api.js 7.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287
  1. import config from "config";
  2. import async from "async";
  3. import crypto from "crypto";
  4. import CoreClass from "../core";
  5. import { hasPermission } from "./hooks/hasPermission";
  6. let AppModule;
  7. let DBModule;
  8. let PlaylistsModule;
  9. let UtilsModule;
  10. let PunishmentsModule;
  11. let CacheModule;
  12. let NotificationsModule;
  13. class _APIModule extends CoreClass {
  14. // eslint-disable-next-line require-jsdoc
  15. constructor() {
  16. super("api");
  17. }
  18. /**
  19. * Initialises the api module
  20. * @returns {Promise} - returns promise (reject, resolve)
  21. */
  22. initialize() {
  23. return new Promise((resolve, reject) => {
  24. AppModule = this.moduleManager.modules.app;
  25. DBModule = this.moduleManager.modules.db;
  26. PlaylistsModule = this.moduleManager.modules.playlists;
  27. UtilsModule = this.moduleManager.modules.utils;
  28. PunishmentsModule = this.moduleManager.modules.punishments;
  29. CacheModule = this.moduleManager.modules.cache;
  30. NotificationsModule = this.moduleManager.modules.notifications;
  31. const SIDname = config.get("cookie");
  32. const isLoggedIn = (req, res, next) => {
  33. let SID;
  34. async.waterfall(
  35. [
  36. next => {
  37. UtilsModule.runJob("PARSE_COOKIES", {
  38. cookieString: req.headers.cookie
  39. })
  40. .then(res => {
  41. SID = res[SIDname];
  42. next(null);
  43. })
  44. .catch(next);
  45. },
  46. next => {
  47. if (!SID) return next("No SID.");
  48. return next();
  49. },
  50. next => {
  51. CacheModule.runJob("HGET", { table: "sessions", key: SID }).then(session =>
  52. next(null, session)
  53. );
  54. },
  55. (session, next) => {
  56. if (!session) return next("No session found.");
  57. session.refreshDate = Date.now();
  58. req.session = session;
  59. return CacheModule.runJob("HSET", {
  60. table: "sessions",
  61. key: SID,
  62. value: session
  63. }).then(session => {
  64. next(null, session);
  65. });
  66. },
  67. (res, next) => {
  68. // check if a session's user / IP is banned
  69. PunishmentsModule.runJob("GET_PUNISHMENTS", {})
  70. .then(punishments => {
  71. const isLoggedIn = !!(req.session && req.session.refreshDate);
  72. const userId = isLoggedIn ? req.session.userId : null;
  73. const banishment = { banned: false, ban: 0 };
  74. punishments.forEach(punishment => {
  75. if (punishment.expiresAt > banishment.ban) banishment.ban = punishment;
  76. if (
  77. punishment.type === "banUserId" &&
  78. isLoggedIn &&
  79. punishment.value === userId
  80. )
  81. banishment.banned = true;
  82. if (punishment.type === "banUserIp" && punishment.value === req.ip)
  83. banishment.banned = true;
  84. });
  85. req.banishment = banishment;
  86. next();
  87. })
  88. .catch(() => {
  89. next();
  90. });
  91. }
  92. ],
  93. err => {
  94. if (err) return res.json({ status: "error", message: "You are not logged in" });
  95. return next();
  96. }
  97. );
  98. };
  99. AppModule.runJob("GET_APP", {})
  100. .then(response => {
  101. response.app.get("/", (req, res) => {
  102. res.json({
  103. status: "success",
  104. message: "Coming Soon"
  105. });
  106. });
  107. response.app.get("/export/playlist/:playlistId", async (req, res) => {
  108. const { playlistId } = req.params;
  109. PlaylistsModule.runJob("GET_PLAYLIST", { playlistId })
  110. .then(playlist => {
  111. if (!playlist) res.json({ status: "error", message: "Playlist not found." });
  112. else if (playlist.privacy === "public") res.json({ status: "success", playlist });
  113. else
  114. isLoggedIn(req, res, () => {
  115. if (playlist.createdBy === req.session.userId)
  116. res.json({ status: "success", playlist });
  117. else
  118. hasPermission("playlists.get", req.session.userId)
  119. .then(() => res.json({ status: "success", playlist }))
  120. .catch(() =>
  121. res.json({
  122. status: "error",
  123. message: "You're not allowed to download this playlist."
  124. })
  125. );
  126. });
  127. })
  128. .catch(err => {
  129. res.json({ status: "error", message: err.message });
  130. });
  131. });
  132. if (config.get("debug.stationIssue")) {
  133. response.app.get("/debug_station", async (req, res) => {
  134. const responseObject = {};
  135. const stationModel = await DBModule.runJob("GET_MODEL", {
  136. modelName: "station"
  137. });
  138. async.waterfall(
  139. [
  140. next => {
  141. stationModel.find({}, next);
  142. },
  143. (stations, next) => {
  144. responseObject.mongo = {
  145. stations
  146. };
  147. next();
  148. },
  149. next => {
  150. CacheModule.runJob("HGETALL", { table: "stations" })
  151. .then(stations => {
  152. next(null, stations);
  153. })
  154. .catch(err => {
  155. console.log(err);
  156. next(err);
  157. });
  158. },
  159. (stations, next) => {
  160. responseObject.redis = {
  161. stations
  162. };
  163. next();
  164. },
  165. next => {
  166. responseObject.cryptoExamples = {};
  167. responseObject.mongo.stations.forEach(station => {
  168. const payloadName = `stations.nextSong?id=${station._id}`;
  169. responseObject.cryptoExamples[station._id] = crypto
  170. .createHash("md5")
  171. .update(`_notification:${payloadName}_`)
  172. .digest("hex");
  173. });
  174. next();
  175. },
  176. next => {
  177. NotificationsModule.pub
  178. .KEYS("*")
  179. .then(redisKeys => next(null, redisKeys))
  180. .catch(next);
  181. },
  182. (redisKeys, next) => {
  183. responseObject.redis = {
  184. ...redisKeys,
  185. ttl: {}
  186. };
  187. async.eachLimit(
  188. redisKeys,
  189. 1,
  190. (redisKey, next) => {
  191. NotificationsModule.pub
  192. .TTL(redisKey)
  193. .then(ttl => {
  194. responseObject.redis.ttl[redisKey] = ttl;
  195. next();
  196. })
  197. .catch(next);
  198. },
  199. next
  200. );
  201. },
  202. next => {
  203. responseObject.debugLogs = this.moduleManager.debugLogs.stationIssue;
  204. next();
  205. },
  206. next => {
  207. responseObject.debugJobs = this.moduleManager.debugJobs;
  208. next();
  209. }
  210. ],
  211. err => {
  212. if (err) {
  213. console.log(err);
  214. return res.json({
  215. error: err,
  216. objectSoFar: responseObject
  217. });
  218. }
  219. const responseJson = JSON.stringify(responseObject, (key, value) => {
  220. if (
  221. key === "module" ||
  222. key === "task" ||
  223. key === "onFinish" ||
  224. key === "server" ||
  225. key === "nsp" ||
  226. key === "socket" ||
  227. key === "res" ||
  228. key === "client" ||
  229. key === "_idleNext" ||
  230. key === "_idlePrev"
  231. ) {
  232. return undefined;
  233. }
  234. if (key === "parentJob" && value) return value.toString();
  235. return value;
  236. });
  237. return res.end(responseJson);
  238. }
  239. );
  240. });
  241. }
  242. resolve();
  243. })
  244. .catch(err => {
  245. reject(err);
  246. });
  247. });
  248. }
  249. }
  250. export default new _APIModule();