bridged to Matrix."})
// Check for existing invite to the space
let spaceMember
try {
spaceMember = await api.getStateEvent(spaceID, "m.room.member", parsedBody.mxid)
} catch (e) {}
if (spaceMember && (spaceMember.membership === "invite" || spaceMember.membership === "join")) {
return sendRedirect(event, `/guild?guild_id=${guild_id}`, 302)
}
// Invite
await api.inviteToRoom(spaceID, parsedBody.mxid)
// Permissions
if (parsedBody.permissions === "moderator") {
await api.setUserPowerCascade(spaceID, parsedBody.mxid, 50)
}
if (parsedBody.guild_id) {
return sendRedirect(event, `/guild?guild_id=${guild_id}`, 302)
} else {
return sendRedirect(event, "/ok?msg=User has been invited.", 302)
}
}))

92
src/web/routes/oauth.js Normal file
View file

@ -0,0 +1,92 @@
// @ts-check
const {z} = require("zod")
const {randomUUID} = require("crypto")
const {defineEventHandler, getValidatedQuery, sendRedirect, getQuery, useSession, createError} = require("h3")
const {SnowTransfer} = require("snowtransfer")
const DiscordTypes = require("discord-api-types/v10")
const fetch = require("node-fetch")
const {as} = require("../../passthrough")
const {id} = require("../../../addbot")
const {reg} = require("../../matrix/read-registration")
const redirect_uri = `${reg.ooye.bridge_origin}/oauth`
const schema = {
first: z.object({
action: z.string().optional()
}),
code: z.object({
state: z.string(),
code: z.string(),
guild_id: z.string().optional()
}),
token: z.object({
token_type: z.string(),
access_token: z.string(),
expires_in: z.number({coerce: true}),
refresh_token: z.string(),
scope: z.string()
})
}
as.router.get("/oauth", defineEventHandler(async event => {
const session = await useSession(event, {password: reg.as_token})
let scope = "guilds"
const parsedFirstQuery = await getValidatedQuery(event, schema.first.safeParse)
if (parsedFirstQuery.data?.action === "add") {
scope = "bot+guilds"
await session.update({selfService: false})
} else if (parsedFirstQuery.data?.action === "add-self-service") {
scope = "bot+guilds"
await session.update({selfService: true})
}
async function tryAgain() {
const newState = randomUUID()
await session.update({state: newState})
return sendRedirect(event, `https://discord.com/oauth2/authorize?client_id=${id}&scope=${scope}&permissions=1610883072&response_type=code&redirect_uri=${redirect_uri}&state=${newState}`)
}
const parsedQuery = await getValidatedQuery(event, schema.code.safeParse)
if (!parsedQuery.success) return tryAgain()
const savedState = session.data.state
if (!savedState) throw createError({status: 400, message: "Missing state", data: "Missing saved state parameter. Please try again, and make sure you have cookies enabled."})
if (savedState != parsedQuery.data.state) return tryAgain()
const res = await fetch("https://discord.com/api/oauth2/token", {
method: "post",
body: new URLSearchParams({
grant_type: "authorization_code",
client_id: id,
client_secret: reg.ooye.discord_client_secret,
redirect_uri,
code: parsedQuery.data.code
})
})
const root = await res.json()
const parsedToken = schema.token.safeParse(root)
if (!res.ok || !parsedToken.success) {
throw createError({status: 502, message: "Invalid token response", data: `Discord completed OAuth, but returned this instead of an OAuth access token: ${JSON.stringify(root)}`})
}
const client = new SnowTransfer(`Bearer ${parsedToken.data.access_token}`)
try {
const guilds = await client.user.getGuilds()
const managedGuilds = guilds.filter(g => BigInt(g.permissions) & DiscordTypes.PermissionFlagsBits.ManageGuild).map(g => g.id)
await session.update({managedGuilds})
} catch (e) {
throw createError({status: 502, message: "API call failed", data: e.message})
}
if (parsedQuery.data.guild_id) {
// TODO: we probably need to create a matrix space and database entry immediately here so that self-service settings apply and so matrix users can be invited
return sendRedirect(event, `/guild?guild_id=${parsedQuery.data.guild_id}`, 302)
}
return sendRedirect(event, "/", 302)
}))

View file

@ -1,6 +1,62 @@
// @ts-check
const {sync, as} = require("../passthrough")
const fs = require("fs")
const {join} = require("path")
const h3 = require("h3")
const {defineEventHandler, defaultContentType, getRequestHeader, setResponseHeader, setResponseStatus, useSession, getQuery, handleCacheHeaders} = h3
const icons = require("@stackoverflow/stacks-icons")
const DiscordTypes = require("discord-api-types/v10")
const dUtils = require("../discord/utils")
const {sync, discord, as, select} = require("../passthrough")
/** @type {import("./pug-sync")} */
const pugSync = sync.require("./pug-sync")
const {id} = require("../../addbot")
// Pug
pugSync.addGlobals({id, h3, discord, select, DiscordTypes, dUtils, icons})
pugSync.createRoute(as.router, "/", "home.pug")
pugSync.createRoute(as.router, "/ok", "ok.pug")
// Routes
sync.require("./routes/download-matrix")
sync.require("./routes/download-discord")
sync.require("./routes/invite")
sync.require("./routes/guild-settings")
sync.require("./routes/oauth")
// Files
function compressResponse(event, response) {
if (!getRequestHeader(event, "accept-encoding")?.includes("gzip")) return
if (typeof response.body !== "string") return
/** @type {ReadableStream} */ // @ts-ignore
const stream = new Response(response.body).body
setResponseHeader(event, "content-encoding", "gzip")
response.body = stream.pipeThrough(new CompressionStream("gzip"))
}
as.router.get("/static/stacks.min.css", defineEventHandler({
onBeforeResponse: compressResponse,
handler: async event => {
handleCacheHeaders(event, {maxAge: 86400})
defaultContentType(event, "text/css")
return fs.promises.readFile(require.resolve("@stackoverflow/stacks/dist/css/stacks.css"), "utf-8")
}
}))
as.router.get("/static/htmx.min.js", defineEventHandler({
onBeforeResponse: compressResponse,
handler: async event => {
handleCacheHeaders(event, {maxAge: 86400})
defaultContentType(event, "text/javascript")
return fs.promises.readFile(join(__dirname, "static", "htmx.min.js"), "utf-8")
}
}))
as.router.get("/icon.png", defineEventHandler(event => {
handleCacheHeaders(event, {maxAge: 86400})
return fs.promises.readFile(join(__dirname, "../../docs/img/icon.png"))
}))

1
src/web/static/htmx.min.js vendored Normal file

File diff suppressed because one or more lines are too long