X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fcontrollers%2Fstatic.ts;h=9baff94c0f0295edf2076e9255abe5d55517b2d1;hb=6a4905602636afd6650c9e6f4d0fcc2105d91100;hp=912d7e36c8265b804e1d928ea83187ee33fb1891;hpb=c4fa01f7c45b66b112ebd08abce744b7c4041feb;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/controllers/static.ts b/server/controllers/static.ts index 912d7e36c..9baff94c0 100644 --- a/server/controllers/static.ts +++ b/server/controllers/static.ts @@ -1,151 +1,83 @@ -import * as cors from 'cors' -import * as express from 'express' +import cors from 'cors' +import express from 'express' +import { readFile } from 'fs-extra' import { join } from 'path' -import { serveIndexHTML } from '@server/lib/client-html' -import { ServerConfigManager } from '@server/lib/server-config-manager' -import { HttpStatusCode } from '@shared/models' -import { HttpNodeinfoDiasporaSoftwareNsSchema20 } from '../../shared/models/nodeinfo/nodeinfo.model' -import { root } from '../helpers/core-utils' -import { CONFIG, isEmailEnabled } from '../initializers/config' +import { injectQueryToPlaylistUrls } from '@server/lib/hls' import { - CONSTRAINTS_FIELDS, - DEFAULT_THEME_NAME, - HLS_STREAMING_PLAYLIST_DIRECTORY, - PEERTUBE_VERSION, - ROUTE_CACHE_LIFETIME, - STATIC_MAX_AGE, - STATIC_PATHS, - WEBSERVER -} from '../initializers/constants' -import { getThemeOrDefault } from '../lib/plugins/theme-utils' -import { asyncMiddleware } from '../middlewares' -import { cacheRoute } from '../middlewares/cache/cache' -import { UserModel } from '../models/user/user' -import { VideoModel } from '../models/video/video' -import { VideoCommentModel } from '../models/video/video-comment' + asyncMiddleware, + ensureCanAccessPrivateVideoHLSFiles, + ensureCanAccessVideoPrivateWebTorrentFiles, + handleStaticError, + optionalAuthenticate +} from '@server/middlewares' +import { HttpStatusCode } from '@shared/models' +import { CONFIG } from '../initializers/config' +import { DIRECTORIES, STATIC_MAX_AGE, STATIC_PATHS } from '../initializers/constants' +import { buildReinjectVideoFileTokenQuery, doReinjectVideoFileToken } from './shared/m3u8-playlist' const staticRouter = express.Router() +// Cors is very important to let other servers access torrent and video files staticRouter.use(cors()) -/* - Cors is very important to let other servers access torrent and video files -*/ +// --------------------------------------------------------------------------- +// WebTorrent/Classic videos +// --------------------------------------------------------------------------- + +const privateWebTorrentStaticMiddlewares = CONFIG.STATIC_FILES.PRIVATE_FILES_REQUIRE_AUTH === true + ? [ optionalAuthenticate, asyncMiddleware(ensureCanAccessVideoPrivateWebTorrentFiles) ] + : [] -// FIXME: deprecated in 3.2, use lazy-statics instead -// Due to historical reasons, we can't really remove this controller -const torrentsPhysicalPath = CONFIG.STORAGE.TORRENTS_DIR staticRouter.use( - STATIC_PATHS.TORRENTS, - express.static(torrentsPhysicalPath, { maxAge: 0 }) // Don't cache because we could regenerate the torrent file + STATIC_PATHS.PRIVATE_WEBSEED, + ...privateWebTorrentStaticMiddlewares, + express.static(DIRECTORIES.VIDEOS.PRIVATE, { fallthrough: false }), + handleStaticError ) - -// Videos path for webseed staticRouter.use( STATIC_PATHS.WEBSEED, - express.static(CONFIG.STORAGE.VIDEOS_DIR, { fallthrough: false }) // 404 because we don't have this video + express.static(DIRECTORIES.VIDEOS.PUBLIC, { fallthrough: false }), + handleStaticError ) + staticRouter.use( STATIC_PATHS.REDUNDANCY, - express.static(CONFIG.STORAGE.REDUNDANCY_DIR, { fallthrough: false }) // 404 because we don't have this video + express.static(CONFIG.STORAGE.REDUNDANCY_DIR, { fallthrough: false }), + handleStaticError ) +// --------------------------------------------------------------------------- // HLS +// --------------------------------------------------------------------------- + +const privateHLSStaticMiddlewares = CONFIG.STATIC_FILES.PRIVATE_FILES_REQUIRE_AUTH === true + ? [ optionalAuthenticate, asyncMiddleware(ensureCanAccessPrivateVideoHLSFiles) ] + : [] + +staticRouter.use( + STATIC_PATHS.STREAMING_PLAYLISTS.PRIVATE_HLS + ':videoUUID/:playlistName.m3u8', + ...privateHLSStaticMiddlewares, + asyncMiddleware(servePrivateM3U8) +) + +staticRouter.use( + STATIC_PATHS.STREAMING_PLAYLISTS.PRIVATE_HLS, + ...privateHLSStaticMiddlewares, + express.static(DIRECTORIES.HLS_STREAMING_PLAYLIST.PRIVATE, { fallthrough: false }), + handleStaticError +) staticRouter.use( STATIC_PATHS.STREAMING_PLAYLISTS.HLS, - cors(), - express.static(HLS_STREAMING_PLAYLIST_DIRECTORY, { fallthrough: false }) // 404 if the file does not exist + express.static(DIRECTORIES.HLS_STREAMING_PLAYLIST.PUBLIC, { fallthrough: false }), + handleStaticError ) // Thumbnails path for express const thumbnailsPhysicalPath = CONFIG.STORAGE.THUMBNAILS_DIR staticRouter.use( STATIC_PATHS.THUMBNAILS, - express.static(thumbnailsPhysicalPath, { maxAge: STATIC_MAX_AGE.SERVER, fallthrough: false }) // 404 if the file does not exist -) - -// robots.txt service -staticRouter.get('/robots.txt', - cacheRoute(ROUTE_CACHE_LIFETIME.ROBOTS), - (_, res: express.Response) => { - res.type('text/plain') - return res.send(CONFIG.INSTANCE.ROBOTS) - } -) - -staticRouter.all('/teapot', - getCup, - asyncMiddleware(serveIndexHTML) -) - -// security.txt service -staticRouter.get('/security.txt', - (_, res: express.Response) => { - return res.redirect(HttpStatusCode.MOVED_PERMANENTLY_301, '/.well-known/security.txt') - } -) - -staticRouter.get('/.well-known/security.txt', - cacheRoute(ROUTE_CACHE_LIFETIME.SECURITYTXT), - (_, res: express.Response) => { - res.type('text/plain') - return res.send(CONFIG.INSTANCE.SECURITYTXT + CONFIG.INSTANCE.SECURITYTXT_CONTACT) - } -) - -// nodeinfo service -staticRouter.use('/.well-known/nodeinfo', - cacheRoute(ROUTE_CACHE_LIFETIME.NODEINFO), - (_, res: express.Response) => { - return res.json({ - links: [ - { - rel: 'http://nodeinfo.diaspora.software/ns/schema/2.0', - href: WEBSERVER.URL + '/nodeinfo/2.0.json' - } - ] - }) - } -) -staticRouter.use('/nodeinfo/:version.json', - cacheRoute(ROUTE_CACHE_LIFETIME.NODEINFO), - asyncMiddleware(generateNodeinfo) -) - -// dnt-policy.txt service (see https://www.eff.org/dnt-policy) -staticRouter.use('/.well-known/dnt-policy.txt', - cacheRoute(ROUTE_CACHE_LIFETIME.DNT_POLICY), - (_, res: express.Response) => { - res.type('text/plain') - - return res.sendFile(join(root(), 'dist/server/static/dnt-policy/dnt-policy-1.0.txt')) - } -) - -// dnt service (see https://www.w3.org/TR/tracking-dnt/#status-resource) -staticRouter.use('/.well-known/dnt/', - (_, res: express.Response) => { - res.json({ tracking: 'N' }) - } -) - -staticRouter.use('/.well-known/change-password', - (_, res: express.Response) => { - res.redirect('/my-account/settings') - } -) - -staticRouter.use('/.well-known/host-meta', - (_, res: express.Response) => { - res.type('application/xml') - - const xml = '\n' + - '\n' + - ` \n` + - '' - - res.send(xml).end() - } + express.static(thumbnailsPhysicalPath, { maxAge: STATIC_MAX_AGE.SERVER, fallthrough: false }), + handleStaticError ) // --------------------------------------------------------------------------- @@ -156,155 +88,29 @@ export { // --------------------------------------------------------------------------- -async function generateNodeinfo (req: express.Request, res: express.Response) { - const { totalVideos } = await VideoModel.getStats() - const { totalLocalVideoComments } = await VideoCommentModel.getStats() - const { totalUsers, totalMonthlyActiveUsers, totalHalfYearActiveUsers } = await UserModel.getStats() +async function servePrivateM3U8 (req: express.Request, res: express.Response) { + const path = join(DIRECTORIES.HLS_STREAMING_PLAYLIST.PRIVATE, req.params.videoUUID, req.params.playlistName + '.m3u8') + const filename = req.params.playlistName + '.m3u8' - if (!req.params.version || req.params.version !== '2.0') { - return res.fail({ - status: HttpStatusCode.NOT_FOUND_404, - message: 'Nodeinfo schema version not handled' - }) - } + let playlistContent: string - const json = { - version: '2.0', - software: { - name: 'peertube', - version: PEERTUBE_VERSION - }, - protocols: [ - 'activitypub' - ], - services: { - inbound: [], - outbound: [ - 'atom1.0', - 'rss2.0' - ] - }, - openRegistrations: CONFIG.SIGNUP.ENABLED, - usage: { - users: { - total: totalUsers, - activeMonth: totalMonthlyActiveUsers, - activeHalfyear: totalHalfYearActiveUsers - }, - localPosts: totalVideos, - localComments: totalLocalVideoComments - }, - metadata: { - taxonomy: { - postsName: 'Videos' - }, - nodeName: CONFIG.INSTANCE.NAME, - nodeDescription: CONFIG.INSTANCE.SHORT_DESCRIPTION, - nodeConfig: { - search: { - remoteUri: { - users: CONFIG.SEARCH.REMOTE_URI.USERS, - anonymous: CONFIG.SEARCH.REMOTE_URI.ANONYMOUS - } - }, - plugin: { - registered: ServerConfigManager.Instance.getRegisteredPlugins() - }, - theme: { - registered: ServerConfigManager.Instance.getRegisteredThemes(), - default: getThemeOrDefault(CONFIG.THEME.DEFAULT, DEFAULT_THEME_NAME) - }, - email: { - enabled: isEmailEnabled() - }, - contactForm: { - enabled: CONFIG.CONTACT_FORM.ENABLED - }, - transcoding: { - hls: { - enabled: CONFIG.TRANSCODING.HLS.ENABLED - }, - webtorrent: { - enabled: CONFIG.TRANSCODING.WEBTORRENT.ENABLED - }, - enabledResolutions: ServerConfigManager.Instance.getEnabledResolutions('vod') - }, - live: { - enabled: CONFIG.LIVE.ENABLED, - transcoding: { - enabled: CONFIG.LIVE.TRANSCODING.ENABLED, - enabledResolutions: ServerConfigManager.Instance.getEnabledResolutions('live') - } - }, - import: { - videos: { - http: { - enabled: CONFIG.IMPORT.VIDEOS.HTTP.ENABLED - }, - torrent: { - enabled: CONFIG.IMPORT.VIDEOS.TORRENT.ENABLED - } - } - }, - autoBlacklist: { - videos: { - ofUsers: { - enabled: CONFIG.AUTO_BLACKLIST.VIDEOS.OF_USERS.ENABLED - } - } - }, - avatar: { - file: { - size: { - max: CONSTRAINTS_FIELDS.ACTORS.IMAGE.FILE_SIZE.max - }, - extensions: CONSTRAINTS_FIELDS.ACTORS.IMAGE.EXTNAME - } - }, - video: { - image: { - extensions: CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME, - size: { - max: CONSTRAINTS_FIELDS.VIDEOS.IMAGE.FILE_SIZE.max - } - }, - file: { - extensions: CONSTRAINTS_FIELDS.VIDEOS.EXTNAME - } - }, - videoCaption: { - file: { - size: { - max: CONSTRAINTS_FIELDS.VIDEO_CAPTIONS.CAPTION_FILE.FILE_SIZE.max - }, - extensions: CONSTRAINTS_FIELDS.VIDEO_CAPTIONS.CAPTION_FILE.EXTNAME - } - }, - user: { - videoQuota: CONFIG.USER.VIDEO_QUOTA, - videoQuotaDaily: CONFIG.USER.VIDEO_QUOTA_DAILY - }, - trending: { - videos: { - intervalDays: CONFIG.TRENDING.VIDEOS.INTERVAL_DAYS - } - }, - tracker: { - enabled: CONFIG.TRACKER.ENABLED - } - } + try { + playlistContent = await readFile(path, 'utf-8') + } catch (err) { + if (err.message.includes('ENOENT')) { + return res.fail({ + status: HttpStatusCode.NOT_FOUND_404, + message: 'File not found' + }) } - } as HttpNodeinfoDiasporaSoftwareNsSchema20 - res.contentType('application/json; profile="http://nodeinfo.diaspora.software/ns/schema/2.0#"') - .send(json) - .end() -} + throw err + } -function getCup (req: express.Request, res: express.Response, next: express.NextFunction) { - res.status(HttpStatusCode.I_AM_A_TEAPOT_418) - res.setHeader('Accept-Additions', 'Non-Dairy;1,Sugar;1') - res.setHeader('Safe', 'if-sepia-awake') + // Inject token in playlist so players that cannot alter the HTTP request can still watch the video + const transformedContent = doReinjectVideoFileToken(req) + ? injectQueryToPlaylistUrls(playlistContent, buildReinjectVideoFileTokenQuery(req, filename.endsWith('master.m3u8'))) + : playlistContent - return next() + return res.set('content-type', 'application/vnd.apple.mpegurl').send(transformedContent).end() }