Migrate server to ESM

Sorry for the very big commit that may lead to git log issues and merge conflicts, but it's a major step forward: * Server can be faster at startup because imports() are async and we can easily lazy import big modules * Angular doesn't seem to support ES import (with .js extension), so we had to correctly organize peertube into a monorepo: * Use yarn workspace feature * Use typescript reference projects for dependencies * Shared projects have been moved into "packages", each one is now a node module (with a dedicated package.json/tsconfig.json) * server/tools have been moved into apps/ and is now a dedicated app bundled and published on NPM so users don't have to build peertube cli tools manually * server/tests have been moved into packages/ so we don't compile them every time we want to run the server * Use isolatedModule option: * Had to move from const enum to const (https://www.typescriptlang.org/docs/handbook/enums.html#objects-vs-enums) * Had to explictely specify "type" imports when used in decorators * Prefer tsx (that uses esbuild under the hood) instead of ts-node to load typescript files (tests with mocha or scripts): * To reduce test complexity as esbuild doesn't support decorator metadata, we only test server files that do not import server models * We still build tests files into js files for a faster CI * Remove unmaintained peertube CLI import script * Removed some barrels to speed up execution (less imports)
author: Chocobozzz <me@florianbigard.com> 2023-07-31 14:34:36 +0200
committer: Chocobozzz <me@florianbigard.com> 2023-08-11 15:02:33 +0200
commit: 3a4992633ee62d5edfbb484d9c6bcb3cf158489d (patch)
tree: e4510b39bdac9c318fdb4b47018d08f15368b8f0 /server/controllers/api/users/two-factor.ts
parent: 04d1da5621d25d59bd5fa1543b725c497bf5d9a8 (diff)
download: PeerTube-3a4992633ee62d5edfbb484d9c6bcb3cf158489d.tar.gz
PeerTube-3a4992633ee62d5edfbb484d9c6bcb3cf158489d.tar.zst
PeerTube-3a4992633ee62d5edfbb484d9c6bcb3cf158489d.zip
1 files changed, 0 insertions, 95 deletions
diff --git a/server/controllers/api/users/two-factor.ts b/server/controllers/api/users/two-factor.ts
deleted file mode 100644
index e6ae9e4dd..000000000
--- a/server/controllers/api/users/two-factor.ts
+++ /dev/null
@@ -1,95 +0,0 @@
-import express from 'express'
-import { generateOTPSecret, isOTPValid } from '@server/helpers/otp'
-import { encrypt } from '@server/helpers/peertube-crypto'
-import { CONFIG } from '@server/initializers/config'
-import { Redis } from '@server/lib/redis'
-import { asyncMiddleware, authenticate, usersCheckCurrentPasswordFactory } from '@server/middlewares'
-import {
-  confirmTwoFactorValidator,
-  disableTwoFactorValidator,
-  requestOrConfirmTwoFactorValidator
-} from '@server/middlewares/validators/two-factor'
-import { HttpStatusCode, TwoFactorEnableResult } from '@shared/models'
-const twoFactorRouter = express.Router()
-twoFactorRouter.post('/:id/two-factor/request',
-  authenticate,
-  asyncMiddleware(usersCheckCurrentPasswordFactory(req => req.params.id)),
-  asyncMiddleware(requestOrConfirmTwoFactorValidator),
-  asyncMiddleware(requestTwoFactor)
-)
-twoFactorRouter.post('/:id/two-factor/confirm-request',
-  authenticate,
-  asyncMiddleware(requestOrConfirmTwoFactorValidator),
-  confirmTwoFactorValidator,
-  asyncMiddleware(confirmRequestTwoFactor)
-)
-twoFactorRouter.post('/:id/two-factor/disable',
-  authenticate,
-  asyncMiddleware(usersCheckCurrentPasswordFactory(req => req.params.id)),
-  asyncMiddleware(disableTwoFactorValidator),
-  asyncMiddleware(disableTwoFactor)
-)
-// ---------------------------------------------------------------------------
-export {
-  twoFactorRouter
-}
-// ---------------------------------------------------------------------------
-async function requestTwoFactor (req: express.Request, res: express.Response) {
-  const user = res.locals.user
-  const { secret, uri } = generateOTPSecret(user.email)
-  const encryptedSecret = await encrypt(secret, CONFIG.SECRETS.PEERTUBE)
-  const requestToken = await Redis.Instance.setTwoFactorRequest(user.id, encryptedSecret)
-  return res.json({
-    otpRequest: {
-      requestToken,
-      secret,
-      uri
-    }
-  } as TwoFactorEnableResult)
-}
-async function confirmRequestTwoFactor (req: express.Request, res: express.Response) {
-  const requestToken = req.body.requestToken
-  const otpToken = req.body.otpToken
-  const user = res.locals.user
-  const encryptedSecret = await Redis.Instance.getTwoFactorRequestToken(user.id, requestToken)
-  if (!encryptedSecret) {
-    return res.fail({
-      message: 'Invalid request token',
-      status: HttpStatusCode.FORBIDDEN_403
-    })
-  }
-  if (await isOTPValid({ encryptedSecret, token: otpToken }) !== true) {
-    return res.fail({
-      message: 'Invalid OTP token',
-      status: HttpStatusCode.FORBIDDEN_403
-    })
-  }
-  user.otpSecret = encryptedSecret
-  await user.save()
-  return res.sendStatus(HttpStatusCode.NO_CONTENT_204)
-}
-async function disableTwoFactor (req: express.Request, res: express.Response) {
-  const user = res.locals.user
-  user.otpSecret = null
-  await user.save()
-  return res.sendStatus(HttpStatusCode.NO_CONTENT_204)
-}
author	Chocobozzz <me@florianbigard.com>	2023-07-31 14:34:36 +0200
committer	Chocobozzz <me@florianbigard.com>	2023-08-11 15:02:33 +0200
commit	3a4992633ee62d5edfbb484d9c6bcb3cf158489d (patch)
tree	e4510b39bdac9c318fdb4b47018d08f15368b8f0 /server/controllers/api/users/two-factor.ts
parent	04d1da5621d25d59bd5fa1543b725c497bf5d9a8 (diff)
download	PeerTube-3a4992633ee62d5edfbb484d9c6bcb3cf158489d.tar.gz PeerTube-3a4992633ee62d5edfbb484d9c6bcb3cf158489d.tar.zst PeerTube-3a4992633ee62d5edfbb484d9c6bcb3cf158489d.zip

diff --git a/server/controllers/api/users/two-factor.ts b/server/controllers/api/users/two-factor.ts deleted file mode 100644 index e6ae9e4dd..000000000 --- a/server/controllers/api/users/two-factor.ts +++ /dev/null
@@ -1,95 +0,0 @@
1	import express from 'express'
2	import { generateOTPSecret, isOTPValid } from '@server/helpers/otp'
3	import { encrypt } from '@server/helpers/peertube-crypto'
4	import { CONFIG } from '@server/initializers/config'
5	import { Redis } from '@server/lib/redis'
6	import { asyncMiddleware, authenticate, usersCheckCurrentPasswordFactory } from '@server/middlewares'
7	import {
8	confirmTwoFactorValidator,
9	disableTwoFactorValidator,
10	requestOrConfirmTwoFactorValidator
11	} from '@server/middlewares/validators/two-factor'
12	import { HttpStatusCode, TwoFactorEnableResult } from '@shared/models'
13
14	const twoFactorRouter = express.Router()
15
16	twoFactorRouter.post('/:id/two-factor/request',
17	authenticate,
18	asyncMiddleware(usersCheckCurrentPasswordFactory(req => req.params.id)),
19	asyncMiddleware(requestOrConfirmTwoFactorValidator),
20	asyncMiddleware(requestTwoFactor)
21	)
22
23	twoFactorRouter.post('/:id/two-factor/confirm-request',
24	authenticate,
25	asyncMiddleware(requestOrConfirmTwoFactorValidator),
26	confirmTwoFactorValidator,
27	asyncMiddleware(confirmRequestTwoFactor)
28	)
29
30	twoFactorRouter.post('/:id/two-factor/disable',
31	authenticate,
32	asyncMiddleware(usersCheckCurrentPasswordFactory(req => req.params.id)),
33	asyncMiddleware(disableTwoFactorValidator),
34	asyncMiddleware(disableTwoFactor)
35	)
36
37	// ---------------------------------------------------------------------------
38
39	export {
40	twoFactorRouter
41	}
42
43	// ---------------------------------------------------------------------------
44
45	async function requestTwoFactor (req: express.Request, res: express.Response) {
46	const user = res.locals.user
47
48	const { secret, uri } = generateOTPSecret(user.email)
49
50	const encryptedSecret = await encrypt(secret, CONFIG.SECRETS.PEERTUBE)
51	const requestToken = await Redis.Instance.setTwoFactorRequest(user.id, encryptedSecret)
52
53	return res.json({
54	otpRequest: {
55	requestToken,
56	secret,
57	uri
58	}
59	} as TwoFactorEnableResult)
60	}
61
62	async function confirmRequestTwoFactor (req: express.Request, res: express.Response) {
63	const requestToken = req.body.requestToken
64	const otpToken = req.body.otpToken
65	const user = res.locals.user
66
67	const encryptedSecret = await Redis.Instance.getTwoFactorRequestToken(user.id, requestToken)
68	if (!encryptedSecret) {
69	return res.fail({
70	message: 'Invalid request token',
71	status: HttpStatusCode.FORBIDDEN_403
72	})
73	}
74
75	if (await isOTPValid({ encryptedSecret, token: otpToken }) !== true) {
76	return res.fail({
77	message: 'Invalid OTP token',
78	status: HttpStatusCode.FORBIDDEN_403
79	})
80	}
81
82	user.otpSecret = encryptedSecret
83	await user.save()
84
85	return res.sendStatus(HttpStatusCode.NO_CONTENT_204)
86	}
87
88	async function disableTwoFactor (req: express.Request, res: express.Response) {
89	const user = res.locals.user
90
91	user.otpSecret = null
92	await user.save()
93
94	return res.sendStatus(HttpStatusCode.NO_CONTENT_204)
95	}