Migrate server to ESM

Sorry for the very big commit that may lead to git log issues and merge conflicts, but it's a major step forward: * Server can be faster at startup because imports() are async and we can easily lazy import big modules * Angular doesn't seem to support ES import (with .js extension), so we had to correctly organize peertube into a monorepo: * Use yarn workspace feature * Use typescript reference projects for dependencies * Shared projects have been moved into "packages", each one is now a node module (with a dedicated package.json/tsconfig.json) * server/tools have been moved into apps/ and is now a dedicated app bundled and published on NPM so users don't have to build peertube cli tools manually * server/tests have been moved into packages/ so we don't compile them every time we want to run the server * Use isolatedModule option: * Had to move from const enum to const (https://www.typescriptlang.org/docs/handbook/enums.html#objects-vs-enums) * Had to explictely specify "type" imports when used in decorators * Prefer tsx (that uses esbuild under the hood) instead of ts-node to load typescript files (tests with mocha or scripts): * To reduce test complexity as esbuild doesn't support decorator metadata, we only test server files that do not import server models * We still build tests files into js files for a faster CI * Remove unmaintained peertube CLI import script * Removed some barrels to speed up execution (less imports)
author: Chocobozzz <me@florianbigard.com> 2023-07-31 14:34:36 +0200
committer: Chocobozzz <me@florianbigard.com> 2023-08-11 15:02:33 +0200
commit: 3a4992633ee62d5edfbb484d9c6bcb3cf158489d (patch)
tree: e4510b39bdac9c318fdb4b47018d08f15368b8f0 /server/middlewares/auth.ts
parent: 04d1da5621d25d59bd5fa1543b725c497bf5d9a8 (diff)
download: PeerTube-3a4992633ee62d5edfbb484d9c6bcb3cf158489d.tar.gz
PeerTube-3a4992633ee62d5edfbb484d9c6bcb3cf158489d.tar.zst
PeerTube-3a4992633ee62d5edfbb484d9c6bcb3cf158489d.zip
1 files changed, 0 insertions, 113 deletions
diff --git a/server/middlewares/auth.ts b/server/middlewares/auth.ts
deleted file mode 100644
index 39a7b2998..000000000
--- a/server/middlewares/auth.ts
+++ /dev/null
@@ -1,113 +0,0 @@
-import express from 'express'
-import { Socket } from 'socket.io'
-import { getAccessToken } from '@server/lib/auth/oauth-model'
-import { RunnerModel } from '@server/models/runner/runner'
-import { HttpStatusCode } from '../../shared/models/http/http-error-codes'
-import { logger } from '../helpers/logger'
-import { handleOAuthAuthenticate } from '../lib/auth/oauth'
-import { ServerErrorCode } from '@shared/models'
-function authenticate (req: express.Request, res: express.Response, next: express.NextFunction) {
-  handleOAuthAuthenticate(req, res)
-    .then((token: any) => {
-      res.locals.oauth = { token }
-      res.locals.authenticated = true
-      return next()
-    })
-    .catch(err => {
-      logger.info('Cannot authenticate.', { err })
-      return res.fail({
-        status: err.status,
-        message: 'Token is invalid',
-        type: err.name
-      })
-    })
-}
-function authenticateSocket (socket: Socket, next: (err?: any) => void) {
-  const accessToken = socket.handshake.query['accessToken']
-  logger.debug('Checking access token in runner.')
-  if (!accessToken) return next(new Error('No access token provided'))
-  if (typeof accessToken !== 'string') return next(new Error('Access token is invalid'))
-  getAccessToken(accessToken)
-    .then(tokenDB => {
-      const now = new Date()
-      if (!tokenDB || tokenDB.accessTokenExpiresAt < now || tokenDB.refreshTokenExpiresAt < now) {
-        return next(new Error('Invalid access token.'))
-      }
-      socket.handshake.auth.user = tokenDB.User
-      return next()
-    })
-    .catch(err => logger.error('Cannot get access token.', { err }))
-}
-function authenticatePromise (options: {
-  req: express.Request
-  res: express.Response
-  errorMessage?: string
-  errorStatus?: HttpStatusCode
-  errorType?: ServerErrorCode
-}) {
-  const { req, res, errorMessage = 'Not authenticated', errorStatus = HttpStatusCode.UNAUTHORIZED_401, errorType } = options
-  return new Promise<void>(resolve => {
-    // Already authenticated? (or tried to)
-    if (res.locals.oauth?.token.User) return resolve()
-    if (res.locals.authenticated === false) {
-      return res.fail({
-        status: errorStatus,
-        type: errorType,
-        message: errorMessage
-      })
-    }
-    authenticate(req, res, () => resolve())
-  })
-}
-function optionalAuthenticate (req: express.Request, res: express.Response, next: express.NextFunction) {
-  if (req.header('authorization')) return authenticate(req, res, next)
-  res.locals.authenticated = false
-  return next()
-}
-// ---------------------------------------------------------------------------
-function authenticateRunnerSocket (socket: Socket, next: (err?: any) => void) {
-  const runnerToken = socket.handshake.auth['runnerToken']
-  logger.debug('Checking runner token in socket.')
-  if (!runnerToken) return next(new Error('No runner token provided'))
-  if (typeof runnerToken !== 'string') return next(new Error('Runner token is invalid'))
-  RunnerModel.loadByToken(runnerToken)
-    .then(runner => {
-      if (!runner) return next(new Error('Invalid runner token.'))
-      socket.handshake.auth.runner = runner
-      return next()
-    })
-    .catch(err => logger.error('Cannot get runner token.', { err }))
-}
-// ---------------------------------------------------------------------------
-export {
-  authenticate,
-  authenticateSocket,
-  authenticatePromise,
-  optionalAuthenticate,
-  authenticateRunnerSocket
-}
author	Chocobozzz <me@florianbigard.com>	2023-07-31 14:34:36 +0200
committer	Chocobozzz <me@florianbigard.com>	2023-08-11 15:02:33 +0200
commit	3a4992633ee62d5edfbb484d9c6bcb3cf158489d (patch)
tree	e4510b39bdac9c318fdb4b47018d08f15368b8f0 /server/middlewares/auth.ts
parent	04d1da5621d25d59bd5fa1543b725c497bf5d9a8 (diff)
download	PeerTube-3a4992633ee62d5edfbb484d9c6bcb3cf158489d.tar.gz PeerTube-3a4992633ee62d5edfbb484d9c6bcb3cf158489d.tar.zst PeerTube-3a4992633ee62d5edfbb484d9c6bcb3cf158489d.zip

diff --git a/server/middlewares/auth.ts b/server/middlewares/auth.ts deleted file mode 100644 index 39a7b2998..000000000 --- a/server/middlewares/auth.ts +++ /dev/null
@@ -1,113 +0,0 @@
1	import express from 'express'
2	import { Socket } from 'socket.io'
3	import { getAccessToken } from '@server/lib/auth/oauth-model'
4	import { RunnerModel } from '@server/models/runner/runner'
5	import { HttpStatusCode } from '../../shared/models/http/http-error-codes'
6	import { logger } from '../helpers/logger'
7	import { handleOAuthAuthenticate } from '../lib/auth/oauth'
8	import { ServerErrorCode } from '@shared/models'
9
10	function authenticate (req: express.Request, res: express.Response, next: express.NextFunction) {
11	handleOAuthAuthenticate(req, res)
12	.then((token: any) => {
13	res.locals.oauth = { token }
14	res.locals.authenticated = true
15
16	return next()
17	})
18	.catch(err => {
19	logger.info('Cannot authenticate.', { err })
20
21	return res.fail({
22	status: err.status,
23	message: 'Token is invalid',
24	type: err.name
25	})
26	})
27	}
28
29	function authenticateSocket (socket: Socket, next: (err?: any) => void) {
30	const accessToken = socket.handshake.query['accessToken']
31
32	logger.debug('Checking access token in runner.')
33
34	if (!accessToken) return next(new Error('No access token provided'))
35	if (typeof accessToken !== 'string') return next(new Error('Access token is invalid'))
36
37	getAccessToken(accessToken)
38	.then(tokenDB => {
39	const now = new Date()
40
41	if (!tokenDB \|\| tokenDB.accessTokenExpiresAt < now \|\| tokenDB.refreshTokenExpiresAt < now) {
42	return next(new Error('Invalid access token.'))
43	}
44
45	socket.handshake.auth.user = tokenDB.User
46
47	return next()
48	})
49	.catch(err => logger.error('Cannot get access token.', { err }))
50	}
51
52	function authenticatePromise (options: {
53	req: express.Request
54	res: express.Response
55	errorMessage?: string
56	errorStatus?: HttpStatusCode
57	errorType?: ServerErrorCode
58	}) {
59	const { req, res, errorMessage = 'Not authenticated', errorStatus = HttpStatusCode.UNAUTHORIZED_401, errorType } = options
60	return new Promise<void>(resolve => {
61	// Already authenticated? (or tried to)
62	if (res.locals.oauth?.token.User) return resolve()
63
64	if (res.locals.authenticated === false) {
65	return res.fail({
66	status: errorStatus,
67	type: errorType,
68	message: errorMessage
69	})
70	}
71
72	authenticate(req, res, () => resolve())
73	})
74	}
75
76	function optionalAuthenticate (req: express.Request, res: express.Response, next: express.NextFunction) {
77	if (req.header('authorization')) return authenticate(req, res, next)
78
79	res.locals.authenticated = false
80
81	return next()
82	}
83
84	// ---------------------------------------------------------------------------
85
86	function authenticateRunnerSocket (socket: Socket, next: (err?: any) => void) {
87	const runnerToken = socket.handshake.auth['runnerToken']
88
89	logger.debug('Checking runner token in socket.')
90
91	if (!runnerToken) return next(new Error('No runner token provided'))
92	if (typeof runnerToken !== 'string') return next(new Error('Runner token is invalid'))
93
94	RunnerModel.loadByToken(runnerToken)
95	.then(runner => {
96	if (!runner) return next(new Error('Invalid runner token.'))
97
98	socket.handshake.auth.runner = runner
99
100	return next()
101	})
102	.catch(err => logger.error('Cannot get runner token.', { err }))
103	}
104
105	// ---------------------------------------------------------------------------
106
107	export {
108	authenticate,
109	authenticateSocket,
110	authenticatePromise,
111	optionalAuthenticate,
112	authenticateRunnerSocket
113	}